hwt623.fun Open in urlscan Pro
2600:9000:223c:a800:18:52c:8080:93a1  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hwt623.fun/	14 KB 15 KB	628ms 477ms	Document text/html	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 6fac4c1636a7870c15cf098619f2e21c755f8313863754e152b20a502c2215c6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes cache-control no-cache content-length 14633 content-type text/html date Wed, 26 Jun 2024 00:25:13 GMT etag "667acce6-3929" expires Wed, 26 Jun 2024 00:25:12 GMT last-modified Tue, 25 Jun 2024 13:57:58 GMT server openresty server-timing cdn-upstream-layer;desc="EDGE",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=218,cdn-upstream-fbl;dur=436,cdn-cache-miss,cdn-pop;desc="FRA56-P2",cdn-rid;desc="x4aEgmOcsJhVpj0sKoHoi6Vsh_4kkEWnuzr6mXfGwLY1Klzer28jNQ==",cdn-downstream-fbl;dur=438 vary Accept-Encoding Origin via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-id x4aEgmOcsJhVpj0sKoHoi6Vsh_4kkEWnuzr6mXfGwLY1Klzer28jNQ== x-amz-cf-pop FRA56-P2 x-cache Miss from cloudfront
GET H2	200	df49e0d0da81ffa_main.js Show response hwt623.fun/assets/	129 KB 54 KB	60ms 59ms	Script application/javascript	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/df49e0d0da81ffa_main.js Requested by Host: hwt623.fun URL: https://hwt623.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash d51c64a5bf5a31c3a2ee78bab2fa000bf850393168cec99b27a3cdbfc047b434 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://hwt623.fun Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 14:11:47 GMT content-encoding gzip via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty x-amz-cf-pop FRA56-P2 age 36805 etag W/"667acce5-2052b" vary Accept-Encoding access-control-allow-methods OPTIONS, GET, HEAD, POST content-type application/javascript access-control-allow-origin * x-cache Hit from cloudfront access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id bOlDqWDgBUcAho9yXHvC7Tq8mxswZ9xYSlbryJLzqKLNVfNQY0bSNQ==
GET H2	200	e20e731c6c6a72b_preload-helper.js Show response hwt623.fun/assets/	110 KB 43 KB	107ms 107ms	Script application/javascript	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/e20e731c6c6a72b_preload-helper.js Requested by Host: hwt623.fun URL: https://hwt623.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash e999a9ae3f7c47d10d1c6921b2e7bccdebd14fdd24f53ef56d44a1baab181995 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://hwt623.fun Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 14:11:47 GMT content-encoding gzip via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty x-amz-cf-pop FRA56-P2 age 36805 etag W/"667acce5-1b7e2" vary Accept-Encoding access-control-allow-methods OPTIONS, GET, HEAD, POST content-type application/javascript access-control-allow-origin * x-cache Hit from cloudfront access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id fBIZvr2p15kTukYsDITcDOB3CBYt8XhoQEzARlps83Iuy4c1XmUH8A==
GET H2	200	a18a3e41c4c886a_main.css hwt623.fun/assets/	43 KB 15 KB	51ms 51ms	Stylesheet text/css	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/a18a3e41c4c886a_main.css Requested by Host: hwt623.fun URL: https://hwt623.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash b7b4bf59b9048ea10e60fbdb6ddfab407a057915ea8ee5caa844c47afabca3eb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://hwt623.fun Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 14:11:47 GMT content-encoding gzip via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty x-amz-cf-pop FRA56-P2 age 36806 etag W/"667acce5-add4" vary Accept-Encoding access-control-allow-methods OPTIONS, GET, HEAD, POST content-type text/css access-control-allow-origin * x-cache Hit from cloudfront access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id aWlJmEqBNtnOVmHRcshGjQ_LRAvMgeT8r_1tyLFiZORTqj_J6DXprA==
OPTIONS H2	204	landing-page api.ktlandapi.com/	0 0	783ms 254ms	Preflight	13.248.252.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ktlandapi.com/landing-page Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.248.252.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS abde968dc3fa5d583.awsglobalaccelerator.com Software openresty / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://hwt623.fun Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization access-control-allow-methods POST, PUT, GET, OPTIONS access-control-allow-origin * access-control-max-age 600 date Wed, 26 Jun 2024 00:25:14 GMT server openresty
OPTIONS H2	204	statistics api.ktchanapi.com/channel/	0 0	786ms 255ms	Preflight	15.197.169.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ktchanapi.com/channel/statistics Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.197.169.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a37a2919b7c2fd481.awsglobalaccelerator.com Software openresty / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://hwt623.fun Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization access-control-allow-methods POST, PUT, GET, OPTIONS access-control-allow-origin * access-control-max-age 600 date Wed, 26 Jun 2024 00:25:14 GMT server openresty
POST H2	200	landing-page Show response api.ktlandapi.com/	1 KB 2 KB	294ms 294ms	Fetch application/json	13.248.252.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ktlandapi.com/landing-page Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.248.252.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS abde968dc3fa5d583.awsglobalaccelerator.com Software openresty / Resource Hash 94d35549c647c19e37ac7175645156c3cf9bc0f56235a86202d170fe9ba44958 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer 6sHdXgiC8FFKkfAyR4EMrlyAMuV0DBG4itzeMglyFHponGYXFwl7tf31BPB4TwMX User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Referer sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 26 Jun 2024 00:25:15 GMT server openresty vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8
GET H2	200	openinstall.js Show response web.cdn.openinstall.io/	47 KB 17 KB	922ms 39ms	Script application/javascript	43.152.26.154 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://web.cdn.openinstall.io/openinstall.js Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software tencent-cos / Resource Hash 67c908ce818bc3fab48b63fe5c72cf498af23bf1e2a47701678a0ba08fd4777b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 09:59:13 GMT content-encoding gzip x-cos-hash-crc64ecma 18016930411887245761 last-modified Tue, 25 Jun 2024 09:55:14 GMT server tencent-cos x-cache-lookup Cache Hit etag "cfca6a4eba8a953ae864b2510373c27e" content-type application/javascript x-cos-request-id NjY3YTk0ZjFfNTliNjJkMDlfMmJjZF8yMTM2MTlj cache-control max-age=7200 x-nws-log-uuid 17594110511828067250 accept-ranges bytes content-length 17174
POST H2	200	statistics Show response api.ktchanapi.com/channel/	61 B 243 B	259ms 258ms	Fetch application/json	15.197.169.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ktchanapi.com/channel/statistics Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.197.169.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a37a2919b7c2fd481.awsglobalaccelerator.com Software openresty / Resource Hash 4b7c84e7119a7b8a48d73b6872ce4c5c01cc592f37e5561840105993279bd127 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 Authorization Bearer 6sHdXgiC8FFKkfAyR4EMrlyAMuV0DBG4itzeMglyFHponGYXFwl7tf31BPB4TwMX User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Referer sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 26 Jun 2024 00:25:15 GMT server openresty vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8
GET H2	200	22da41c382e9984_Layout1.js Show response hwt623.fun/assets/	14 KB 9 KB	46ms 45ms	Script application/javascript	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/22da41c382e9984_Layout1.js Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/e20e731c6c6a72b_preload-helper.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash da3a0137bf7f48b64fd1c8d4c82d699b3cf6c0b842047b5254d2c3537391f602 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://hwt623.fun Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 14:11:50 GMT content-encoding gzip via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 36804 x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="FRA56-P2",cdn-rid;desc="-qVoDA5FSg4xu9YDl26B-b98vPp5_C_A_yabQ2sHO_oRJVSMVvgQ0Q==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag W/"667acce5-39f4" vary Accept-Encoding access-control-allow-methods OPTIONS, GET, HEAD, POST content-type application/javascript access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id -qVoDA5FSg4xu9YDl26B-b98vPp5_C_A_yabQ2sHO_oRJVSMVvgQ0Q==
GET H2	200	6424ff6d3cb88cf_QrCode.vue_vue_type_script_setup_true_lang.js Show response hwt623.fun/assets/	43 KB 18 KB	72ms 72ms	Script application/javascript	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/6424ff6d3cb88cf_QrCode.vue_vue_type_script_setup_true_lang.js Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/e20e731c6c6a72b_preload-helper.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 34a41b59399921c0262c8d700569d9b65c4d83c25be6eec179b6af09968ec783 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://hwt623.fun Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 14:11:50 GMT content-encoding gzip via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 36804 x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="FRA56-P2",cdn-rid;desc="V0ZESzS9KHqk00RYvdYqgNjD079m4UxXWjYTNHlOreyVZ7gC4321Jg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=14 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag W/"667acce5-ade4" vary Accept-Encoding access-control-allow-methods OPTIONS, GET, HEAD, POST content-type application/javascript access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id V0ZESzS9KHqk00RYvdYqgNjD079m4UxXWjYTNHlOreyVZ7gC4321Jg==
GET H2	200	23a7a3ad4d71f57_QrCode.css hwt623.fun/assets/	133 B 740 B	72ms 71ms	Stylesheet text/css	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/23a7a3ad4d71f57_QrCode.css Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/e20e731c6c6a72b_preload-helper.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash d97265b041cb111a68a5b30db176198c49890c7638742f6294f6db6ce3f345dd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 14:11:50 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 36804 x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="FRA56-P2",cdn-rid;desc="YJeQ_gfipp0OrPUzMLlU1tfOwJPLdCP-I-egnBB2M_pE5qs_4c6mtA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=14 content-length 133 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag "667acce5-85" access-control-allow-methods OPTIONS, GET, HEAD, POST content-type text/css access-control-allow-origin * accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id YJeQ_gfipp0OrPUzMLlU1tfOwJPLdCP-I-egnBB2M_pE5qs_4c6mtA==
GET H2	200	6472e4bee6a9690_pc_bg.jpg hwt623.fun/assets/	78 KB 79 KB	52ms 52ms	Image image/jpeg	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://hwt623.fun/assets/6472e4bee6a9690_pc_bg.jpg Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/a18a3e41c4c886a_main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 265adfa4e7ec26925745ec77ec0dc08da8fa1463f8cf5a58916feac3cd4d66bf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hwt623.fun/assets/a18a3e41c4c886a_main.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 22:01:12 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 8642 x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="FRA56-P2",cdn-rid;desc="-x7cOwZ1WIvPBG3HeLN-Qaz4x3lGu4oPCJ2uqzwVtmF8g_42F1a7hg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=7 content-length 79697 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag "667acce5-13751" vary Accept-Encoding access-control-allow-methods OPTIONS, GET, HEAD, POST content-type image/jpeg access-control-allow-origin * accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id -x7cOwZ1WIvPBG3HeLN-Qaz4x3lGu4oPCJ2uqzwVtmF8g_42F1a7hg==
GET H2	200	8753be50130ae88_logo.rc4.png Show response hwt623.fun/assets/	13 KB 13 KB	46ms 46ms	Fetch image/png	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/8753be50130ae88_logo.rc4.png Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 9947401b5a22905725cf87352a2e9bf3c248248bb252ab6c9be5f7410ab345ec Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 21:59:35 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 8739 x-cache Hit from cloudfront content-length 13272 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag "667acce5-33d8" vary Accept-Encoding access-control-allow-methods OPTIONS, GET, HEAD, POST content-type image/png access-control-allow-origin * accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id peBb0z0RMrrDLMcv4VpZTbjPPcT0mn8J_jOKqYMes_xmNzW7xymCCw==
GET H2	200	8fd7f79e2ec03d4_banner.rc4.webp Show response hwt623.fun/assets/	91 KB 91 KB	47ms 45ms	Fetch image/webp	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/8fd7f79e2ec03d4_banner.rc4.webp Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash f53b6f08cf180ee1301e9ff9a4841149036787d03c4005393a387da48ad165ef Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 21:59:35 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty x-amz-cf-pop FRA56-P2 age 8739 etag "667acce5-16ba6" access-control-allow-methods OPTIONS, GET, HEAD, POST content-type image/webp access-control-allow-origin * x-cache Hit from cloudfront accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range content-length 93094 x-amz-cf-id DuB1qjXrr_VbeEsbAStbi2VGBm2C7Km_8NkGkM57QP1rF_dFviD6gA==
GET H2	200	efe932a3059fbc8_pc_bg_figure1.rc4.webp Show response hwt623.fun/assets/	97 KB 98 KB	53ms 52ms	Fetch image/webp	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/efe932a3059fbc8_pc_bg_figure1.rc4.webp Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 64694a8b2af56f593afeaf16225179d1629985a76b476c32bf00df9d0a5bc83f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 21:59:35 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 8739 x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="FRA56-P2",cdn-rid;desc="kdD9PNnD5Dia1OJUdjO3v7q-Vk3N82c7COENsREmI40UCVzvJ5pCPA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=3 content-length 99330 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag "667acce5-18402" access-control-allow-methods OPTIONS, GET, HEAD, POST content-type image/webp access-control-allow-origin * accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id kdD9PNnD5Dia1OJUdjO3v7q-Vk3N82c7COENsREmI40UCVzvJ5pCPA==
GET H2	200	8fd7f79e2ec03d4_banner.rc4.webp Show response hwt623.fun/assets/	91 KB 528 B	75ms 43ms	Fetch image/webp	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/8fd7f79e2ec03d4_banner.rc4.webp Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash f53b6f08cf180ee1301e9ff9a4841149036787d03c4005393a387da48ad165ef Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:25:14 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 8739 x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="FRA56-P2",cdn-rid;desc="sWZs2bMD9mRD4ZGKc71TIbdXKSfMVYtdMbs2q38rzkJwgeltkBSZuw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1 content-length 93094 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag "667acce5-16ba6" access-control-allow-methods OPTIONS, GET, HEAD, POST content-type image/webp access-control-allow-origin * accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id sWZs2bMD9mRD4ZGKc71TIbdXKSfMVYtdMbs2q38rzkJwgeltkBSZuw==
GET H2	200	efe932a3059fbc8_pc_bg_figure1.rc4.webp Show response hwt623.fun/assets/	97 KB 391 B	94ms 41ms	Fetch image/webp	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/efe932a3059fbc8_pc_bg_figure1.rc4.webp Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 64694a8b2af56f593afeaf16225179d1629985a76b476c32bf00df9d0a5bc83f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:25:14 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 8739 x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="FRA56-P2",cdn-rid;desc="kdD9PNnD5Dia1OJUdjO3v7q-Vk3N82c7COENsREmI40UCVzvJ5pCPA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=3 content-length 99330 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag "667acce5-18402" access-control-allow-methods OPTIONS, GET, HEAD, POST content-type image/webp access-control-allow-origin * accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id 19VB0PzIlzo7ZRx8Z2PDX7TWZqmdluhmKjwRR1oUcPRjHQjBJUWieA==
GET H2	200	8fd7f79e2ec03d4_banner.rc4.webp Show response hwt623.fun/assets/	91 KB 528 B	117ms 40ms	Fetch image/webp	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/assets/8fd7f79e2ec03d4_banner.rc4.webp Requested by Host: hwt623.fun URL: https://hwt623.fun/assets/df49e0d0da81ffa_main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash f53b6f08cf180ee1301e9ff9a4841149036787d03c4005393a387da48ad165ef Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:25:14 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 8739 x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="FRA56-P2",cdn-rid;desc="5zzpE84pP0b6fMMr6JufrICfPbm8Wd-IXAHgP1qwyiS6FPPRuCrQog==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1 content-length 93094 last-modified Tue, 25 Jun 2024 13:57:57 GMT server openresty etag "667acce5-16ba6" access-control-allow-methods OPTIONS, GET, HEAD, POST content-type image/webp access-control-allow-origin * accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Range, Accept-Ranges, Content-Range, If-Range x-amz-cf-id 5zzpE84pP0b6fMMr6JufrICfPbm8Wd-IXAHgP1qwyiS6FPPRuCrQog==
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2ba8e1f798c55804598278556cca4c9b57d1c128efbd72bb11ef5cea49516980 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	413a0426-4586-4596-811e-3dd11ea5adc6 https://hwt623.fun/	13 KB 0		Image text/plain
General Check archive.org Show headers Download Go to Show image Full URL blob:https://hwt623.fun/413a0426-4586-4596-811e-3dd11ea5adc6 Requested by Host: hwt623.fun URL: https://hwt623.fun/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 581be1067ff6d0f1d5bc277b423972bab5eeb611cba0724d6564d7a3a29eaede Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 13242 Content-Type stream
GET BLOB	200 OK	b52bd969-0dd9-464d-b619-bc8bc13afaa8 https://hwt623.fun/	91 KB 0		Image text/plain
General Check archive.org Show headers Download Go to Show image Full URL blob:https://hwt623.fun/b52bd969-0dd9-464d-b619-bc8bc13afaa8 Requested by Host: hwt623.fun URL: https://hwt623.fun/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash d3ec11ce09ef8f4c98d11db7020193aad161e5eb76db0c65dccbbf0722496a3c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 93064 Content-Type stream
GET BLOB	200 OK	2997150c-2d12-4eec-8f4d-038ba7feed4f https://hwt623.fun/	97 KB 0		Image text/plain
General Check archive.org Show headers Download Go to Show image Full URL blob:https://hwt623.fun/2997150c-2d12-4eec-8f4d-038ba7feed4f Requested by Host: hwt623.fun URL: https://hwt623.fun/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash ba814af187497547efbca3238cfc5dd92394e028d549ea1742478bc2ab9a2c98 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 99300 Content-Type stream
GET H2	404	favicon.ico hwt623.fun/	150 B 400 B	469ms 469ms	Other text/html	2600:9000:223c:a800:18:52c:8080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hwt623.fun/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a800:18:52c:8080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 26 Jun 2024 00:25:15 GMT via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) server openresty x-amz-cf-pop FRA56-P2 vary Origin x-cache Error from cloudfront content-type text/html content-length 150 x-amz-cf-id PIVIzVAtdupP5srNNPsg8RRupKu4umYnud04GFXV-2cYFpx2xiXLrg==
POST		init2 web-ivuxa2.openinstall.com/web/ivuxa2/_/	0 0
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c1a343e2e92392b12cdcf9bd5ac4711444f81c31bf5fff129eb1f8b5d6a63549 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5153409833ab35f5626c0c1449d2ca5bd262831709335413355e22ba0d6b837c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9519f02fd12867b18d494b44265aa78f3b47612344f7002be985774445526bd1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

web-ivuxa2.openinstall.com

URL

https://web-ivuxa2.openinstall.com/web/ivuxa2/_/init2?av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pKQ

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__ function| OpenInstall

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hwt623.fun/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ktchanapi.com
api.ktlandapi.com
hwt623.fun
web-ivuxa2.openinstall.com
web.cdn.openinstall.io
web-ivuxa2.openinstall.com
13.248.252.27
15.197.169.28
2600:9000:223c:a800:18:52c:8080:93a1
43.152.26.154
265adfa4e7ec26925745ec77ec0dc08da8fa1463f8cf5a58916feac3cd4d66bf
2ba8e1f798c55804598278556cca4c9b57d1c128efbd72bb11ef5cea49516980
34a41b59399921c0262c8d700569d9b65c4d83c25be6eec179b6af09968ec783
4b7c84e7119a7b8a48d73b6872ce4c5c01cc592f37e5561840105993279bd127
5153409833ab35f5626c0c1449d2ca5bd262831709335413355e22ba0d6b837c
581be1067ff6d0f1d5bc277b423972bab5eeb611cba0724d6564d7a3a29eaede
64694a8b2af56f593afeaf16225179d1629985a76b476c32bf00df9d0a5bc83f
67c908ce818bc3fab48b63fe5c72cf498af23bf1e2a47701678a0ba08fd4777b
6fac4c1636a7870c15cf098619f2e21c755f8313863754e152b20a502c2215c6
94d35549c647c19e37ac7175645156c3cf9bc0f56235a86202d170fe9ba44958
9519f02fd12867b18d494b44265aa78f3b47612344f7002be985774445526bd1
9947401b5a22905725cf87352a2e9bf3c248248bb252ab6c9be5f7410ab345ec
b7b4bf59b9048ea10e60fbdb6ddfab407a057915ea8ee5caa844c47afabca3eb
ba814af187497547efbca3238cfc5dd92394e028d549ea1742478bc2ab9a2c98
c1a343e2e92392b12cdcf9bd5ac4711444f81c31bf5fff129eb1f8b5d6a63549
d3ec11ce09ef8f4c98d11db7020193aad161e5eb76db0c65dccbbf0722496a3c
d51c64a5bf5a31c3a2ee78bab2fa000bf850393168cec99b27a3cdbfc047b434
d97265b041cb111a68a5b30db176198c49890c7638742f6294f6db6ce3f345dd
da3a0137bf7f48b64fd1c8d4c82d699b3cf6c0b842047b5254d2c3537391f602
e999a9ae3f7c47d10d1c6921b2e7bccdebd14fdd24f53ef56d44a1baab181995
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
f53b6f08cf180ee1301e9ff9a4841149036787d03c4005393a387da48ad165ef