urlscan.io logo urlscan.io
SecurityTrails logo

16618.cc Open in urlscan Pro
103.88.94.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://16618.cc/tie/105.html
Effective URL: https://16618.cc/tie/105.html
Submission: On July 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 103.88.94.188, located in Hong Kong and belongs to HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK. The main domain is 16618.cc.
TLS certificate: Issued by R3 on May 28th 2024. Valid for: 3 months.
This is the only time 16618.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 103.88.94.188 137547 (HGTHC-AS-...)
1 39.156.66.111 9808 (CHINAMOBI...)
4 103.172.111.250 209242 (CLOUDFLAR...)
3 103.172.111.50 209242 (CLOUDFLAR...)
1 154.86.20.65 140227 (HKCICL-AS...)
3 58.217.250.111 137702 (CHINATELE...)
23 7
10    103.88.94.188 (Hong Kong)

ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK)
16618.cc
1    39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
libs.baidu.com
4    103.172.111.250 (Singapore)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
new.new56870.com
3    103.172.111.50 (Singapore)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
7kvug.72weggw5tr.com
lj.a812232.com
1    154.86.20.65 (Hong Kong, Hong Kong)

ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK)
tg.mbuwfg.cc
3    58.217.250.111 (China)

ASN137702 (CHINATELECOM-JIANGSU-NANJING-IDC Nanjing, Jiangsu Province, P.R.China., CN)
shimg-1323450597.cos.ap-shanghai.myqcloud.com
Domain Requested by
10 16618.cc 16618.cc
4 new.new56870.com 16618.cc
new.new56870.com
3 shimg-1323450597.cos.ap-shanghai.myqcloud.com 16618.cc
2 7kvug.72weggw5tr.com new.new56870.com
1 lj.a812232.com 16618.cc
1 tg.mbuwfg.cc 7kvug.72weggw5tr.com
1 libs.baidu.com 16618.cc
0 new.linkjkm5566.com Failed 16618.cc
23 8

This site contains no links.

Subject Issuer Validity Valid
16618.cc
R3		 2024-05-28 -
2024-08-26		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
new56870.com
Cloudflare Inc ECC CA-3		 2024-02-01 -
2024-12-31		 a year crt.sh
72weggw5tr.com
E5		 2024-06-19 -
2024-09-17		 3 months crt.sh
mbuwfg.cc
R11		 2024-06-27 -
2024-09-25		 3 months crt.sh
*.cos.ap-shanghai.myqcloud.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-04-08 -
2025-05-10		 a year crt.sh
a812232.com
E5		 2024-06-19 -
2024-09-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://16618.cc/tie/105.html
Frame ID: 50CCEDDA3B4E00FADBD5CFFEEFE46A35
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

胜利果实『三肖中特』_澳门管家婆

Page URL History Show full URLs

  1. http://16618.cc/tie/105.html HTTP 307
    https://16618.cc/tie/105.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

929 kB
Transfer

1070 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://16618.cc/tie/105.html HTTP 307
    https://16618.cc/tie/105.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 105.html
16618.cc/tie/
Redirect Chain
  • http://16618.cc/tie/105.html
  • https://16618.cc/tie/105.html
16 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
1254f56174dcefaee782a85e18caccd35ef431a0a51ee529b14117fe12c6edfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 02 Jul 2024 15:25:35 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://16618.cc/tie/105.html
Non-Authoritative-Reason
HttpsUpgrades
main.css
16618.cc/templets/default/static/css/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://16618.cc/templets/default/static/css/main.css
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
dfe2bb38ddcb35783d37eeffa0bac04e8d6a63c99f88572cbed7eacd259227e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 24 Jan 2023 10:33:47 GMT
server
nginx
etag
W/"63cfb40b-a9a1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Wed, 03 Jul 2024 03:25:35 GMT
custom.css
16618.cc/templets/default/static/css/ 		467 B
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://16618.cc/templets/default/static/css/custom.css
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
ef97a74c4914af5bcea00f0a782430c55483ccab11bb64701fa3f0316007abbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:35 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 24 Jan 2023 10:33:46 GMT
server
nginx
etag
"63cfb40a-1d3"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
467
expires
Wed, 03 Jul 2024 03:25:35 GMT
jquery.min.js
libs.baidu.com/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.baidu.com/jquery/1.10.2/jquery.min.js
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9
Security Headers
Name Value
Strict-Transport-Security max-age=87600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 15:25:37 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=87600
Last-Modified
Wed, 07 Jan 2015 09:16:30 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Thu, 01 Aug 2024 15:25:37 GMT
newlogo.gif
16618.cc/templets/default/static/images/ 		109 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://16618.cc/templets/default/static/images/newlogo.gif?v=12223
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
58eebe3367a8f69d9ede65ec530e9dbbd948c8d6b6ab01d9d4af4f278567f184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 29 Jan 2023 19:30:42 GMT
server
nginx
etag
W/"63d6c962-1b549"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000
expires
Thu, 01 Aug 2024 15:25:35 GMT
001.js
16618.cc/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://16618.cc/js/001.js
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:35 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html
002.js
16618.cc/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://16618.cc/js/002.js
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html
003.js
16618.cc/templets/default/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://16618.cc/templets/default/static/js/003.js
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html
004.js
16618.cc/templets/default/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://16618.cc/templets/default/static/js/004.js
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html
ljwtc.js
new.new56870.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://new.new56870.com/ljwtc.js?v=1719933937551
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.172.111.250 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
85788060b0fcac78b38a59bd72bc847b612cd53c66c99d64c0dffe8fd7afd7bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 27 Jun 2024 07:17:13 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
etag
W/"667d11f9-141b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
cf-ray
89cfa64cacbd4528-TXL
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Jul 2024 03:25:39 GMT
bgtb1.png
16618.cc/images/ 		33 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://16618.cc/images/bgtb1.png
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
2c4ac470f71d6325662bbbef82b7dad247ab4554e68475050ac0c5b581a38cae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 24 Nov 2022 15:39:33 GMT
server
nginx
etag
W/"637f9035-8433"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
expires
Thu, 01 Aug 2024 15:25:37 GMT
allsitewx.js
7kvug.72weggw5tr.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7kvug.72weggw5tr.com/allsitewx.js?v=1719933939123
Requested by
Host: new.new56870.com
URL: https://new.new56870.com/ljwtc.js?v=1719933937551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.172.111.50 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca61c5d3f28af28fb6cb03953bd100350bdc90084af4badbcca7395c3d46dc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 27 Jun 2024 07:22:41 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
W/"667d1341-2752"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
cf-ray
89cfa655bb01453a-TXL
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Jul 2024 03:25:40 GMT
newtc.js
7kvug.72weggw5tr.com/ 		28 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://7kvug.72weggw5tr.com/newtc.js?v=1719933939123
Requested by
Host: new.new56870.com
URL: https://new.new56870.com/ljwtc.js?v=1719933937551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.172.111.50 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c5cf15a4d859eac452494ec4b9d607e87c5b2d4a543b2492a6bdf7500e9f58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2024 04:25:25 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
W/"66822fb5-7056"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
cf-ray
89cfa655baf9453a-TXL
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Jul 2024 03:25:40 GMT
new.js
new.new56870.com/newgg/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://new.new56870.com/newgg/new.js?v=1719933939123
Requested by
Host: new.new56870.com
URL: https://new.new56870.com/ljwtc.js?v=1719933937551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.172.111.250 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f093f535f518c377046abacc33477671e09eec983821a08945b731927b99137b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2024 04:30:40 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
etag
W/"668230f0-1670"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
cf-ray
89cfa6509ec34528-TXL
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Jul 2024 03:25:39 GMT
danye_get
tg.mbuwfg.cc/api/ 		117 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tg.mbuwfg.cc/api/danye_get?id=25
Requested by
Host: 7kvug.72weggw5tr.com
URL: https://7kvug.72weggw5tr.com/allsitewx.js?v=1719933939123
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.86.20.65 Hong Kong, Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4b49bf0a5bfc9c80b441e587805ad4e4f856cce97f543b1f3519c6038f504906

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 02 Jul 2024 15:25:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
fwx.png
shimg-1323450597.cos.ap-shanghai.myqcloud.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shimg-1323450597.cos.ap-shanghai.myqcloud.com/fwx.png
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
58.217.250.111 , China, ASN137702 (CHINATELECOM-JIANGSU-NANJING-IDC Nanjing, Jiangsu Province, P.R.China., CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
31b4f7a654c0ee0b35bdc002d566914c31f3221880f8c56fbf740a32d6846422

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 15:25:44 GMT
x-cos-hash-crc64ecma
9652000530495488962
Last-Modified
Fri, 01 Mar 2024 06:16:56 GMT
Server
tencent-cos
ETag
"81640f529aed56e222c5f5c03e4dc171"
Content-Type
image/png
x-cos-request-id
NjY4NDFiZjhfYjk3N2IyMDlfMTQ0MjBfNDIxMDRlOA==
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
2820
addfff.png
shimg-1323450597.cos.ap-shanghai.myqcloud.com/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shimg-1323450597.cos.ap-shanghai.myqcloud.com/addfff.png
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
58.217.250.111 , China, ASN137702 (CHINATELECOM-JIANGSU-NANJING-IDC Nanjing, Jiangsu Province, P.R.China., CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
9b07ab24682f7960e9b3f9601dedec0a431ddfa1f0519a9e90fa8c569fd8976d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 15:25:45 GMT
x-cos-hash-crc64ecma
13913388651830812460
Last-Modified
Tue, 02 Apr 2024 13:23:51 GMT
Server
tencent-cos
ETag
"5af6c2e1ac68b80e39714fb9696c5c59"
Content-Type
image/png
x-cos-request-id
NjY4NDFiZjlfYjk3N2IyMDlfMTQ0NTFfNDIxYWFiNA==
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
54339
gb.png
shimg-1323450597.cos.ap-shanghai.myqcloud.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shimg-1323450597.cos.ap-shanghai.myqcloud.com/gb.png
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
58.217.250.111 , China, ASN137702 (CHINATELECOM-JIANGSU-NANJING-IDC Nanjing, Jiangsu Province, P.R.China., CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
735b2da343b8081a8b85b8b8e5be573aa88869e3a40ae65ce8b5c29d8d9f2ce8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 15:25:44 GMT
x-cos-hash-crc64ecma
14618180754392708357
Last-Modified
Fri, 01 Mar 2024 06:16:57 GMT
Server
tencent-cos
ETag
"1dda4209c5682da9ef8fa1c3f9dc8d0f"
Content-Type
image/png
x-cos-request-id
NjY4NDFiZjhfYjk3N2IyMDlfMTQ0N2NfNDIwZDk2Yg==
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
2440
js0511.gif
new.new56870.com/img/ 		529 KB
530 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://new.new56870.com/img/js0511.gif?123
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.172.111.250 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73bbb3c9d684e5114c6e8a606c60f798cd2271b1110ef9ddc43441ef292044d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sat, 11 May 2024 10:10:13 GMT
server
cloudflare
age
692122
cf-polished
origSize=555914, status=webp_bigger
etag
"663f4405-87b8a"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=2592000
cf-ray
89cfa65799ac4510-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 15:25:40 GMT
wns1125.gif
new.new56870.com/img/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://new.new56870.com/img/wns1125.gif
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.172.111.250 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e51a2dc06d4ff10053b44e8214afa978893a7bde9b7f0c12ab0447850a25a3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sat, 25 Nov 2023 08:15:21 GMT
server
cloudflare
age
684674
cf-polished
origSize=138715, status=webp_bigger
etag
"6561ad19-21ddb"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=2592000
cf-ray
89cfa657a9c74510-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 15:25:40 GMT
newcentermchl.js
new.linkjkm5566.com/0108newhl/ 		0
0
tzbj.png
lj.a812232.com/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lj.a812232.com/img/tzbj.png
Requested by
Host: 16618.cc
URL: https://16618.cc/tie/105.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.172.111.50 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37e12eec8bbdcfc4ca8debc2103765b7c51eb550f569c90faa305cc88cd97fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://16618.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sun, 07 Apr 2024 11:46:28 GMT
server
cloudflare
age
530687
etag
"66128794-19a7"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
cf-ray
89cfa65c9e765902-TXL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Aug 2024 15:25:41 GMT
favicon.ico
16618.cc/ 		548 B
257 B 		Other
General
Check archive.org
Download Go to
Full URL
https://16618.cc/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.88.94.188 , Hong Kong, ASN137547 (HGTHC-AS-AP HK GALAXY TELECOM HOLDING CO.,LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:25:46 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
new.linkjkm5566.com
URL
https://new.linkjkm5566.com/0108newhl/newcentermchl.js?v=1719933940385

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| getLocation function| ajax function| createxmlHttpRequest function| convertData object| ids number| ids_index string| dbtpid string| newaddkf object| timelist number| site_type object| b object| e object| n number| type object| gettimelist string| ggtsstr function| footertz function| godz function| gofh function| gocly function| csjtz function| golc function| gojs function| closePop number| max number| __tcindex function| showOrHide function| tc_next function| tc_up function| newclytz function| wbwcptz function| fhcptz function| dzcptz function| ylqtz function| dzcpck function| tukutz function| wnstz function| vvvtz function| lgtz function| dbtzdzcp function| clytz function| lctz function| jstz string| tpgg1

3 Cookies

Domain/Path Name / Value
.baidu.com/ Name: BAIDUID_BFESS
Value: F8273408F206AD119A0602AEC92BD055:FG=1
.7kvug.72weggw5tr.com/ Name: __cf_bm
Value: AsOIXxVYFDohxU3EljtxQRGBJ6E8aiORHDzkkz.kYFc-1719933940-1.0.1.1-9M2CMwi7cQZuiu8qFqRU8zjI6NxeHLbgFuCdN.29dkIWByn3BlM5OOvfM8VYxd2h20VpFZeCvyum_G.n2nGyFQ
.lj.a812232.com/ Name: __cf_bm
Value: YQ4DPHgdZVXHYg_NdVaIYz_Gdo.zSq2snPVF6EXxHfA-1719933941-1.0.1.1-Iw3XRm_XMqxL2TfOfOnEfAPo4TS0IFUOSh.LO8QJuIPgtXBbnghwUFgvQe02.TCeo.mG0hTnY99sPcrhp39P_w

13 Console Messages

Source Level URL
Text
network error URL: https://16618.cc/js/001.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://16618.cc/js/002.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://16618.cc/templets/default/static/js/003.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://16618.cc/templets/default/static/js/004.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://16618.cc/tie/105.html(Line 60)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://new.new56870.com/ljwtc.js?v=1719933937551, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://16618.cc/tie/105.html(Line 60)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://new.new56870.com/ljwtc.js?v=1719933937551, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://new.new56870.com/ljwtc.js?v=1719933937551(Line 110)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://7kvug.72weggw5tr.com/allsitewx.js?v=1719933939123, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://new.new56870.com/ljwtc.js?v=1719933937551(Line 110)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://7kvug.72weggw5tr.com/allsitewx.js?v=1719933939123, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://new.new56870.com/ljwtc.js?v=1719933937551(Line 116)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://7kvug.72weggw5tr.com/newtc.js?v=1719933939123, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://new.new56870.com/ljwtc.js?v=1719933937551(Line 154)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://new.new56870.com/newgg/new.js?v=1719933939123, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://16618.cc/tie/105.html(Line 151)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://new.linkjkm5566.com/0108newhl/newcentermchl.js?v=1719933940385, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://16618.cc/tie/105.html(Line 151)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://new.linkjkm5566.com/0108newhl/newcentermchl.js?v=1719933940385, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://16618.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16618.cc
7kvug.72weggw5tr.com
libs.baidu.com
lj.a812232.com
new.linkjkm5566.com
new.new56870.com
shimg-1323450597.cos.ap-shanghai.myqcloud.com
tg.mbuwfg.cc
new.linkjkm5566.com
103.172.111.250
103.172.111.50
103.88.94.188
154.86.20.65
39.156.66.111
58.217.250.111
1254f56174dcefaee782a85e18caccd35ef431a0a51ee529b14117fe12c6edfe
2c4ac470f71d6325662bbbef82b7dad247ab4554e68475050ac0c5b581a38cae
31b4f7a654c0ee0b35bdc002d566914c31f3221880f8c56fbf740a32d6846422
4b49bf0a5bfc9c80b441e587805ad4e4f856cce97f543b1f3519c6038f504906
56c5cf15a4d859eac452494ec4b9d607e87c5b2d4a543b2492a6bdf7500e9f58
58eebe3367a8f69d9ede65ec530e9dbbd948c8d6b6ab01d9d4af4f278567f184
735b2da343b8081a8b85b8b8e5be573aa88869e3a40ae65ce8b5c29d8d9f2ce8
85788060b0fcac78b38a59bd72bc847b612cd53c66c99d64c0dffe8fd7afd7bc
9b07ab24682f7960e9b3f9601dedec0a431ddfa1f0519a9e90fa8c569fd8976d
9ca61c5d3f28af28fb6cb03953bd100350bdc90084af4badbcca7395c3d46dc1
c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9
c37e12eec8bbdcfc4ca8debc2103765b7c51eb550f569c90faa305cc88cd97fb
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dfe2bb38ddcb35783d37eeffa0bac04e8d6a63c99f88572cbed7eacd259227e9
e2e51a2dc06d4ff10053b44e8214afa978893a7bde9b7f0c12ab0447850a25a3
ef97a74c4914af5bcea00f0a782430c55483ccab11bb64701fa3f0316007abbd
f093f535f518c377046abacc33477671e09eec983821a08945b731927b99137b
f73bbb3c9d684e5114c6e8a606c60f798cd2271b1110ef9ddc43441ef292044d