urlscan.io logo urlscan.io
SecurityTrails logo

rfzthcp.xyz Open in urlscan Pro
45.61.141.11  Public Scan

Go To Rescan Add Verdict Report
URL: http://rfzthcp.xyz/
Submission: On April 25 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 30 HTTP transactions. The main IP is 45.61.141.11, located in Cheyenne, United States and belongs to ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US. The main domain is rfzthcp.xyz.
This is the only time rfzthcp.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 45.61.141.11 8100 (ASN-QUADR...)
6 43.224.29.253 136209 (BN-AS-KR ...)
1 66.254.187.38 22552 (ESITED)
1 220.242.140.187 54994 (QUANTILNE...)
8 43.249.30.70 133115 (HKKFGL-AS...)
1 103.47.209.250 63930 (READYSERV...)
30 7
7    45.61.141.11 (Cheyenne, United States)

ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US)
rfzthcp.xyz
6    43.224.29.253 (Hong Kong)

ASN136209 (BN-AS-KR Korea Fast Networks, KR)
www.fhxiaoshuo.com
1    66.254.187.38 (Los Angeles, United States)

ASN22552 (ESITED - eSited Solutions, US)
www.sqsxs.com
1    220.242.140.187 (Beijing, China)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
js.users.51.la
8    43.249.30.70 (Kwai Chung, Hong Kong)

ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK)
0516bm.com
1    103.47.209.250 (Singapore, Singapore)

ASN63930 (READYSERVER-SG READY SERVER PTE LTD, SG)
PTR: 103-47-209-250.ip4.readyserver.sg
www.lwxs998.com
Domain Requested by
8 0516bm.com rfzthcp.xyz
0516bm.com
7 rfzthcp.xyz rfzthcp.xyz
6 www.fhxiaoshuo.com rfzthcp.xyz
1 www.lwxs998.com 0516bm.com
1 js.users.51.la rfzthcp.xyz
1 www.sqsxs.com rfzthcp.xyz
0 ia.51.la Failed rfzthcp.xyz
0 push.zhanzhang.baidu.com Failed rfzthcp.xyz
30 8

This site contains links to these domains. Also see Links.

Domain
www.51.la
www.jcppqe.xyz
Subject Issuer Validity Valid
www.fhxiaoshuo.com
TrustAsia TLS ECC CA		 2018-11-23 -
2019-11-23		 a year crt.sh
*.sqsxs.com
TrustAsia TLS RSA CA		 2018-10-31 -
2019-10-31		 a year crt.sh
*.users.51.la
GlobalSign Domain Validation CA - SHA256 - G2		 2018-01-15 -
2021-03-19		 3 years crt.sh

This page contains 2 frames:

Primary Page: http://rfzthcp.xyz/
Frame ID: 7568F76971D3D6F009C6EAF8ADDA5FF8
Requests: 29 HTTP requests in this frame

Frame: http://www.lwxs998.com/ttz.html
Frame ID: 58517362D06137E502B43FAE67A43F6E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /zepto.*\.js/i
  • env /^Zepto$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

30
Requests

27 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

292 kB
Transfer

442 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rfzthcp.xyz/ 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rfzthcp.xyz/
Protocol
HTTP/1.1
Server
45.61.141.11 Cheyenne, United States, ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US),
Reverse DNS
Software
nginx / PHP/7.0.19
Resource Hash
5204a21e374fc4e48419a49ad254d20491d3d543fe45d9f964b481a527078a02

Request headers

Host
rfzthcp.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Thu, 25 Apr 2019 14:46:01 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.19
Content-Encoding
gzip
mobile.css
rfzthcp.xyz/static/index/55xs/css/ 		47 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://rfzthcp.xyz/static/index/55xs/css/mobile.css
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Server
45.61.141.11 Cheyenne, United States, ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
0d3bf49352c855a12feb0db8c30a1f36d07308e6611b0d0319d7ab9fa9f0e340

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rfzthcp.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://rfzthcp.xyz/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:46:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 03:08:46 GMT
Server
nginx
ETag
W/"5aa1fabe-bdab"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 26 Apr 2019 02:46:01 GMT
zepto.min.js
rfzthcp.xyz/static/index/55xs/js/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rfzthcp.xyz/static/index/55xs/js/zepto.min.js
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Server
45.61.141.11 Cheyenne, United States, ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b0599c63fbf734e8ed0c5d1c51c249be6a597106713f76d6579b606776bd4bd3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rfzthcp.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://rfzthcp.xyz/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:46:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 06:05:08 GMT
Server
nginx
ETag
W/"5aa22414-82cd"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 26 Apr 2019 02:46:01 GMT
gle.js
rfzthcp.xyz/static/index/55xs/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rfzthcp.xyz/static/index/55xs/js/gle.js
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Server
45.61.141.11 Cheyenne, United States, ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
cc3bd2f7fd50a75244c84e0f61f2afe0ad4d3e39af1a72cd392d60bd45a1f341

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rfzthcp.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://rfzthcp.xyz/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:46:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 06:05:06 GMT
Server
nginx
ETag
W/"5aa22412-115f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 26 Apr 2019 02:46:01 GMT
147849s.jpg
www.fhxiaoshuo.com/files/article/image/147/147849/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fhxiaoshuo.com/files/article/image/147/147849/147849s.jpg
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.224.29.253 , Hong Kong, ASN136209 (BN-AS-KR Korea Fast Networks, KR),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
f631bd24cedf471b8be511951b556b189649a74382d63eefe2f040621291d3f2

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 20 Nov 2018 18:45:01 GMT
Last-Modified
Tue, 25 Sep 2018 04:09:30 GMT
Server
Microsoft-IIS/7.5
ETag
"c368a68e8554d41:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50464
X-Via
1.1 localhost.localdomain (random:743825 Fikker/Webcache/3.7.7)
148860s.jpg
www.fhxiaoshuo.com/files/article/image/148/148860/ 		0
0
nocover.jpg
www.fhxiaoshuo.com/modules/article/images/ 		0
0
130753s.jpg
www.fhxiaoshuo.com/files/article/image/130/130753/ 		0
0
139427s.jpg
www.fhxiaoshuo.com/files/article/image/139/139427/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fhxiaoshuo.com/files/article/image/139/139427/139427s.jpg
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.224.29.253 , Hong Kong, ASN136209 (BN-AS-KR Korea Fast Networks, KR),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
6a0171078eac5df4f3a6e0dea13174331965894ceb10960cbb645d1a960c7aca

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:16:42 GMT
Last-Modified
Fri, 20 Jul 2018 07:58:21 GMT
Server
Microsoft-IIS/7.5
ETag
"cca8786dff1fd41:0"
X-Via
1.1 localhost.localdomain (random:743825 Fikker/Webcache/3.7.7)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
8209
107517s.jpg
www.fhxiaoshuo.com/files/article/image/107/107517/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fhxiaoshuo.com/files/article/image/107/107517/107517s.jpg
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.224.29.253 , Hong Kong, ASN136209 (BN-AS-KR Korea Fast Networks, KR),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
57e910336ddbfe1e12c47a34f3cb7b83113dcbf54ad6ee6d490a3502b9dbc74d

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:16:50 GMT
Last-Modified
Wed, 04 Apr 2018 07:39:54 GMT
Server
Microsoft-IIS/7.5
ETag
"3f96551fe8cbd31:0"
X-Via
1.1 localhost.localdomain (random:743825 Fikker/Webcache/3.7.7)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
14797
142968s.jpg
www.fhxiaoshuo.com/files/article/image/142/142968/ 		0
0
93973s.jpg
www.sqsxs.com/files/article/image/93/93973/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sqsxs.com/files/article/image/93/93973/93973s.jpg
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.187.38 Los Angeles, United States, ASN22552 (ESITED - eSited Solutions, US),
Reverse DNS
Software
nginx /
Resource Hash
99020a30fc6da5183918f99886c114ba7bce83fe65a80e9003d830f32dfcfffe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:46:04 GMT
Last-Modified
Mon, 01 Jan 2018 23:58:15 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38844
Expires
Thu, 25 Apr 2019 15:46:04 GMT
120918s.jpg
www.fhxiaoshuo.com/files/article/image/120/120918/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fhxiaoshuo.com/files/article/image/120/120918/120918s.jpg
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.224.29.253 , Hong Kong, ASN136209 (BN-AS-KR Korea Fast Networks, KR),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
7b784ba71ff65fb9a5d42492942d50f25b7f9cec1623d242053850319c1b9899

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:17:31 GMT
Last-Modified
Fri, 30 Mar 2018 23:58:38 GMT
Server
Microsoft-IIS/7.5
ETag
"4ef791583c8d31:0"
X-Via
1.1 localhost.localdomain (random:743825 Fikker/Webcache/3.7.7)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
7195
159654s.jpg
www.fhxiaoshuo.com/files/article/image/159/159654/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fhxiaoshuo.com/files/article/image/159/159654/159654s.jpg
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.224.29.253 , Hong Kong, ASN136209 (BN-AS-KR Korea Fast Networks, KR),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
ea5e27a703fae4d9c7fe434ca0ae609cf5b801b852f9fcefce47acd081c2f136

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 25 Nov 2018 12:07:58 GMT
Last-Modified
Sun, 25 Nov 2018 12:03:36 GMT
Server
Microsoft-IIS/7.5
ETag
"1cb2ebe4b684d41:0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44589
X-Via
1.1 localhost.localdomain (random:743825 Fikker/Webcache/3.7.7)
119853s.jpg
www.fhxiaoshuo.com/files/article/image/119/119853/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fhxiaoshuo.com/files/article/image/119/119853/119853s.jpg
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
43.224.29.253 , Hong Kong, ASN136209 (BN-AS-KR Korea Fast Networks, KR),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
2313e3c6dc1138e37fdf4d5af3aacd58646e705af863203f86b7f41979dd2ca5

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:24:50 GMT
Last-Modified
Fri, 30 Mar 2018 18:23:44 GMT
Server
Microsoft-IIS/7.5
ETag
"a4186a3c54c8d31:0"
X-Via
1.1 localhost.localdomain (random:743825 Fikker/Webcache/3.7.7)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
18457
tj.js
rfzthcp.xyz/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rfzthcp.xyz/tj.js
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Server
45.61.141.11 Cheyenne, United States, ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
25bdedb94af9c9ba2b03b69eab6e525da2c5aa5992fc268170f293bb9898ce21

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rfzthcp.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://rfzthcp.xyz/
Cookie
zhVisitTime=1556203561829; zhUserType=0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:46:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Feb 2019 03:37:19 GMT
Server
nginx
ETag
W/"5c6a286f-520"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 26 Apr 2019 02:46:02 GMT
pics.png
rfzthcp.xyz/h5/images/ 		564 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rfzthcp.xyz/h5/images/pics.png
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Server
45.61.141.11 Cheyenne, United States, ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rfzthcp.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://rfzthcp.xyz/static/index/55xs/css/mobile.css
Cookie
zhVisitTime=1556203561829; zhUserType=0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rfzthcp.xyz/static/index/55xs/css/mobile.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:46:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
564
Content-Type
text/html
push.js
push.zhanzhang.baidu.com/ 		0
0
19812343.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/19812343.js
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.242.140.187 Beijing, China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
8fe1c1b7d89dbeb2ce17c47fd2d774b5bfd5e4af682888ed887b961f153aed6e

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id
19812343
Date
Thu, 25 Apr 2019 14:46:08 GMT
Content-Encoding
gzip
Age
22453
Transfer-Encoding
chunked
X-Via
1.1 PShlamstdAMS1mp121:1 (Cdn Cache Server V2.0)[11 200 0], 1.1 PSfgblPAR1vw78:6 (Cdn Cache Server V2.0)[2 200 0]
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
request-id
00000169C48A971B9014A1ACA42986DB
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSrrIbze3PgXCuV5Rau1bxYn2V9kqRko
Last-Modified
Sat Dec 22 11:48:44 CST 2018
Server
nginx/1.14.0
ETag
"526235e844a4e1f9b66b650af53eb001"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
version-id
G0011167D4078F19FFFF904B075221C6
p.js
0516bm.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://0516bm.com/js/p.js
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/tj.js
Protocol
HTTP/1.1
Server
43.249.30.70 Kwai Chung, Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash
bbcbd9f85f5edf531e9f796bc4e9024be919909208a7d4c381a13ccce626eb10

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 25 Apr 2019 14:44:37 GMT
ETag
"b7f91eb523eed41:0"
Last-Modified
Mon, 08 Apr 2019 15:57:03 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1419
noimg.jpg
rfzthcp.xyz/static/index/xs2016/css/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rfzthcp.xyz/static/index/xs2016/css/noimg.jpg
Requested by
Host: rfzthcp.xyz
URL: http://rfzthcp.xyz/
Protocol
HTTP/1.1
Server
45.61.141.11 Cheyenne, United States, ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
97ac8e3f2ffc73524ed985f6d1f0b88608d28a166d746dad169a1ed8fba478a6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rfzthcp.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://rfzthcp.xyz/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:46:03 GMT
Last-Modified
Thu, 08 Mar 2018 12:28:36 GMT
Server
nginx
ETag
"5aa12c74-2a02"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10754
Expires
Sat, 25 May 2019 14:46:03 GMT
go1
ia.51.la/ 		0
0
1.js
0516bm.com/js/ 		183 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
http://0516bm.com/js/1.js
Requested by
Host: 0516bm.com
URL: http://0516bm.com/js/p.js
Protocol
HTTP/1.1
Server
43.249.30.70 Kwai Chung, Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash
4ef3a938006ad5fe3de00e07efbb7b24b42b9f04349c6d3391ca90ad98c903c9

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 25 Apr 2019 14:44:41 GMT
ETag
"dc1b9ba4237cc1:0"
Last-Modified
Thu, 30 Jun 2011 08:49:37 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
183
tt.js
0516bm.com/js/ 		764 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://0516bm.com/js/tt.js
Requested by
Host: 0516bm.com
URL: http://0516bm.com/js/p.js
Protocol
HTTP/1.1
Server
43.249.30.70 Kwai Chung, Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash
2cf3d973a9d7ef62d4c51bc91d71a1a81093bb4de04c37fdf0be4041e8a384bf

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 25 Apr 2019 14:44:41 GMT
ETag
"61103aa159e8d41:0"
Last-Modified
Mon, 01 Apr 2019 07:07:55 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
764
jquery-1.8.3.min.js
0516bm.com/1986/layer/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://0516bm.com/1986/layer/jquery-1.8.3.min.js
Requested by
Host: 0516bm.com
URL: http://0516bm.com/js/1.js
Protocol
HTTP/1.1
Server
43.249.30.70 Kwai Chung, Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 25 Apr 2019 14:44:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2016 00:56:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
ETag
"0c46daaeae2d11:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
33504
layer.js
0516bm.com/1986/layer/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://0516bm.com/1986/layer/layer.js
Requested by
Host: 0516bm.com
URL: http://0516bm.com/js/1.js
Protocol
HTTP/1.1
Server
43.249.30.70 Kwai Chung, Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash
1b5492e55ddb5727589c8ad293053d82bd645e7f4eae885fa8f6dce9f0d59091

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 25 Apr 2019 14:44:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2016 00:56:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
ETag
"0c46daaeae2d11:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
6945
layer.css
0516bm.com/1986/layer/skin/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://0516bm.com/1986/layer/skin/layer.css
Requested by
Host: 0516bm.com
URL: http://0516bm.com/1986/layer/layer.js
Protocol
HTTP/1.1
Server
43.249.30.70 Kwai Chung, Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash
bb185384caa5399b7dcc8e0070cdfaf176ececdaef7767d7c176ea9cc3c960ea

Request headers

Referer
http://rfzthcp.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:44:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Jul 2016 00:56:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
ETag
"0c46daaeae2d11:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2830
ttz.html
www.lwxs998.com/ Frame 5851 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.lwxs998.com/ttz.html
Requested by
Host: 0516bm.com
URL: http://0516bm.com/1986/layer/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Server
103.47.209.250 Singapore, Singapore, ASN63930 (READYSERVER-SG READY SERVER PTE LTD, SG),
Reverse DNS
103-47-209-250.ip4.readyserver.sg
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host
www.lwxs998.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://rfzthcp.xyz/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://rfzthcp.xyz/

Response headers

Content-Type
text/html
Last-Modified
Mon, 01 Apr 2019 07:16:49 GMT
Accept-Ranges
bytes
ETag
"c34ca2df5ae8d41:0"
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Thu, 25 Apr 2019 14:46:09 GMT
Content-Length
736
loading-0.gif
0516bm.com/1986/layer/skin/default/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://0516bm.com/1986/layer/skin/default/loading-0.gif
Requested by
Host: 0516bm.com
URL: http://0516bm.com/1986/layer/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Server
43.249.30.70 Kwai Chung, Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash
07236f6814a40623bab43f2043860c97678bc7deedbf06feff92f0d6e6673bf5

Request headers

Referer
http://0516bm.com/1986/layer/skin/layer.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:44:43 GMT
ETag
"0c46daaeae2d11:0"
Last-Modified
Thu, 21 Jul 2016 00:56:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
5793
icon.png
0516bm.com/1986/layer/skin/default/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://0516bm.com/1986/layer/skin/default/icon.png
Requested by
Host: 0516bm.com
URL: http://0516bm.com/1986/layer/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Server
43.249.30.70 Kwai Chung, Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash
99942159547fc45a02ddeb5af9570b6c870b18c36f83fd53ccb7c0644d346c89

Request headers

Referer
http://0516bm.com/1986/layer/skin/layer.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 25 Apr 2019 14:44:43 GMT
ETag
"0c46daaeae2d11:0"
Last-Modified
Thu, 21 Jul 2016 00:56:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11493

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.fhxiaoshuo.com
URL
https://www.fhxiaoshuo.com/files/article/image/148/148860/148860s.jpg
Domain
www.fhxiaoshuo.com
URL
https://www.fhxiaoshuo.com/modules/article/images/nocover.jpg
Domain
www.fhxiaoshuo.com
URL
https://www.fhxiaoshuo.com/files/article/image/130/130753/130753s.jpg
Domain
www.fhxiaoshuo.com
URL
https://www.fhxiaoshuo.com/files/article/image/142/142968/142968s.jpg
Domain
push.zhanzhang.baidu.com
URL
http://push.zhanzhang.baidu.com/push.js
Domain
ia.51.la
URL
http://ia.51.la/go1?id=19812343&rt=1556203568583&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25AE%259D%25E8%25B4%259D%25E4%25BD%25A0%25E7%259A%2584%25E5%25A5%25BD%25E5%25B0%258F%25E5%25A5%25BD%25E7%25B4%25A7%25E4%25B8%25BA%25E6%2582%25A8%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2589%25E5%2585%25B3%25E4%25BA%258E%25E5%25AE%259D%25E8%25B4%259D%25E4%25BD%25A0%25E7%259A%2584%25E5%25A5%25BD%25E5%25B0%258F%25E5%25A5%25BD%25E7%25B4%25A7%252C%25E5%2597%25AF%25E8%2580%2581%25E5%25B8%2588%25E7%259A%2584%25E6%25B0%25B4%25E5%25A5%25BD&ing=1&ekc=&sid=1556203568583&tt=%25E5%25AE%259D%25E8%25B4%259D%25E4%25BD%25A0%25E7%259A%2584%25E5%25A5%25BD%25E5%25B0%258F%25E5%25A5%25BD%25E7%25B4%25A7%252C%25E5%2597%25AF%25E8%2580%2581%25E5%25B8%2588%25E7%259A%2584%25E6%25B0%25B4%25E5%25A5%25BD%25E5%25A4%259A%252C%25E4%25B8%25A4%25E4%25B8%25AA%25E6%25B4%259E%25E4%25B8%2580%25E8%25B5%25B7%25E8%25BF%259B%25E5%25A5%25BD%25E5%2588%25BA%25E6%25BF%2580-%25E5%25AE%259D%25E8%25B4%259D%25E4%25BD%25A0%25E7%259A%2584%25E5%25A5%25BD%25E5%25B0%258F%25E5%25A5%25BD%25E7%25B4%25A7%25E7%25BD%2591&kw=%25E5%25AE%259D%25E8%25B4%259D%25E4%25BD%25A0%25E7%259A%2584%25E5%25A5%25BD%25E5%25B0%258F%25E5%25A5%25BD%25E7%25B4%25A7%252C%25E5%2597%25AF%25E8%2580%2581%25E5%25B8%2588%25E7%259A%2584%25E6%25B0%25B4%25E5%25A5%25BD%25E5%25A4%259A%252C%25E4%25B8%25A4%25E4%25B8%25AA%25E6%25B4%259E%25E4%25B8%2580%25E8%25B5%25B7%25E8%25BF%259B%25E5%25A5%25BD%25E5%2588%25BA%25E6%25BF%2580%252C%25E9%2598%25BF%25E5%25A7%25A8%25E6%2591%25B8%25E4%25BD%258F%25E4%25BA%2586%25E6%2588%2591%25E7%259A%2584%25E5%25A4%25A7j%252C%25E5%2597%25AF%25E5%2597%25AF%25E4%25B8%258D%25E8%25A6%2581%25E5%258E%258B%25E5%259C%25A8%25E8%25AE%25B2%25E5%258F%25B0%25E5%2597%25AF%25E5%2595%258A%252C%25E5%25AE%259D%25E8%25B4%259D%25E4%25BD%25A0%25E7%259A%2584%25E5%25A5%25BD%25E5%25B0%258F%25E5%25A5%25BD%25E7%25B4%25A7%25E7%25BD%2591&cu=http%253A%252F%252Frfzthcp.xyz%252F&pu=

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| Zepto object| Base64 string| mDomainName string| mStatic string| loadingItem function| noItemCon string| noMoreItem string| errorItem function| imgload function| goBook function| goReader function| zh_mini_pop function| zh_cfm_pop function| setCk function| getCk number| isLogin object| userId function| postStat function| $ string| _keyStr function| _utf8_encode function| _utf8_decode function| xia_b function| xia_d function| xia_x function| xia_dx string| id string| e function| setCookie function| jQuery object| layer number| imh function| atimg

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0516bm.com
ia.51.la
js.users.51.la
push.zhanzhang.baidu.com
rfzthcp.xyz
www.fhxiaoshuo.com
www.lwxs998.com
www.sqsxs.com
ia.51.la
push.zhanzhang.baidu.com
www.fhxiaoshuo.com
103.47.209.250
220.242.140.187
43.224.29.253
43.249.30.70
45.61.141.11
66.254.187.38
07236f6814a40623bab43f2043860c97678bc7deedbf06feff92f0d6e6673bf5
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0d3bf49352c855a12feb0db8c30a1f36d07308e6611b0d0319d7ab9fa9f0e340
1b5492e55ddb5727589c8ad293053d82bd645e7f4eae885fa8f6dce9f0d59091
2313e3c6dc1138e37fdf4d5af3aacd58646e705af863203f86b7f41979dd2ca5
25bdedb94af9c9ba2b03b69eab6e525da2c5aa5992fc268170f293bb9898ce21
2cf3d973a9d7ef62d4c51bc91d71a1a81093bb4de04c37fdf0be4041e8a384bf
4ef3a938006ad5fe3de00e07efbb7b24b42b9f04349c6d3391ca90ad98c903c9
5204a21e374fc4e48419a49ad254d20491d3d543fe45d9f964b481a527078a02
57e910336ddbfe1e12c47a34f3cb7b83113dcbf54ad6ee6d490a3502b9dbc74d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6a0171078eac5df4f3a6e0dea13174331965894ceb10960cbb645d1a960c7aca
7b784ba71ff65fb9a5d42492942d50f25b7f9cec1623d242053850319c1b9899
8fe1c1b7d89dbeb2ce17c47fd2d774b5bfd5e4af682888ed887b961f153aed6e
97ac8e3f2ffc73524ed985f6d1f0b88608d28a166d746dad169a1ed8fba478a6
99020a30fc6da5183918f99886c114ba7bce83fe65a80e9003d830f32dfcfffe
99942159547fc45a02ddeb5af9570b6c870b18c36f83fd53ccb7c0644d346c89
b0599c63fbf734e8ed0c5d1c51c249be6a597106713f76d6579b606776bd4bd3
bb185384caa5399b7dcc8e0070cdfaf176ececdaef7767d7c176ea9cc3c960ea
bbcbd9f85f5edf531e9f796bc4e9024be919909208a7d4c381a13ccce626eb10
cc3bd2f7fd50a75244c84e0f61f2afe0ad4d3e39af1a72cd392d60bd45a1f341
ea5e27a703fae4d9c7fe434ca0ae609cf5b801b852f9fcefce47acd081c2f136
f631bd24cedf471b8be511951b556b189649a74382d63eefe2f040621291d3f2