urlscan.io logo urlscan.io
SecurityTrails logo

gftd.works Open in urlscan Pro
58.80.136.130  Public Scan

Go To Rescan Add Verdict Report
URL: https://gftd.works/a
Submission: On February 13 via api from RU — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 58.80.136.130, located in Shimohirama, Japan and belongs to UCOM ARTERIA Networks Corporation, JP. The main domain is gftd.works.
TLS certificate: Issued by R3 on January 14th 2023. Valid for: 3 months.
This is the only time gftd.works was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 58.80.136.130 17506 (UCOM ARTE...)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 2 2400:52e0:150... 200325 (BUNNYCDN)
3 2404:6800:400... 15169 (GOOGLE)
21 6
13    58.80.136.130 (Shimohirama, Japan)

ASN17506 (UCOM ARTERIA Networks Corporation, JP)
PTR: plesk.ssilab.co.jp
gftd.works
1    2404:6800:4004:801::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2400:52e0:1501::1061:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
sp-ao.shortpixel.ai
3    2404:6800:4004:813::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
13 gftd.works
gftd.works
299 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 24
20 KB
2 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 18984
1 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
122 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 KB
21 6
Domain Requested by
13 gftd.works gftd.works
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 sp-ao.shortpixel.ai 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com gftd.works
www.googletagmanager.com
1 fonts.googleapis.com gftd.works
21 6

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
gftd.works
R3		 2023-01-14 -
2023-04-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gftd.works/a
Frame ID: 2C6957E0C45CC395D411B93D9F6A0FA5
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - ページが見つかりません - GFTD. WORKS

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

474 kB
Transfer

1640 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_60,h_48/https://gftd.works/wp-content/uploads/2018/09/logo_gftd..png HTTP 302
  • https://gftd.works/wp-content/uploads/2018/09/logo_gftd..png
Request Chain 18
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://gftd.works/wp-content/uploads/2018/11/logo_gftd.1-1024x809.png HTTP 302
  • https://gftd.works/wp-content/uploads/2018/11/logo_gftd.1-1024x809.png

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request a
gftd.works/ 		592 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PHP/7.2.34
Resource Hash
09527356689472550d3691752b3dfabd3246b31f0e7bed03c8eebd4392c8b035

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Feb 2023 03:12:13 GMT
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Link
<https://gftd.works/wp-json/>; rel="https://api.w.org/"
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.34
spfont.woff
gftd.works/wp-content/plugins/post-carousel/public/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/plugins/post-carousel/public/assets/fonts/spfont.woff?54747913
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PHP/7.2.34
Resource Hash

Request headers

Referer
https://gftd.works/a
Origin
https://gftd.works
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Server
nginx
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<https://gftd.works/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
css
fonts.googleapis.com/ 		45 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be80295e798d79f9dcd290ca8d913e9ce309b2ef0558549694244ee006933943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Feb 2023 03:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 02:32:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Feb 2023 03:12:13 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/webp
autoptimize_single_9c93bf37385f0072291cf27e14e0a3f3.css
gftd.works/wp-content/cache/autoptimize/css/ 		1 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/cache/autoptimize/css/autoptimize_single_9c93bf37385f0072291cf27e14e0a3f3.css
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
d5af72023e1dc70fd1c8ad3733cd29d294443e4514cf42f65fee4dd0213659a9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Last-Modified
Wed, 08 Feb 2023 12:49:53 GMT
Server
nginx
ETag
W/"63e39a71-4c0"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
autoptimize_single_125bd7727a31edb37ca74360cb679d9b.css
gftd.works/wp-content/cache/autoptimize/css/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/cache/autoptimize/css/autoptimize_single_125bd7727a31edb37ca74360cb679d9b.css
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
721346da59e4d239dca0c403162383e0b340a4b69ad4e7c0a5d286343fb4fb64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Last-Modified
Wed, 08 Feb 2023 12:49:53 GMT
Server
nginx
ETag
W/"63e39a71-3a9d"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
autoptimize_single_2179fc19310ebecb47b3e9601f8fae0d.css
gftd.works/wp-content/cache/autoptimize/css/ 		3 KB
831 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/cache/autoptimize/css/autoptimize_single_2179fc19310ebecb47b3e9601f8fae0d.css
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
ab5e181eb8be2ca43a170bb09f4fe688f41f5ba9ef58ce287a5a91e02baff7be

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Last-Modified
Wed, 08 Feb 2023 12:49:53 GMT
Server
nginx
ETag
W/"63e39a71-d2d"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
autoptimize_single_53be22d3b0c7d7dbb218ec57eab2f652.css
gftd.works/wp-content/cache/autoptimize/css/ 		456 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/cache/autoptimize/css/autoptimize_single_53be22d3b0c7d7dbb218ec57eab2f652.css
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
4cb30f842319c4cd9c2a63e14c8cef0fdc89bbfa141fb504b78c399abf893fb6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Last-Modified
Wed, 08 Feb 2023 12:49:53 GMT
Server
nginx
ETag
W/"63e39a71-1c8"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
jquery.min.js
gftd.works/wp-includes/js/jquery/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-includes/js/jquery/jquery.min.js
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Last-Modified
Mon, 19 Dec 2022 03:51:32 GMT
Server
nginx
ETag
W/"639fdfc4-15e54"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-251466808-2
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6931c44ca00b2a6d9fc65569842a345a41250b458de25ffae0ed7df6578e4ef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 03:12:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44094
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Feb 2023 03:12:13 GMT
lazysizes.min.js
gftd.works/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Last-Modified
Mon, 19 Dec 2022 04:14:18 GMT
Server
nginx
ETag
W/"639fe51a-2655"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
autoptimize_single_866646addbfe981d090b5ebfaecaa060.css
gftd.works/wp-content/cache/autoptimize/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/cache/autoptimize/css/autoptimize_single_866646addbfe981d090b5ebfaecaa060.css
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
30acd5a7b088478be55da1f350cdfb06ccfd568c5ba7911df2b608b32a22b29e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Last-Modified
Wed, 08 Feb 2023 12:49:53 GMT
Server
nginx
ETag
W/"63e39a71-10a2"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
autoptimize_13c11a81fdb5acc4ca5a4656af019d42.js
gftd.works/wp-content/cache/autoptimize/js/ 		390 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/cache/autoptimize/js/autoptimize_13c11a81fdb5acc4ca5a4656af019d42.js
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
41691afa3e12181b39938e510bf61e94fec4961382020980f3c7ae03222b07f4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Content-Encoding
br
Last-Modified
Wed, 08 Feb 2023 12:52:16 GMT
Server
nginx
ETag
W/"63e39b00-616f4"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b80927d8b71a80863bfea668bc4320090fc3ec707cb13a83d58489e1085471b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
astra.woff
gftd.works/wp-content/themes/astra/assets/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gftd.works/wp-content/themes/astra/assets/fonts/astra.woff
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

Referer
https://gftd.works/a
Origin
https://gftd.works
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Last-Modified
Mon, 19 Dec 2022 04:30:34 GMT
Server
nginx
ETag
"639fe8ea-ce8"
X-Powered-By
PleskLin
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3304
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f56e3276b451666968524ba6db7f102c1ae48b1ae0348b08ad8427e0ad27a983

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gftd.works
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 09:48:52 GMT
x-content-type-options
nosniff
age
62601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Feb 2024 09:48:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gftd.works
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 19:32:54 GMT
x-content-type-options
nosniff
age
373159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 19:32:54 GMT
logo_gftd..png
gftd.works/wp-content/uploads/2018/09/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_60,h_48/https://gftd.works/wp-content/uploads/2018/09/logo_gftd..png
  • https://gftd.works/wp-content/uploads/2018/09/logo_gftd..png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gftd.works/wp-content/uploads/2018/09/logo_gftd..png
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
17d1b84605992547d39d8b06c4d2277c9ccebe85f42e4b8295151469e1b4600f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Last-Modified
Wed, 29 Jan 2020 05:43:43 GMT
Server
nginx
ETag
"5e311b8f-5d7"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1495

Redirect headers

date
Mon, 13 Feb 2023 03:12:13 GMT
cdn-edgestorageid
990
cdn-cachedat
02/12/2023 04:38:05
cdn-pullzone
257218
cdn-tag
0; Domain: gftd.works; 302
content-length
0
pragma
cache
server
BunnyCDN-JP1-1061
cdn-proxyver
1.03
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://gftd.works/wp-content/uploads/2018/09/logo_gftd..png
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-requestid
ed231902a64ad71e77adb3c932d8594b
cdn-requestcountrycode
JP
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
302
cdn-requestpullsuccess
True
logo_gftd.1-1024x809.png
gftd.works/wp-content/uploads/2018/11/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://gftd.works/wp-content/uploads/2018/11/logo_gftd.1-1024x809.png
  • https://gftd.works/wp-content/uploads/2018/11/logo_gftd.1-1024x809.png
70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gftd.works/wp-content/uploads/2018/11/logo_gftd.1-1024x809.png
Requested by
Host: gftd.works
URL: https://gftd.works/a
Protocol
HTTP/1.1
Server
58.80.136.130 Shimohirama, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS
plesk.ssilab.co.jp
Software
nginx / PleskLin
Resource Hash
da62c17681af8331f823f8d817f9ba7e2f7aace9ef39de88f5f0f36312efc56d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 03:12:14 GMT
Last-Modified
Thu, 30 Jan 2020 12:18:25 GMT
Server
nginx
ETag
"5e32c991-11823"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71715

Redirect headers

date
Mon, 13 Feb 2023 03:12:13 GMT
cdn-edgestorageid
1066
cdn-cachedat
02/12/2023 05:46:39
cdn-pullzone
257218
cdn-tag
0; Domain: gftd.works; 302
content-length
0
pragma
cache
server
BunnyCDN-JP1-1061
cdn-proxyver
1.03
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://gftd.works/wp-content/uploads/2018/11/logo_gftd.1-1024x809.png
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-requestid
c02656bf7ed5089371aeac0570079520
cdn-requestcountrycode
JP
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
302
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-251466808-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Feb 2023 02:36:23 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2150
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 13 Feb 2023 04:36:23 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HDQ6531Z8W&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-251466808-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e46a3d7b92f3a4f9d0986488fc0f8ab5608ad1a163dc3cde43f206dd43f5e9f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 03:12:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79989
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Feb 2023 03:12:13 GMT
collect
www.google-analytics.com/j/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=578456880&t=pageview&_s=1&dl=https%3A%2F%2Fgftd.works%2Fa&ul=en-us&de=UTF-8&dt=404%20-%20%E3%83%9A%E3%83%BC%E3%82%B8%E3%81%8C%E8%A6%8B%E3%81%A4%E3%81%8B%E3%82%8A%E3%81%BE%E3%81%9B%E3%82%93%20-%20GFTD.%20WORKS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1568296799&gjid=2050851082&cid=2030999103.1676257933&tid=UA-251466808-2&_gid=1132041554.1676257933&_r=1&gtm=457e3280&did=dZTNiMT&gdid=dZTNiMT&z=8256419
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gftd.works/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 03:12:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gftd.works
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-HDQ6531Z8W&gtm=45je3280&_p=578456880&gdid=dZTNiMT&cid=2030999103.1676257933&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676257933&sct=1&seg=0&dl=https%3A%2F%2Fgftd.works%2Fa&dt=404%20-%20%E3%83%9A%E3%83%BC%E3%82%B8%E3%81%8C%E8%A6%8B%E3%81%A4%E3%81%8B%E3%82%8A%E3%81%BE%E3%81%9B%E3%82%93%20-%20GFTD.%20WORKS&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HDQ6531Z8W&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gftd.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 03:12:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gftd.works
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange boolean| ewww_webp_supported function| check_webp_feature object| Arrive function| ewwwLoadImages function| ewwwWebPInit function| ewwwAttr function| ewwwJSONParserInit function| ewwwWooParseVariations function| ewwwNggParseGalleries function| ewwwNggLoadGalleries function| ewwwNggParseImageList undefined| $ function| jQuery function| gtag object| dataLayer object| lazySizesConfig object| astra object| wpcf7 object| option object| elementorFrontendConfig object| _wpUtilSettings object| wpformsElementorVars object| post_grid_vars object| lazySizes function| a function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent object| WPFormsElementorFrontend object| ___FONT_AWESOME___ object| fontawesome-free-shims function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| swv object| webpackChunkelementor object| elementorModules function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| elementorFrontend function| _ object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| arrive function| unbindArrive function| leave function| unbindLeave

4 Cookies

Domain/Path Name / Value
.gftd.works/ Name: _gid
Value: GA1.2.1132041554.1676257933
.gftd.works/ Name: _gat_gtag_UA_251466808_2
Value: 1
.gftd.works/ Name: _ga
Value: GA1.1.2030999103.1676257933
.gftd.works/ Name: _ga_HDQ6531Z8W
Value: GS1.1.1676257933.1.0.1676257933.0.0.0

3 Console Messages

Source Level URL
Text
network error URL: https://gftd.works/a
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://gftd.works/wp-content/plugins/post-carousel/public/assets/fonts/spfont.woff?54747913
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://gftd.works/a
Message:
The resource https://gftd.works/wp-content/plugins/post-carousel/public/assets/fonts/spfont.woff?54747913 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gftd.works
sp-ao.shortpixel.ai
www.google-analytics.com
www.googletagmanager.com
2400:52e0:1501::1061:1
2404:6800:4004:801::200a
2404:6800:4004:813::200e
2404:6800:4004:824::2003
2404:6800:4004:824::2008
58.80.136.130
09527356689472550d3691752b3dfabd3246b31f0e7bed03c8eebd4392c8b035
17d1b84605992547d39d8b06c4d2277c9ccebe85f42e4b8295151469e1b4600f
30acd5a7b088478be55da1f350cdfb06ccfd568c5ba7911df2b608b32a22b29e
41691afa3e12181b39938e510bf61e94fec4961382020980f3c7ae03222b07f4
4cb30f842319c4cd9c2a63e14c8cef0fdc89bbfa141fb504b78c399abf893fb6
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6931c44ca00b2a6d9fc65569842a345a41250b458de25ffae0ed7df6578e4ef1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
721346da59e4d239dca0c403162383e0b340a4b69ad4e7c0a5d286343fb4fb64
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8b80927d8b71a80863bfea668bc4320090fc3ec707cb13a83d58489e1085471b
ab5e181eb8be2ca43a170bb09f4fe688f41f5ba9ef58ce287a5a91e02baff7be
be80295e798d79f9dcd290ca8d913e9ce309b2ef0558549694244ee006933943
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d5af72023e1dc70fd1c8ad3733cd29d294443e4514cf42f65fee4dd0213659a9
da62c17681af8331f823f8d817f9ba7e2f7aace9ef39de88f5f0f36312efc56d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a3d7b92f3a4f9d0986488fc0f8ab5608ad1a163dc3cde43f206dd43f5e9f9
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
f56e3276b451666968524ba6db7f102c1ae48b1ae0348b08ad8427e0ad27a983
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615