![](/screenshots/b53799de-833f-419a-b967-12dfa7393a54.png)
www2.3harmfulfoods.com
Open in
urlscan Pro
2606:4700:4400::ac40:98cd
Public Scan
Effective URL: https://www2.3harmfulfoods.com/fst/d_db_biox4_vslstart_ozempic_231031/?business_unit=a00f400000jv554aad&utm_campaign=nuc-db-bio...
Submission: On February 13 via api from US — Scanned from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 4th 2023. Valid for: a year.
This is the only time www2.3harmfulfoods.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN25697 (UPCLOUDUSA, US)
PTR: 95-111-213-102.us-sjo1.upcloud.host
group.medicalvitalhealth.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 100.147.102.34.bc.googleusercontent.com
www.iz8qatrk.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.202.107.34.bc.googleusercontent.com
www.lutrkng.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-239-168-87.bos50.r.cloudfront.net
static-na.payments-amazon.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-129-82.compute-1.amazonaws.com
payments.amazon.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-131.deploy.static.akamaitechnologies.com
players.brightcove.net |
ASN13335 (CLOUDFLARENET, US)
cdn.ultimatedogfoodguide.com |
ASN54113 (FASTLY, US)
edge.api.brightcove.com | |
manifest.prod.boltdns.net |
ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com
metrics.brightcove.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-255-61.mia3.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-26.deploy.static.akamaitechnologies.com
bcboltgoldenh-a.akamaihd.net |
Domain | Requested by | |
---|---|---|
20 | www2.3harmfulfoods.com |
2 redirects
www2.3harmfulfoods.com
|
8 | cdn.nucific.com |
www2.3harmfulfoods.com
|
6 | fonts.googleapis.com |
www2.3harmfulfoods.com
|
5 | metrics.brightcove.com | |
3 | manifest.prod.boltdns.net |
www2.3harmfulfoods.com
|
3 | stat.youniverssl.com |
www2.3harmfulfoods.com
stat.youniverssl.com |
2 | bcboltgoldenh-a.akamaihd.net |
www2.3harmfulfoods.com
|
2 | edge.api.brightcove.com |
www2.3harmfulfoods.com
|
2 | payments.amazon.com |
www2.3harmfulfoods.com
|
2 | static-na.payments-amazon.com |
www2.3harmfulfoods.com
static-na.payments-amazon.com |
2 | group.medicalvitalhealth.com | 2 redirects |
1 | cf-images.us-east-1.prod.boltdns.net | |
1 | vjs.zencdn.net |
players.brightcove.net
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.ultimatedogfoodguide.com | |
1 | players.brightcove.net |
www2.3harmfulfoods.com
|
1 | www.googletagmanager.com |
www2.3harmfulfoods.com
|
1 | www.lutrkng.com | 1 redirects |
1 | www.iz8qatrk.com | 1 redirects |
60 | 19 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-04 - 2024-05-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
static-na.payments-amazon.com Amazon RSA 2048 M02 |
2023-05-23 - 2024-06-20 |
a year | crt.sh |
payments.amazon.com Amazon RSA 2048 M01 |
2024-02-07 - 2025-01-17 |
a year | crt.sh |
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-05-30 - 2024-05-30 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
brightcove.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-12-14 - 2025-01-14 |
a year | crt.sh |
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-06-03 - 2024-07-04 |
a year | crt.sh |
metrics.brightcove.com GTS CA 1D4 |
2024-01-21 - 2024-04-20 |
3 months | crt.sh |
*.prod.boltdns.net Amazon RSA 2048 M02 |
2023-09-20 - 2024-10-19 |
a year | crt.sh |
youniverssl.com Cloudflare Inc ECC CA-3 |
2023-09-10 - 2024-09-09 |
a year | crt.sh |
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-05-16 - 2024-05-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www2.3harmfulfoods.com/fst/d_db_biox4_vslstart_ozempic_231031/?business_unit=a00f400000jv554aad&utm_campaign=nuc-db-biox4-cpaeml-all-vslstart-ozempic-231031&utm_campaign_id=7013w000002DUhjAAG&utm_source=dbtcr&subid1=51dc3534b23340c8abf5544cecadfe9e&subid2=389&subid3=7&subid5=everflow
Frame ID: DB77A794663F36A9C87C4CC9A6DFBA99
Requests: 59 HTTP requests in this frame
Screenshot
![](/screenshots/b53799de-833f-419a-b967-12dfa7393a54.png)
Page Title
3 Harmful FoodsPage URL History Show full URLs
-
http://group.medicalvitalhealth.com/76543w4567yuy76tre3wsedrftdefrgthy-tr45y67ujerfgthyy-grferthy/efgthyju-ht4rt...
HTTP 301
https://group.medicalvitalhealth.com/76543w4567yuy76tre3wsedrftdefrgthy-tr45y67ujerfgthyy-grferthy/efgthyju-ht4rt... HTTP 302
https://www.iz8qatrk.com/9W598/7L272W8/?sub1=BiofesaGGMM HTTP 302
https://www.lutrkng.com/LMGRMG/6H52ND/?uid=291&sub1=7&sub2=161e6ec5670349eaaf88372bf1300f5d&sub3=Bio... HTTP 302
https://www2.3harmfulfoods.com/cid/7013w000002DUhjAAG?subid1=51dc3534b23340c8abf5544cecadfe9e&subid2=389&su... HTTP 302
https://www2.3harmfulfoods.com/fst/d_db_biox4_vslstart_ozempic_231031?business_unit=a00f400000jv554aad&utm_... HTTP 301
https://www2.3harmfulfoods.com/fst/d_db_biox4_vslstart_ozempic_231031/?business_unit=a00f400000jv554aad&utm... Page URL
Detected technologies
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
Page Statistics
37 Outgoing links
These are links going to different origins than the main page.
Title: Chemico-Biological Interactions
Search URL Search Domain Scan URL
Title: Eur J Clin Nutr.
Search URL Search Domain Scan URL
Title: Obesity (Silver Spring).
Search URL Search Domain Scan URL
Title: J Biol Chem.
Search URL Search Domain Scan URL
Title: J Clin Endocrinol Metab.
Search URL Search Domain Scan URL
Title: http://www.coca-cola.co.uk/ stories/the-diet-coke-story
Search URL Search Domain Scan URL
Title: http://www.debate.org/opinions/should-high-fructose-corn-syrup-be-banned
Search URL Search Domain Scan URL
Title: http://margaretwertheimrd.com/healthiest-yogurts-how-much-added-sugar-is-in-your-favorite-yogurt/
Search URL Search Domain Scan URL
Title: http://www.livestrong.com/article/412779-the-negative-side-effects-of-probiotic-yogurt/
Search URL Search Domain Scan URL
Title: http://www.eatthis.com/bread-store-bought
Search URL Search Domain Scan URL
Title: http://www.dailymail.co.uk/news/article-2337798/Are-sugar-addict-Scientists-say-high-fructose-corn-syrup-addictive-cocaine.html
Search URL Search Domain Scan URL
Title: http://www.debralynndadd.com/toxichealth/how-toxic-chemicals-make-you-fat/
Search URL Search Domain Scan URL
Title: http://www.fooducate.com/app#!page=product&id=3073B0BA-E106-11DF-A102-FEFD45A4D471
Search URL Search Domain Scan URL
Title: http://content.time.com/time/specials/packages/article/0,28804,1991915_1991909_1991785,00.html
Search URL Search Domain Scan URL
Title: http://abcnews.go.com/Health/Diet/eating-fake-fat-makes-real-fat-olestra-study/story?id=13893613
Search URL Search Domain Scan URL
Title: https://www.eatthismuch.com/food/view/smoked-bratwurst-link-sausage,527468/
Search URL Search Domain Scan URL
Title: http://www.completehealthdallas.com/DigestionWeightGain.html
Search URL Search Domain Scan URL
Title: http://www.livestrong.com/article/264810-weight-loss-starvation-mode/
Search URL Search Domain Scan URL
Title: http://www.livestrong.com/article/52807-natural-enzymes-digest/
Search URL Search Domain Scan URL
Title: http://www.ei-resource.org/illness-information/environmental-illnesses/candida-and-gut-dysbiosis/
Search URL Search Domain Scan URL
Title: http://sugaraddiction.bodyecology.com/sugar-and-candida
Search URL Search Domain Scan URL
Title: https://www.mindbodygreen.com/0-8376/10-signs-you-have-candida-overgrowth-what-to-do-about-it.html
Search URL Search Domain Scan URL
Title: http://www.thealternativedaily.com/yeast-overgrowth/
Search URL Search Domain Scan URL
Title: http://www.wholehealthinsider.com/newsletter/real-cause-food-addiction/
Search URL Search Domain Scan URL
Title: https://nccih.nih.gov/health/probiotics/introduction.htm
Search URL Search Domain Scan URL
Title: https://www.health.harvard.edu/vitamins-and-supplements/health-benefits-of-taking-probiotics
Search URL Search Domain Scan URL
Title: http://www.doctorshealthpress.com/health-articles/dysbiosis-microbial-imbalance/
Search URL Search Domain Scan URL
Title: http://www.independent.co.uk/life-style/health-and-families/features/what-happens-when-you-eat-too-much-overeating-excess-biology-body-a6792081.html
Search URL Search Domain Scan URL
Title: http://www.medicalnewstoday.com/articles/254512.php
Search URL Search Domain Scan URL
Title: https://www.fda.gov/ohrms/dockets/dockets/95s0316/95s-0316-rpt0252-08-exhibit-02-vol184.pdf
Search URL Search Domain Scan URL
Title: http://obesity.procon.org/view.resource.php?resourceID=006032
Search URL Search Domain Scan URL
Title: Popkin B, Adair L, Ng S. Global nutrition transition and the pandemic of obesity in developing countries. Nutrition Reviews. 2012;70(1):3-21. doi:10.1111/j.1753-4887.2011.00456.x.
Search URL Search Domain Scan URL
Title: http://www.foxnews.com/health/2013/11/22/survey-shows-74-percent-americans-experience-gi-discomfort.html
Search URL Search Domain Scan URL
Title: STUDIES
Search URL Search Domain Scan URL
Title: TERMS OF USE
Search URL Search Domain Scan URL
Title: PRIVACY POLICY
Search URL Search Domain Scan URL
Title: TEXT
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://group.medicalvitalhealth.com/76543w4567yuy76tre3wsedrftdefrgthy-tr45y67ujerfgthyy-grferthy/efgthyju-ht4rt5y/jdfgthyjht45y-uyj7htgr/fghgfd
HTTP 301
https://group.medicalvitalhealth.com/76543w4567yuy76tre3wsedrftdefrgthy-tr45y67ujerfgthyy-grferthy/efgthyju-ht4rt5y/jdfgthyjht45y-uyj7htgr/fghgfd HTTP 302
https://www.iz8qatrk.com/9W598/7L272W8/?sub1=BiofesaGGMM HTTP 302
https://www.lutrkng.com/LMGRMG/6H52ND/?uid=291&sub1=7&sub2=161e6ec5670349eaaf88372bf1300f5d&sub3=BiofesaGGMM HTTP 302
https://www2.3harmfulfoods.com/cid/7013w000002DUhjAAG?subid1=51dc3534b23340c8abf5544cecadfe9e&subid2=389&subid3=7&subid5=everflow HTTP 302
https://www2.3harmfulfoods.com/fst/d_db_biox4_vslstart_ozempic_231031?business_unit=a00f400000jv554aad&utm_campaign=nuc-db-biox4-cpaeml-all-vslstart-ozempic-231031&utm_campaign_id=7013w000002DUhjAAG&utm_source=dbtcr&subid1=51dc3534b23340c8abf5544cecadfe9e&subid2=389&subid3=7&subid5=everflow HTTP 301
https://www2.3harmfulfoods.com/fst/d_db_biox4_vslstart_ozempic_231031/?business_unit=a00f400000jv554aad&utm_campaign=nuc-db-biox4-cpaeml-all-vslstart-ozempic-231031&utm_campaign_id=7013w000002DUhjAAG&utm_source=dbtcr&subid1=51dc3534b23340c8abf5544cecadfe9e&subid2=389&subid3=7&subid5=everflow Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
60 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
www2.3harmfulfoods.com/fst/d_db_biox4_vslstart_ozempic_231031/ Redirect Chain
|
34 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
592 B 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
process_env.js
www2.3harmfulfoods.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
polyfills.js
www2.3harmfulfoods.com/build/ |
94 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
www2.3harmfulfoods.com/build/ |
9 MB 534 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 571 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 607 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 717 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
405 B 359 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
362 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css2
fonts.googleapis.com/ |
4 KB 663 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fst_abbrev_funnel_confs.js
www2.3harmfulfoods.com/ |
6 MB 268 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
countries.js
www2.3harmfulfoods.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
request-ip
www2.3harmfulfoods.com/ |
67 B 437 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Widgets.js
static-na.payments-amazon.com/OffAmazonPayments/us/js/ |
335 KB 104 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
getsession
www2.3harmfulfoods.com/proxy/utils/ |
0 355 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bundle.js
www2.3harmfulfoods.com/build/ |
3 MB 649 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sessionstabilizer
payments.amazon.com/gp/widgets/ |
99 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
static-na.payments-amazon.com/v2/ |
45 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
setaffparameters
www2.3harmfulfoods.com/proxy/affiliate/ |
20 B 489 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
save
www2.3harmfulfoods.com/proxy/funnel/stats/ |
16 B 486 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
save
www2.3harmfulfoods.com/proxy/funnel/stats/ |
16 B 485 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
uedata
payments.amazon.com/cs/ |
0 441 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
save
www2.3harmfulfoods.com/proxy/funnel/stats/ |
16 B 421 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
src_components_components_module_ts.js
www2.3harmfulfoods.com/build/ |
142 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
src_pages__brand-pages-base_base-controllers_video_video-common_ts.js
www2.3harmfulfoods.com/build/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
src_pages_video-pages_video231103a_video231103a_module_ts.js
www2.3harmfulfoods.com/build/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.min.js
players.brightcove.net/6058004207001/default_default/ |
835 KB 224 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
cdn.nucific.com/images/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
volume-green.png
cdn.ultimatedogfoodguide.com/images/ |
440 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dr-lee.jpg
cdn.nucific.com/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amy-sign.png
cdn.nucific.com/images/ |
808 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FeaturedOn_Mobile.jpg
cdn.nucific.com/images/ |
21 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FeaturedOn_Desktop.jpg
cdn.nucific.com/images/ |
23 KB 23 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
white-flame.png
cdn.nucific.com/images/ |
610 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch-arrow-small.png
cdn.nucific.com/images/ |
7 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Montserrat-Regular.ttf
www2.3harmfulfoods.com/assets/fonts/Montserrat/ |
22 KB 14 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ |
27 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
save
www2.3harmfulfoods.com/proxy/funnel/stats/ |
16 B 420 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
6335449725112
edge.api.brightcove.com/playback/v1/accounts/6058004207001/videos/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vtt.global.min.js
vjs.zencdn.net/vttjs/0.15.3/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6335449725112
edge.api.brightcove.com/playback/v1/accounts/6058004207001/videos/ |
3 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 295 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/6058004207001/7e897776-bc0a-41f5-93e8-a0f501b1f93c/main/640x360/23m36s986ms/match/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cscript.js
stat.youniverssl.com/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004207001/7e897776-bc0a-41f5-93e8-a0f501b1f93c/10s/ |
2 KB 2 KB |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ezgifcom-video-to-gif-min-FINAL-1.gif
cdn.nucific.com/images/ |
881 KB 882 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
95b8510a-d90a-4cf6-bc3a-059ccc10c9c8
https://www2.3harmfulfoods.com/ |
7 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d81a6364-83aa-4431-b5df-04a904d0791e
https://www2.3harmfulfoods.com/ |
87 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
25a3debc-ec92-4aad-a753-9b3959abd5d9
https://www2.3harmfulfoods.com/ |
87 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker
metrics.brightcove.com/v2/ |
35 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004207001/7e897776-bc0a-41f5-93e8-a0f501b1f93c/543796ad-9876-45ff-9a9f-60cc61b54d10/10s/ |
50 KB 50 KB |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004207001/7e897776-bc0a-41f5-93e8-a0f501b1f93c/9f69407e-5d8f-4e99-a90b-9949317f9692/10s/ |
50 KB 50 KB |
XHR
application/x-mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segment0.ts
bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004207001/7e897776-bc0a-41f5-93e8-a0f501b1f93c/543796ad-9876-45ff-9a9f-60cc61b54d10/5x/ |
1 MB 1 MB |
XHR
video/mp2t |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fp.min.js
stat.youniverssl.com/js/ |
31 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segment0.ts
bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004207001/7e897776-bc0a-41f5-93e8-a0f501b1f93c/9f69407e-5d8f-4e99-a90b-9949317f9692/5x/ |
162 KB 163 KB |
XHR
video/mp2t |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stat
stat.youniverssl.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
123 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Ionic object| process_env function| roundHalfEven string| TouchCRBase__UTM_Campaign_V2__c object| dataLayer boolean| gtmloaded object| shellPageMap function| getPath function| removeShell function| getShell string| pathname object| shellWrapper string| pageName object| gh object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| funnel_confs object| countries function| loadboth function| loadFrameWork function| loadall function| getIP object| ipscript object| headtab object| _0xf05c function| _0x4556 function| getPCIRandom undefined| intvl object| guid string| vuid number| tries function| getCookie function| alternaiDataLayer function| alternaiSet function| alternGuestId function| alternai object| date string| expires object| head object| script object| sessionRequest string| url undefined| token object| MyBundle object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader string| ip object| OffAmazonPayments object| LOGIN_STATE undefined| $ undefined| jQuery object| __zone_symbol__messagefalse function| onAmazonLoginReady object| amazon object| webpackChunktouchcr_funnel boolean| ghbundle boolean| ngDevMode function| Hammer object| __zone_symbol__beforeunloadfalse object| __zone_symbol__ON_PROPERTYmessage object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__ON_PROPERTYpopstate string| cookieName object| gabCookieValue string| STTwoPartDomain boolean| vtcrFed object| __zone_symbol__orientationchangefalse object| __zone_symbol__resizefalse boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs function| videojsFlash object| videojsFlashlsSourceHandler object| httpStreaming function| videojsPerSourceBehaviors function| videojsContextmenu function| videojsContextmenuUi function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog object| videojsDock function| videojsPlaylist function| bc function| WebVTT object| __zone_symbol__pagehidefalse object| vttjs function| siteStatHandler object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse object| __zone_symbol__statusTapfalse object| FingerprintJS function| statHandler function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.iz8qatrk.com/ | Name: uniqueClick_7L272W8 Value: c1af4952-b679-4faf-a56d-f6d92a1762da:1707859696 |
|
www.iz8qatrk.com/ | Name: transaction_id Value: 161e6ec5670349eaaf88372bf1300f5d |
|
www.lutrkng.com/ | Name: uniqueClick_6H52ND Value: 0b7102e2-6597-46a4-a08f-76bbd23e45bc:1707859696 |
|
www.lutrkng.com/ | Name: transaction_id Value: 51dc3534b23340c8abf5544cecadfe9e |
|
www2.3harmfulfoods.com/ | Name: _csrf Value: 7vSzXFQZz17nEIZM3nqp8KgD |
|
.3harmfulfoods.com/ | Name: __cf_bm Value: kxtf_QOHgwaa71N9qaIzRmtm28osbwwrAfogHHBRIx8-1707859696-1-ARrI6H9kNyfz9DJH2VfLV4aGJhQCMZbF2NtZRnCgxBgdmbQIEx1uTu+a+GIxiPXMH+0bDklwS8DBypFr8u7xYAI= |
|
www2.3harmfulfoods.com/ | Name: alternaiGuestId Value: 3e2fd71a-bf25-4cb7-b24f-d8cf038250d8,www2.3harmfulfoods.com,,blob:https: |
|
.amazon.com/ | Name: session-token Value: "48GxxFy5jkMofU0ObqAJHxWR4/GpMWQkwUZrICze8e5U2ibNG9tYgoBNHwjBnZCTKiLBUaYMQ7fb5G7ocroShNhvN//R7vM0G04kkflBB21LVdV8lQaVfA4Col6flYRq56RnT3E6th2kMQbSMswR6IJPlEB0TrmYlIs//gTuanIP7ACj2RxqTMsM2Cqntr0wSXXPl6u07O9P3QuTJftRUTu4WO40EFhNdALmVQ6JQ+AuiN6gcPVchkWZ0iYUd1sKRNYuUZTW7kUUilgz4+wR1wyegtQsgWNNN35LXGYyJon+6UwFZIlf216K0OVYAnoMdieltO+9PA8/5RbqHiv/Cg==" |
|
.amazon.com/ | Name: session-id Value: 135-0445008-4033965 |
|
.amazon.com/ | Name: session-id-time Value: 2082758400 |
|
.amazon.com/ | Name: session-id-apay Value: 135-0445008-4033965 |
|
www2.3harmfulfoods.com/ | Name: GAID Value: 7bb2ebdc-31b7-9811-a656-8b3f89048d4f |
|
www2.3harmfulfoods.com/ | Name: apay-session-set Value: %2BzL%2FkHwDM5khtiSoQYfu6JyhjAle%2BVoNCMI%2FXRejsWLzo%2Bv8S%2FMZE8kUioaG37o%3D |
|
www2.3harmfulfoods.com/ | Name: connect.sid Value: s%3A1vRX_exE_3UkaL8zYAfznrnRp9c64_08.LEfjuMajsItumUhy4R6sFOUbwrRvgUTjhxgtAAQTfNQ |
|
.3harmfulfoods.com/ | Name: tcrFed Value: true |
|
www2.3harmfulfoods.com/ | Name: XSRF-TOKEN Value: T6brMTkg-JMLg-umYDo21XLM_Naf8MKh7a6s |
|
.ultimatedogfoodguide.com/ | Name: __cf_bm Value: TzEcA.mTv0MRMaqsgCsUUsynGyj4GwFj6818Q.LScbQ-1707859700-1.0-AYMkmybLVgaAmH2oxd/rPRtbZWAasLAx/HXPExKxPVvJyhSjJg+BwzdKQxcQMf+79dtWTtP4jQTuGA+gSydlnMg= |
|
.nucific.com/ | Name: __cf_bm Value: 71JqKrJYI13RgSf60OwjGX5IR0mKhHwudjDp6cwIAGI-1707859700-1-AW3U9OQFqaaf329fsyX66OU5p6+7USZuiH0+VPvRRmUvb0y8Oaz5pFy22hK3lYg7nLQLEvOdxC+YzTKKlhe0wNs= |
|
www2.3harmfulfoods.com/ | Name: gundryMDUserVisited Value: true |
|
.youniverssl.com/ | Name: __cf_bm Value: OEU9_HjRWbhfgvp3v5duKQ1a4JpDu2u2h1AJQJD_dUY-1707859701-1-AahVKiT0xOsBVuGPdPuW55dfcdZ5nVu+yoAPcK9UoOTXPO3jg8TZbRCxdC2L/SFVEatGqXXeSQBl6ClvU+dq2Uc= |
20 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15552000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bcboltgoldenh-a.akamaihd.net
cdn.nucific.com
cdn.ultimatedogfoodguide.com
cf-images.us-east-1.prod.boltdns.net
edge.api.brightcove.com
fonts.googleapis.com
fonts.gstatic.com
group.medicalvitalhealth.com
manifest.prod.boltdns.net
metrics.brightcove.com
payments.amazon.com
players.brightcove.net
stat.youniverssl.com
static-na.payments-amazon.com
vjs.zencdn.net
www.googletagmanager.com
www.iz8qatrk.com
www.lutrkng.com
www2.3harmfulfoods.com
104.117.182.26
151.101.130.27
18.239.168.87
18.66.255.61
185.176.220.48
23.51.57.131
2606:4700:4400::6812:201b
2606:4700:4400::6812:2838
2606:4700:4400::6812:2b22
2606:4700:4400::ac40:98cd
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::200a
2a04:4e42:600::729
34.102.147.100
34.107.202.36
35.244.232.184
44.215.129.82
95.111.213.102
07bd59cefe1335258eaa39aca8ab771a85b2089c90332cb973714ab570b2012c
0a5c8fd51d15c2473f3eac7e374feaed0106444c6cc5b72289b98c534ef996a9
0af4a17f3ec8d58d74e002731f3173d5c6edf26351b1978e23d37650b944134e
0cda363d01d320d52f3114d5fd9d880c7740700b15deb4d89a62701e58f5e49e
1155cab98ddb1e5c684ab5a16432d2431db7d67ce9b9f74553522871113fe554
194d3e9622ea4ce3cf97797a19863f18c9f49ebdd36699160c397b0df2df8ed8
1ae7fa19a9a18fd5570ac3745601c125f95383fc08533ee8079c45162f8d4c8b
1aed2b4c4678cbc4f84340fdc2d6e7428c1578c5370aee4727456a9d04d2df7a
1d2572355e1fdf47f52b488e9c75244e3830241e7170034eef60e1c48f93faac
227557eb4ed819cd763c2757135a6f3932457df061088d27eba1b80fa628a813
2667cf68af233713aef083b5a6c1e346358d3adb38cbacb5c4720ac52f943399
2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a
2a1ce867bae5ccf7e7b981238f2573d03ee870b56b8f51ff94baf904b1f72005
2b98c704568f58bd1032ed993316dfeb1921091de0ed50ea18b857ea385530ec
36f570366e2824a8071ed194d9067db56a94e55b9f226d9625557d57cb1bddba
394867e02ba0cd9a4779459a8e933387b0bb9e2a7ad14f2ee63aca19d2da3c7c
404c5eee514a322a90809ea86cc66a12d761283acc115efc4bdd51e074077b78
4059922eeecb396e1ec35fa176dc13da1cbe763e4fd33ed03ced0c1bd453bf3e
42e71edd56626b6e74dc24486658acd40c0e1bd28320da62826a3121d700cad8
5593812ed51f4f2de527010b8ae1f0fa41ffd0186000b950ee0e30d4690aa442
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
56bdce73f7142e5e3c1e48b251bc4ca23ac50ecad8dede6641724202e64d1de1
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
624f051321b35d2cf074a42f725f74747fd403b836ed1c90396ec34148725fe6
6a25cc19e6eb650e80d354bbe62b1d9cb562158dc9b990d00ef4d48b2756fe73
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
82bab99e139fe558175f3f0ff38504f48befd820f2bdb4655faaacb3d3bd9edf
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
939cd4da3bbe205ee704576912f76c7ffa08709ba6811f5ade8d7b564163a7ac
965179676d801305ac5d4f9fc2b18f9bd43dee687758b2d9322621f29d38f479
972d68008d27b540178f4f9f1fb094e3ce91b11d7fc62f35ec5417b56e68718e
97f83196333a4d50afb51ef5ac665f8ae70b77dab45a0b95b3394241ad7cd64a
a6770a32afa72353b5ad690760410d7689b1068cf4ae87e24ff079807e0d59a9
b078999f1e87fb1a80a941371723dc584673d28de33c3d69a8d98688f4dbdea1
b16a2a13d4ab55ef39042b40c65f72ecd15aa828cdfbad45949d262685a323cd
b70589e1197dcb6ff3877631c146788c63909142c23720d9ff4cfedf081b7d36
b96b23b95f9a53034021120190d48d50acfa442579d5947cb8d2f1c2c59b7227
c27b34afba3137d30217abd1ef2990244fd904b09adcf09da7eb5b183c47cfa0
c884d0aa2e102cd27d38468fb16be67e91ea0bc9b3122e13b9340f1789d5d834
c9a5c1b6dcd749185cf8135fc7dc0579d85265da88fa438e74a2d88211354005
d03bccbb96ba58614dfaa5cf7b696e58e44337cd0e2f1c9dc976debb503dfd24
d4b88964d2aa185f2342b36aefb65f244d79548d90b73a68ca44b6dd675b10ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67be9ff8a99e18f7c2b4554ded767ad3f7e83a0226f48ed23079c40ffd5f40b
e8973e9162b52a3082b9ba440ac5b83a52f56f625f57240e395c22828df6f8ab
f05c8e0b6dd31fda246d3e9462322cb9165acb1e8f31f8b149cb27247a48b753
f0ef0bd6f42b27add24a9ca8619c18cd4f4e3d368bef0d759b62d74555adb41e
f1bbc4bb6ea85407f95e4087bf7bbf5b5dbc9d72641dd61906d2db2e2947f8f5
f8ce9609a9a5203248d40cc6d8ef9a020d7fbb125a58402104cf3d3e11dfec7c
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce