URL: https://support.ket168shop.com/
Submission: On November 17 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3030::6815:4ee2, located in United States and belongs to CLOUDFLARENET, US. The main domain is support.ket168shop.com.
TLS certificate: Issued by WE1 on November 6th 2024. Valid for: 3 months.
This is the only time support.ket168shop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
3 2606:50c0:800... 54113 (FASTLY)
3 142.250.185.196 15169 (GOOGLE)
1 216.58.206.67 15169 (GOOGLE)
1 172.67.137.224 13335 (CLOUDFLAR...)
19 9
Apex Domain
Subdomains
Transfer
5 ket168shop.com
support.ket168shop.com
367 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
969 B
3 github.io
maketline.github.io
63 KB
3 fontawesome.com
kit-pro.fontawesome.com — Cisco Umbrella Rank: 22429
230 KB
2 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 5255
97 KB
1 gstatic.com
www.gstatic.com
217 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
19 8
Domain Requested by
5 support.ket168shop.com support.ket168shop.com
3 www.google.com support.ket168shop.com
www.gstatic.com
3 maketline.github.io support.ket168shop.com
maketline.github.io
3 kit-pro.fontawesome.com support.ket168shop.com
kit-pro.fontawesome.com
2 cdn.datatables.net support.ket168shop.com
1 www.gstatic.com www.google.com
1 cdn.jsdelivr.net support.ket168shop.com
1 fonts.googleapis.com support.ket168shop.com
19 8

This site contains no links.

Subject Issuer Validity Valid
ket168shop.com
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-01-27
6 months crt.sh
datatables.net
WE1
2024-09-21 -
2024-12-20
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-15 -
2025-03-14
a year crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 3 frames:

Primary Page: https://support.ket168shop.com/
Frame ID: C2E6ED18CA5AB752CDD8FF78BA488B4C
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYumMqAAAAAMZl5aGoPl-Q_vQh34ffmoqKZa-U&co=aHR0cHM6Ly9zdXBwb3J0LmtldDE2OHNob3AuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=itvwdw9z07sm
Frame ID: E0C1030DD46CFA824B0CF1988531C983
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LeYumMqAAAAAMZl5aGoPl-Q_vQh34ffmoqKZa-U
Frame ID: 7CD7E298D5771836A38831201383EA8A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

KET168SHOP | Support

Detected technologies

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • <link[^>]* href=[^>]*kit\-pro\.fontawesome\.com/releases/v([0-9.]+)/
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

8
Subdomains

9
IPs

2
Countries

997 kB
Transfer

3170 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
support.ket168shop.com/
5 KB
2 KB
Document
General
Full URL
https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88fd40fcf18967131a6faf37140118f224f021608317ed19fe225bd98ac7deb5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e3d5f237e381987-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 17 Nov 2024 05:37:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AP27acZQt60ySsPOA63BitkOfV5rFX8rRaywkeCWuSOWJdP6IZjkzx%2BxLqkxABgbm%2FTdD9hh9OGD0l0GUnot3NMplG7CXvRGp9ajO%2FNakxLmQ646SJ15XeFh%2Fj2UJcNR9WCmwwXoJ3HifCtd8NyRsNynn8F%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=37505&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2361&delivery_rate=102313&cwnd=253&unsent_bytes=0&cid=afe6715b2a9da13f&ts=803&x=0"
vary
Accept-Encoding
app.css
support.ket168shop.com/assets/css/
233 KB
36 KB
Stylesheet
General
Full URL
https://support.ket168shop.com/assets/css/app.css
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feb7cf7c0168a11d1037d1b9101994ee5331fbd567ad0dcc067a790bb91ef8ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67397ef7-3a4a9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLSa8MJ62CNrGN8XvVCiVO%2FFz50e75gZEFiKEby3gwpNLzV769hKA%2FFC6GS1Ed4E7KvIQE33U71eW6RIaVW0Kbq%2ByQBPSUyXlZ9WfuxDekoJQ8EXwZ0vB4m0oOYpBrHAnLpj%2BzJ89YhZ6TLSjmzTh9qtoWyC"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3d5f28787c1987-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=42637&sent=15&recv=17&lost=0&retrans=0&sent_bytes=7017&recv_bytes=2670&delivery_rate=139533&cwnd=257&unsent_bytes=0&cid=afe6715b2a9da13f&ts=3135&x=0"
date
Sun, 17 Nov 2024 05:37:58 GMT
content-type
text/css
last-modified
Sun, 17 Nov 2024 05:28:23 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600&display=swap
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60273ffcdcd797d385754718e512f99cd947ab609e76c10b743db96314098766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 05:37:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 05:37:56 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 05:14:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
pro.min.css
kit-pro.fontawesome.com/releases/v6.2.0/css/
788 KB
165 KB
Stylesheet
General
Full URL
https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76ff2cfe25e35dc7a90fb959a1da27629357d601a7dab2876c16d19853448cfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

cache-control
public, max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"32b07840650d89a6955ec02980a5213d"
age
532357
x-amz-request-id
4HZRJZ1WWDYCRP7Q
expires
Mon, 17 Nov 2025 11:26:42 GMT
cf-ray
8e3d5f291e84366d-FRA
date
Sun, 17 Nov 2024 05:37:56 GMT
content-type
text/css
last-modified
Tue, 30 Aug 2022 16:40:41 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
dWeMkxkXwXMfcginZN8bWim4hbPm3yN4rnepb5ORh1BGLMIbPZ7YS+9k6gskv6sRWhPhQV4k7AQ=
dataTables.dataTables.css
cdn.datatables.net/2.1.8/css/
30 KB
4 KB
Stylesheet
General
Full URL
https://cdn.datatables.net/2.1.8/css/dataTables.dataTables.css
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e211da31fe42475c0f1dca7a194203211ec2136b1edf176aa005a2815eb7604c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67065368-7651"
age
600260
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgJEWEftZGjyWZSMT88Gh2ZwD22wcBk70T7HBEKx4TQSVB0hSR2k7k8f7WKFZ%2Fh%2FDwPuWdsl2oO04CKxSUMXTonfAfvN1RrcToHZDkE9puTqv0DCtnR%2BNsPkarZgPHN5Od5sAy4RUIpCfRaWNVziUA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET
expires
Thu, 31 Dec 2037 23:55:55 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=36974&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4029&recv_bytes=2330&delivery_rate=104791&cwnd=252&unsent_bytes=0&cid=fcef9e274645c54a&ts=49&x=0"
date
Sun, 17 Nov 2024 05:37:56 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 09 Oct 2024 09:56:56 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
origin, x-requested-with, content-type
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3d5f291a31d3b4-FRA
access-control-allow-origin
*
server
cloudflare
jquery-3.7.1.min.js
support.ket168shop.com/assets/js/
85 KB
32 KB
Script
General
Full URL
https://support.ket168shop.com/assets/js/jquery-3.7.1.min.js
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67397ef7-155ec"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9JmIgc9smt6Hu135IJvfDk23oY8uBTOJiQE72JVq3chWsxcsUx7yS8JUJP%2FHqjqLd96AlUHyA3krJGcMVoYkQwiz%2BCxQ6KvbtZSAlsp%2Fe22lqGWiHMvK9VrIq3hwsvY3t7gHSw31ax7N93lJfwkQiKnXf4sM"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3d5f28787f1987-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=37346&sent=47&recv=41&lost=0&retrans=0&sent_bytes=44935&recv_bytes=2670&delivery_rate=1037548&cwnd=257&unsent_bytes=0&cid=afe6715b2a9da13f&ts=3323&x=0"
date
Sun, 17 Nov 2024 05:37:59 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 05:28:23 GMT
vary
Accept-Encoding
server
cloudflare
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@11.9.0/dist/
68 KB
20 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11.9.0/dist/sweetalert2.all.min.js
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
92ea0ceff674d256daa8744ef55a5af7969a3339524d9889208bcae3a8a0aee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1116c-LCw/O9tkDLkZDe08ctOg3Yaww3I"
age
2175531
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Sun, 17 Nov 2024 05:37:56 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230125-FRA, cache-cph2320054-CPH
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
19701
x-jsd-version
11.9.0
dataTables.js
cdn.datatables.net/2.1.8/js/
369 KB
93 KB
Script
General
Full URL
https://cdn.datatables.net/2.1.8/js/dataTables.js
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d299e784147c7f5ecd896f6dd2e97c1b8600a1ee7d471aff0d9cbb598528830
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67065368-5c38c"
age
2898242
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zikWiN4AelcK%2BezK36DrrXkYtlg1vaHcS2ML%2FJ928vH04KXbfhGdE4tPealED9%2FfaMao1rePlLMKtnIcHBYp%2BDgECPb4Y%2FJNe6jNcbFx4s4KCo%2FskK%2FQXqcpE5P2urdkn3DAcDzW1pZIK781bK6qcg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET
expires
Thu, 31 Dec 2037 23:55:55 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=36974&sent=15&recv=11&lost=0&retrans=0&sent_bytes=8442&recv_bytes=2330&delivery_rate=104791&cwnd=252&unsent_bytes=0&cid=fcef9e274645c54a&ts=49&x=0"
date
Sun, 17 Nov 2024 05:37:56 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 09:56:56 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
origin, x-requested-with, content-type
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3d5f291a32d3b4-FRA
access-control-allow-origin
*
server
cloudflare
stylesheet.css
maketline.github.io/goodday/font/
692 B
641 B
Stylesheet
General
Full URL
https://maketline.github.io/goodday/font/stylesheet.css
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
1d3dcf6dff88560bb64392034b6f56ada09e3376751f47c8b08f8ff9127d91ff
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

x-fastly-request-id
25503af3f12bd6536b8c6fecaf2e12519e1d96da
content-encoding
gzip
etag
W/"63594041-2b4"
age
0
x-github-request-id
B713:0DD3:26D10FB:27BEC85:67398134
expires
Sun, 17 Nov 2024 05:47:56 GMT
x-proxy-cache
MISS
x-cache
MISS
date
Sun, 17 Nov 2024 05:37:56 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 26 Oct 2022 14:12:17 GMT
x-served-by
cache-cph2320048-CPH
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=31556952
cache-control
max-age=600
x-timer
S1731821877.650565,VS0,VE113
via
1.1 varnish
permissions-policy
interest-cohort=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
216
server
GitHub.com
api.js
www.google.com/recaptcha/
1 KB
969 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
ESF /
Resource Hash
2108ac60bc352011468c22c5405ad3d88912de0a4d76200e8869e7a4d7ff0e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 05:37:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sun, 17 Nov 2024 05:37:59 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
app.js
support.ket168shop.com/assets/js/
877 KB
264 KB
Script
General
Full URL
https://support.ket168shop.com/assets/js/app.js
Requested by
Host: support.ket168shop.com
URL: https://support.ket168shop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4ee2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e423c64d0dc644f7cf1f70432c9337facab38b2bdd1f13c143877cbb18fad7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67397ef7-db4f9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10oZceU9YOh%2FRWqG%2FiVV4ezMKd1Mz4BLBZjSMJ8Nm8e3LUPTVNE9E%2B%2F2oPSLN0C2UlfSGplN7xN5aXNs61KZdBr3LvipFa1tt09YaN4dAoCE08B9nJJ%2FGM2x7w8G5veGc2LJw5ajRpaW%2FRzO0Ys%2BV38m7aUb"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3d5f2878801987-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=37408&sent=14&recv=16&lost=0&retrans=0&sent_bytes=6493&recv_bytes=2670&delivery_rate=139533&cwnd=257&unsent_bytes=0&cid=afe6715b2a9da13f&ts=2210&x=0"
date
Sun, 17 Nov 2024 05:37:57 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 05:28:23 GMT
vary
Accept-Encoding
server
cloudflare
lineseedsansth_bd-webfont.woff2
maketline.github.io/goodday/font/
31 KB
31 KB
Font
General
Full URL
https://maketline.github.io/goodday/font/lineseedsansth_bd-webfont.woff2
Requested by
Host: maketline.github.io
URL: https://maketline.github.io/goodday/font/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
8b1c03b0038e8b93374ddc8422af665a98cca163c9d0672d4863e6c3d918be66
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://support.ket168shop.com
Referer
https://maketline.github.io/goodday/font/stylesheet.css

Response headers

x-fastly-request-id
9c12f60f5783824af8f8cba4fc3d21101486397d
etag
"63594041-7ae0"
age
0
x-github-request-id
15CF:7C259:3BDA855:3D44277:67398133
expires
Sun, 17 Nov 2024 05:47:59 GMT
x-proxy-cache
MISS
x-cache
MISS
date
Sun, 17 Nov 2024 05:37:59 GMT
content-type
font/woff2
last-modified
Wed, 26 Oct 2022 14:12:17 GMT
x-served-by
cache-cph2320033-CPH
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=31556952
cache-control
max-age=600
x-timer
S1731821879.187101,VS0,VE109
via
1.1 varnish
permissions-policy
interest-cohort=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
31456
server
GitHub.com
pro-fa-duotone-900-d5bbe9.woff2
kit-pro.fontawesome.com/releases/v6.2.0/webfonts/
32 KB
32 KB
Font
General
Full URL
https://kit-pro.fontawesome.com/releases/v6.2.0/webfonts/pro-fa-duotone-900-d5bbe9.woff2
Requested by
Host: kit-pro.fontawesome.com
URL: https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d9d0f15f67f3359a0d7b18859e12a9e25eba28037866c7e15ef3c79cb7ff2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://support.ket168shop.com
Referer
https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"4e06d5424e16060840b69f49e54c6a35"
access-control-allow-methods
GET
expires
Mon, 17 Nov 2025 11:26:45 GMT
date
Sun, 17 Nov 2024 05:37:59 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 30 Aug 2022 16:50:24 GMT
x-amz-id-2
4nq8IVUkDSxNDy/4WQYMx2c6/SRTjkFjlYr80uW8dfH879uzbxpw4PHPryf3sAM0ktVkuY1M0O4RttQwIjtrgwPG/VviN711
cache-control
public, max-age=31556926
x-amz-request-id
RPQED1WQF7X2MR9W
cf-ray
8e3d5f38ff7f5bdd-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
32312
server
cloudflare
lineseedsansth_rg-webfont.woff2
maketline.github.io/goodday/font/
32 KB
32 KB
Font
General
Full URL
https://maketline.github.io/goodday/font/lineseedsansth_rg-webfont.woff2
Requested by
Host: maketline.github.io
URL: https://maketline.github.io/goodday/font/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3ccb49485c36c0af240fb8c8b28b44876090ef9fe45137854ed591d321bab577
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://support.ket168shop.com
Referer
https://maketline.github.io/goodday/font/stylesheet.css

Response headers

x-fastly-request-id
a89657e19b30319383813058c3dadf2f11eba6ad
etag
"63594041-7e44"
age
0
x-github-request-id
C5C3:143D75:3C10FE2:3D7ACB3:67398136
expires
Sun, 17 Nov 2024 05:47:59 GMT
x-proxy-cache
MISS
x-cache
MISS
date
Sun, 17 Nov 2024 05:37:59 GMT
content-type
font/woff2
last-modified
Wed, 26 Oct 2022 14:12:17 GMT
x-served-by
cache-cph2320033-CPH
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=31556952
cache-control
max-age=600
x-timer
S1731821879.187197,VS0,VE116
via
1.1 varnish
permissions-policy
interest-cohort=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
32324
server
GitHub.com
pro-fa-duotone-900-1e5361.woff2
kit-pro.fontawesome.com/releases/v6.2.0/webfonts/
33 KB
33 KB
Font
General
Full URL
https://kit-pro.fontawesome.com/releases/v6.2.0/webfonts/pro-fa-duotone-900-1e5361.woff2
Requested by
Host: kit-pro.fontawesome.com
URL: https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15763884abd85d07d876cda44265bf9de32694f900ca0d876f77f1c59eba4d02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://support.ket168shop.com
Referer
https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"dbbaad6061069bffdca574838552ccc9"
access-control-allow-methods
GET
expires
Mon, 17 Nov 2025 11:26:45 GMT
date
Sun, 17 Nov 2024 05:37:59 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 30 Aug 2022 16:50:23 GMT
x-amz-id-2
fnJqR+93ucqxi0skfOqphL0/ViIE7EIXJRhl1v1syNdoOYdoZvd9lq95UuCHJ9N/2iuOHBP9eto=
cache-control
public, max-age=31556926
x-amz-request-id
RPQABKQ4HR6DP6EM
cf-ray
8e3d5f38ff805bdd-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
33960
server
cloudflare
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/
547 KB
217 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
sffe /
Resource Hash
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://support.ket168shop.com
Referer
https://support.ket168shop.com/

Response headers

content-encoding
gzip
age
22498
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 23:23:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 23:23:01 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222594
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame E0C1
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYumMqAAAAAMZl5aGoPl-Q_vQh34ffmoqKZa-U&co=aHR0cHM6Ly9zdXBwb3J0LmtldDE2OHNob3AuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=itvwdw9z07sm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4LcPuSztGtlJz_v8_fPW2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://support.ket168shop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4LcPuSztGtlJz_v8_fPW2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Nov 2024 05:38:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
support.png
support.ket168shop.com/assets/img/
32 KB
32 KB
Other
General
Full URL
https://support.ket168shop.com/assets/img/support.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d59156ff281f0a189ceac884773b33c3de1e2baefd628c32cc67fa719ebdc22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://support.ket168shop.com/

Response headers

cf-cache-status
MISS
etag
"67397ef7-7e30"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHsi0ZPcGFfWzah32sA4QK3KONK9EiCj%2FL3Z%2F0X5N%2BaqoNoP9B%2FUc8i%2BASStnjnndZNBhffA760Cbk3vLdP6NNzZnMtubdw1jXiJYA0kqbsxUKE31rSri%2FV4ctJ7%2BkB0Tc1XN7HIXqwQ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37230&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4255&recv_bytes=4492&delivery_rate=450&cwnd=12000&unsent_bytes=0&cid=2ef56e97f8acc813&ts=19024&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 05:38:15 GMT
content-type
image/png
last-modified
Sun, 17 Nov 2024 05:28:23 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3d5f96c96cd3a8-FRA
accept-ranges
bytes
content-length
32304
server
cloudflare
bframe
www.google.com/recaptcha/api2/ Frame 7CD7
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LeYumMqAAAAAMZl5aGoPl-Q_vQh34ffmoqKZa-U
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9ls8exG5ddp9yIRGJsGzkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://support.ket168shop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9ls8exG5ddp9yIRGJsGzkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Nov 2024 05:38:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| __apiStruct function| DataTable object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha number| uidEvent object| bootstrap object| theme object| feather function| Color function| Chart function| flatpickr function| jsVectorMap object| closure_lm_108201

1 Cookies

Domain/Path Name / Value
support.ket168shop.com/ Name: PHPSESSID
Value: maihc0ovn27ncv9utmfo2orasc

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://support.ket168shop.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.datatables.net
cdn.jsdelivr.net
fonts.googleapis.com
kit-pro.fontawesome.com
maketline.github.io
support.ket168shop.com
www.google.com
www.gstatic.com
142.250.185.196
172.67.137.224
216.58.206.67
2606:4700:20::681a:97b
2606:4700:3030::6815:4ee2
2606:4700:4400::6812:2844
2606:50c0:8001::153
2a00:1450:4001:81d::200a
2a04:4e42::485
15763884abd85d07d876cda44265bf9de32694f900ca0d876f77f1c59eba4d02
1d3dcf6dff88560bb64392034b6f56ada09e3376751f47c8b08f8ff9127d91ff
2108ac60bc352011468c22c5405ad3d88912de0a4d76200e8869e7a4d7ff0e07
2d59156ff281f0a189ceac884773b33c3de1e2baefd628c32cc67fa719ebdc22
3ccb49485c36c0af240fb8c8b28b44876090ef9fe45137854ed591d321bab577
3d299e784147c7f5ecd896f6dd2e97c1b8600a1ee7d471aff0d9cbb598528830
3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
60273ffcdcd797d385754718e512f99cd947ab609e76c10b743db96314098766
76ff2cfe25e35dc7a90fb959a1da27629357d601a7dab2876c16d19853448cfb
84e423c64d0dc644f7cf1f70432c9337facab38b2bdd1f13c143877cbb18fad7
88fd40fcf18967131a6faf37140118f224f021608317ed19fe225bd98ac7deb5
8b1c03b0038e8b93374ddc8422af665a98cca163c9d0672d4863e6c3d918be66
91d9d0f15f67f3359a0d7b18859e12a9e25eba28037866c7e15ef3c79cb7ff2a
92ea0ceff674d256daa8744ef55a5af7969a3339524d9889208bcae3a8a0aee8
e211da31fe42475c0f1dca7a194203211ec2136b1edf176aa005a2815eb7604c
feb7cf7c0168a11d1037d1b9101994ee5331fbd567ad0dcc067a790bb91ef8ff