urlscan.io logo urlscan.io
SecurityTrails logo

hcitycloud.tk Open in urlscan Pro
54.38.18.120  Public Scan

Go To Rescan Add Verdict Report
URL: https://hcitycloud.tk/
Submission: On November 22 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 54.38.18.120, located in Woodbridge, United States and belongs to OVH, FR. The main domain is hcitycloud.tk.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 13th 2018. Valid for: 3 months.
This is the only time hcitycloud.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 54.38.18.120 16276 (OVH)
2 205.185.208.52 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 62.210.7.70 12876 (AS12876)
1 72.247.178.43 20940 (AKAMAI-ASN1)
1 151.101.120.193 54113 (FASTLY)
22 7
9    54.38.18.120 (Woodbridge, United States)

ASN16276 (OVH, FR)
PTR: ip120.ip-54-38-18.eu
hcitycloud.tk
2    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
3    2a00:1450:4001:81a::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
fonts.googleapis.com
5    2a00:1450:4001:81a::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    62.210.7.70 (France)

ASN12876 (AS12876, FR)
PTR: numerama.com
www.numerama.com
1    72.247.178.43 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a72-247-178-43.deploy.static.akamaitechnologies.com
habboo-a.akamaihd.net
1    151.101.120.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
i.imgur.com
Domain Requested by
9 hcitycloud.tk hcitycloud.tk
code.jquery.com
5 fonts.gstatic.com code.jquery.com
hcitycloud.tk
2 fonts.googleapis.com hcitycloud.tk
2 code.jquery.com hcitycloud.tk
1 i.imgur.com code.jquery.com
1 habboo-a.akamaihd.net code.jquery.com
1 www.numerama.com code.jquery.com
1 ajax.googleapis.com hcitycloud.tk
22 8

This site contains links to these domains. Also see Links.

Domain
noworld.fr
Subject Issuer Validity Valid
hcitycloud.tk
Let's Encrypt Authority X3		 2018-11-13 -
2019-02-11		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
numerama.com
Let's Encrypt Authority X3		 2018-11-19 -
2019-02-17		 3 months crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA		 2018-01-23 -
2019-01-19		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2017-11-15 -
2019-01-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hcitycloud.tk/
Frame ID: 70AF965637DEE9CA044D897EE13233F9
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

22
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

756 kB
Transfer

1384 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hcitycloud.tk/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hcitycloud.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
b54828728261b0a33d94fe6ae3de2d49c00fa20a49a39c69af5e559d76b4e596
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
hcitycloud.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 22 Nov 2018 00:09:48 GMT
content-type
text/html; charset=UTF-8
content-length
2483
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4; path=/
origin
https://hcitycloud.tk/
access-control-allow-origin
https://hcitycloud.tk/
access-control-max-age
600
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
none
content-security-policy
upgrade-insecure-requests; base-uri 'self'
referrer-policy
strict-origin-when-cross-origin
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-language
fr-FR
vary
Accept-Encoding,User-Agent
content-encoding
gzip
x-robots-tag
index, follow, all, noarchive
x-powered-by
PleskLin
global.css
hcitycloud.tk//view/style/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hcitycloud.tk//view/style/global.css?1542845388
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
b4cf4829ec9fa0a4ae2d09c23b8450c14bea60c98e01b163bc40f34ba45d7337

Request headers

:path
//view/style/global.css?1542845388
pragma
no-cache
cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
hcitycloud.tk
referer
https://hcitycloud.tk/
:scheme
https
:method
GET
Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:48 GMT
etag
"5bf17a84-22ac"
last-modified
Sun, 18 Nov 2018 14:43:16 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
8876
jquery-1.10.2.js
code.jquery.com/ 		267 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.10.2.js
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 22 Nov 2018 00:09:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-42b2f"
Vary
Accept-Encoding
X-HW
1542845378.dop015.fr8.shc,1542845378.dop015.fr8.t,1542845378.cds097.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
80743
jquery-ui.js
code.jquery.com/ui/1.11.1/ 		454 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.1/jquery-ui.js
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
ff6b70d8459332e298276d8616be97e6f3c5d64925e666fbe67a667cce0950f5

Request headers

Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 22 Nov 2018 00:09:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-71633"
Vary
Accept-Encoding
X-HW
1542845378.dop002.fr8.shc,1542845378.dop002.fr8.t,1542845378.cds051.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
112090
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 14 Nov 2018 16:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
630902
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
32954
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2019 16:54:36 GMT
logohiver.png
hcitycloud.tk//view/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcitycloud.tk//view/images/logohiver.png
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
230a77bafab93577f9022574df1cc7ccbae4608532fa7afdbeb3b150f8879887

Request headers

:path
//view/images/logohiver.png
pragma
no-cache
cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
hcitycloud.tk
referer
https://hcitycloud.tk/
:scheme
https
:method
GET
Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:48 GMT
etag
"5bf2a006-4ceb"
last-modified
Mon, 19 Nov 2018 11:35:34 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
19691
icon8.png
hcitycloud.tk//view/images/ 		290 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcitycloud.tk//view/images/icon8.png
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
d9c528afdcabe95181548945fd89618a5a4254375035da552cf6df07c7d67fbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
//view/images/icon8.png
pragma
no-cache
cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
hcitycloud.tk
referer
https://hcitycloud.tk/
:scheme
https
:method
GET
Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:48 GMT
origin
https://hcitycloud.tk/
x-permitted-cross-domain-policies
none
x-powered-by
PleskLin
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
User-Agent
content-length
290
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Nov 2018 11:35:33 GMT
server
nginx
x-frame-options
DENY
x-robots-tag
index, follow, all, noarchive
access-control-max-age
600
content-language
fr-FR
access-control-allow-origin
https://hcitycloud.tk/
x-accel-version
0.01
cache-control
max-age=2592000, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
upgrade-insecure-requests; base-uri 'self'
accept-ranges
bytes
content-type
image/png
x-content-type-options
nosniff
icon10.png
hcitycloud.tk//view/images/ 		269 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcitycloud.tk//view/images/icon10.png
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
aefd72cd21331b47e681a0fe86a867e1c27bfdd2fe14b81fd5dbcfb4d2e437d2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
//view/images/icon10.png
pragma
no-cache
cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
hcitycloud.tk
referer
https://hcitycloud.tk/
:scheme
https
:method
GET
Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:48 GMT
origin
https://hcitycloud.tk/
x-permitted-cross-domain-policies
none
x-powered-by
PleskLin
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
User-Agent
content-length
269
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Nov 2018 11:35:33 GMT
server
nginx
x-frame-options
DENY
x-robots-tag
index, follow, all, noarchive
access-control-max-age
600
content-language
fr-FR
access-control-allow-origin
https://hcitycloud.tk/
x-accel-version
0.01
cache-control
max-age=2592000, public
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
upgrade-insecure-requests; base-uri 'self'
accept-ranges
bytes
content-type
image/png
x-content-type-options
nosniff
/
hcitycloud.tk/view/images/cdcaccueil.png/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcitycloud.tk/view/images/cdcaccueil.png/
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
d5363381931f3d5ceea65a461fe05d1079651f51e2fad054659f5724739d813c

Request headers

:path
/view/images/cdcaccueil.png/
pragma
no-cache
cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
hcitycloud.tk
referer
https://hcitycloud.tk/
:scheme
https
:method
GET
Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:48 GMT
etag
"5bf2a004-4498"
last-modified
Mon, 19 Nov 2018 11:35:32 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
17560
/
hcitycloud.tk/view/images/nowpartenaire.png/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcitycloud.tk/view/images/nowpartenaire.png/
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
aeed242078bc87757a4d54a121b82c2c7f210608f683e9e363790cd2d774795e

Request headers

:path
/view/images/nowpartenaire.png/
pragma
no-cache
cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
hcitycloud.tk
referer
https://hcitycloud.tk/
:scheme
https
:method
GET
Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:48 GMT
etag
"5bf2a006-4431"
last-modified
Mon, 19 Nov 2018 11:35:34 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
17457
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,800italic,400,300,600,700,800
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d1d4cdbb5283fda1200746419219670cb6c1d40db9496d020665d3dd9f4d3997
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Thu, 22 Nov 2018 00:09:38 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 22 Nov 2018 00:09:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 22 Nov 2018 00:09:38 GMT
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b91fca9d4f3ea796af034d2157b5982db1e939753ffbc65645ecc15d45b3a94c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Thu, 22 Nov 2018 00:09:38 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 22 Nov 2018 00:09:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 22 Nov 2018 00:09:38 GMT
bg.png
hcitycloud.tk//view/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcitycloud.tk//view/images/bg.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.10.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
27fe7097a11b75d0581def2d7c30ef7958929c4ea27cb2cfbfc6d65e5d7fcbab

Request headers

:path
//view/images/bg.png
pragma
no-cache
cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
hcitycloud.tk
referer
https://hcitycloud.tk//view/style/global.css?1542845388
:scheme
https
:method
GET
Referer
https://hcitycloud.tk//view/style/global.css?1542845388
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:48 GMT
etag
"5bf2a003-e25"
last-modified
Mon, 19 Nov 2018 11:35:31 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3621
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.10.2.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Origin
https://hcitycloud.tk

Response headers

date
Wed, 14 Nov 2018 16:30:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
632331
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Thu, 14 Nov 2019 16:30:47 GMT
header2.png
hcitycloud.tk//view/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hcitycloud.tk//view/images/header2.png
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.18.120 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ip120.ip-54-38-18.eu
Software
nginx / PleskLin
Resource Hash
4afb46454112c15fb5c11cf0fbb8096a161d208fd4d8d9cd7b67c250dda6b024

Request headers

:path
//view/images/header2.png
pragma
no-cache
cookie
PHPSESSID=6kjl204s1446jibjssrc6ii3t4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
hcitycloud.tk
referer
https://hcitycloud.tk//view/style/global.css?1542845388
:scheme
https
:method
GET
Referer
https://hcitycloud.tk//view/style/global.css?1542845388
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:48 GMT
etag
"5bf2a004-21bd"
last-modified
Mon, 19 Nov 2018 11:35:32 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
8637
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Origin
https://hcitycloud.tk

Response headers

date
Mon, 12 Nov 2018 23:52:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:03 GMT
server
sffe
age
778631
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10764
x-xss-protection
1; mode=block
expires
Tue, 12 Nov 2019 23:52:27 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v18/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
556e09ad66d48078d2ea341eff36e93dafdb56fed15e9d92e052a7cb3910e2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Origin
https://hcitycloud.tk

Response headers

date
Mon, 12 Nov 2018 10:52:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:10 GMT
server
sffe
age
825404
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12368
x-xss-protection
1; mode=block
expires
Tue, 12 Nov 2019 10:52:54 GMT
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v18/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: hcitycloud.tk
URL: https://hcitycloud.tk/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Origin
https://hcitycloud.tk

Response headers

date
Sat, 10 Nov 2018 09:16:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:48 GMT
server
sffe
age
1003962
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12352
x-xss-protection
1; mode=block
expires
Sun, 10 Nov 2019 09:16:56 GMT
tetris.jpg
www.numerama.com/content/uploads/2016/06/ 		295 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.numerama.com/content/uploads/2016/06/tetris.jpg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.10.2.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.7.70 , France, ASN12876 (AS12876, FR),
Reverse DNS
numerama.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
d724211f46ccd5e70ba9d3d7c2f2a601cce832e58d9312a8d935a286e304d481

Request headers

Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Thu, 22 Nov 2018 00:09:38 GMT
last-modified
Tue, 28 Jun 2016 07:58:16 GMT
server
nginx/1.12.1 (Ubuntu)
content-type
image/jpeg
status
200
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
link
<https://www.numerama.com/content/uploads/2016/06/tetris.jpg>; rel="canonical"
content-length
302240
expires
Fri, 22 Nov 2019 00:09:38 GMT
wpid-lpromo_atcg.png
habboo-a.akamaihd.net/web_images/habbo-web-articles/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://habboo-a.akamaihd.net/web_images/habbo-web-articles/wpid-lpromo_atcg.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.10.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.178.43 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a72-247-178-43.deploy.static.akamaitechnologies.com
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.37 /
Resource Hash
5146823386be537e5de401c4c4e175df0e1bac741796f0b675a64b276347b895

Request headers

Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 22 Nov 2018 00:09:38 GMT
Last-Modified
Fri, 27 Nov 2015 14:35:36 GMT
Server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.37
ETag
"c1fd-525869ac4fe00"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49661
Expires
Thu, 22 Nov 2018 00:12:45 GMT
zbHUPT7.jpg
i.imgur.com/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/zbHUPT7.jpg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.10.2.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ad3b85d9fc7a3334f75b1e6519270d44696b94ffa6ce8f98c999cc95de75f2b7

Request headers

Referer
https://hcitycloud.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 22 Nov 2018 00:09:38 GMT
age
26279
x-cache
MISS, HIT
status
200
content-length
51934
x-served-by
cache-iad2136-IAD, cache-cdg20728-CDG
last-modified
Wed, 21 Nov 2018 16:51:39 GMT
server
cat factory 1.0
x-timer
S1542845379.609087,VS0,VE0
etag
"f0b36eca42cd780600bd21fec5d0961d"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 2
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.10.2.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Origin
https://hcitycloud.tk

Response headers

date
Mon, 12 Nov 2018 23:52:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:47 GMT
server
sffe
age
778631
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10876
x-xss-protection
1; mode=block
expires
Tue, 12 Nov 2019 23:52:27 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
hcitycloud.tk/ Name: PHPSESSID
Value: 6kjl204s1446jibjssrc6ii3t4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
habboo-a.akamaihd.net
hcitycloud.tk
i.imgur.com
www.numerama.com
151.101.120.193
205.185.208.52
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::200a
54.38.18.120
62.210.7.70
72.247.178.43
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
230a77bafab93577f9022574df1cc7ccbae4608532fa7afdbeb3b150f8879887
27fe7097a11b75d0581def2d7c30ef7958929c4ea27cb2cfbfc6d65e5d7fcbab
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4afb46454112c15fb5c11cf0fbb8096a161d208fd4d8d9cd7b67c250dda6b024
5146823386be537e5de401c4c4e175df0e1bac741796f0b675a64b276347b895
556e09ad66d48078d2ea341eff36e93dafdb56fed15e9d92e052a7cb3910e2e9
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
ad3b85d9fc7a3334f75b1e6519270d44696b94ffa6ce8f98c999cc95de75f2b7
aeed242078bc87757a4d54a121b82c2c7f210608f683e9e363790cd2d774795e
aefd72cd21331b47e681a0fe86a867e1c27bfdd2fe14b81fd5dbcfb4d2e437d2
b4cf4829ec9fa0a4ae2d09c23b8450c14bea60c98e01b163bc40f34ba45d7337
b54828728261b0a33d94fe6ae3de2d49c00fa20a49a39c69af5e559d76b4e596
b91fca9d4f3ea796af034d2157b5982db1e939753ffbc65645ecc15d45b3a94c
d1d4cdbb5283fda1200746419219670cb6c1d40db9496d020665d3dd9f4d3997
d5363381931f3d5ceea65a461fe05d1079651f51e2fad054659f5724739d813c
d724211f46ccd5e70ba9d3d7c2f2a601cce832e58d9312a8d935a286e304d481
d9c528afdcabe95181548945fd89618a5a4254375035da552cf6df07c7d67fbe
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
ff6b70d8459332e298276d8616be97e6f3c5d64925e666fbe67a667cce0950f5