urlscan.io logo urlscan.io
SecurityTrails logo

babovecutting.xyz Open in urlscan Pro
172.247.79.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://baboveannounced.xyz/
Effective URL: https://babovecutting.xyz/
Submission: On December 20 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 34 HTTP transactions. The main IP is 172.247.79.11, located in United States and belongs to CNSERVERS, US. The main domain is babovecutting.xyz.
TLS certificate: Issued by E5 on November 21st 2024. Valid for: 3 months.
This is the only time babovecutting.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.247.94.164 40065 (CNSERVERS)
6 172.247.79.11 40065 (CNSERVERS)
3 9 2a02:6b8::1:119 13238 (YANDEX YA...)
16 223.111.117.96 56046 (CMNET-JIA...)
1 43.251.59.162 7483 (SKYCLOUD-...)
1 104.160.179.210 46844 (SHARKTECH)
1 104.160.179.194 46844 (SHARKTECH)
2 111.174.12.113 136194 (CHINATELE...)
1 104.160.179.195 46844 (SHARKTECH)
34 8
1    172.247.94.164 (United States)

ASN40065 (CNSERVERS, US)
baboveannounced.xyz
6    172.247.79.11 (United States)

ASN40065 (CNSERVERS, US)
babovecutting.xyz
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru
mc.yandex.com
16    223.111.117.96 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)
tpdhuahwduahdinwq.com
1    43.251.59.162 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)
w0057.com
1    104.160.179.210 (United States)

ASN46844 (SHARKTECH, US)
PTR: d16-packageaccountimprove.nl
777wy555bb.com
1    104.160.179.194 (United States)

ASN46844 (SHARKTECH, US)
PTR: customer.sharktech.net
666wy999bb.com
2    111.174.12.113 (China)

ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN)
cc777img.dqsldz.com
1    104.160.179.195 (United States)

ASN46844 (SHARKTECH, US)
PTR: d1-packageaccountimprove.nl
333wy888bb.com
Apex Domain
Subdomains		 Transfer
16 tpdhuahwduahdinwq.com
tpdhuahwduahdinwq.com
1 MB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
4 KB
6 babovecutting.xyz
babovecutting.xyz
39 KB
2 dqsldz.com
cc777img.dqsldz.com — Cisco Umbrella Rank: 621882
332 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
76 KB
1 333wy888bb.com
333wy888bb.com
764 KB
1 666wy999bb.com
666wy999bb.com
106 KB
1 777wy555bb.com
777wy555bb.com
3 MB
1 w0057.com
w0057.com
271 KB
1 baboveannounced.xyz
baboveannounced.xyz
257 B
34 10
Domain Requested by
16 tpdhuahwduahdinwq.com babovecutting.xyz
7 mc.yandex.com 2 redirects babovecutting.xyz
mc.yandex.ru
6 babovecutting.xyz babovecutting.xyz
2 cc777img.dqsldz.com babovecutting.xyz
2 mc.yandex.ru 1 redirects babovecutting.xyz
1 333wy888bb.com babovecutting.xyz
1 666wy999bb.com babovecutting.xyz
1 777wy555bb.com babovecutting.xyz
1 w0057.com babovecutting.xyz
1 baboveannounced.xyz 1 redirects
34 10

This site contains links to these domains. Also see Links.

Domain
x52723.com
849vd872.vip
666659vv.com
kku85.top
mrb15.top
333816jj.com
Subject Issuer Validity Valid
babovecutting.xyz
E5		 2024-11-21 -
2025-02-19		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
tpdhuahwduahdinwq.com
E5		 2024-10-28 -
2025-01-26		 3 months crt.sh
w0057.com
R10		 2024-12-14 -
2025-03-14		 3 months crt.sh
777wy555bb.com
ZeroSSL RSA Domain Secure Site CA		 2024-11-26 -
2025-02-24		 3 months crt.sh
666wy999bb.com
ZeroSSL RSA Domain Secure Site CA		 2024-11-26 -
2025-02-24		 3 months crt.sh
cc777img.dqsldz.com
TrustAsia RSA DV TLS CA G2		 2024-10-28 -
2025-01-26		 3 months crt.sh
333wy888bb.com
ZeroSSL RSA Domain Secure Site CA		 2024-11-26 -
2025-02-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://babovecutting.xyz/
Frame ID: E3D800376CC9A3DB4DD089B3F0083259
Requests: 33 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 64C426E3C4519F819B4A008C4336B3A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

_B影院,全球最大影库,永久免费!

Page URL History Show full URLs

  1. https://baboveannounced.xyz/ HTTP 302
    https://babovecutting.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

34
Requests

94 %
HTTPS

11 %
IPv6

10
Domains

10
Subdomains

8
IPs

4
Countries

5299 kB
Transfer

5506 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://baboveannounced.xyz/ HTTP 302
    https://babovecutting.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10600.lyH9NMt30Lq4wAcNxJloVUVth-Kf1xWkKZ4J9jHcGMFYLQ9Jqk2dmIjHHaOIHA-t.N89w3DjuXhfrnEttGnMU2YCZgSU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10600.GGT3r9GHSSEDxsQP4i3y379lHBgyN8763I4Tq5IsMk8uUQ7PXGCpzZinnpU6CNUWSkDrQiIENg4WE9yjjptuwQUlewO-_ei8ArQjAlx7Etb3JTvElWtXff6aqqowkNkipfc2IIrqy7IpoNHxRE26nSeuZVgQyHsjDBtDeAwssKvpvx2Jt-CHD3r10vC3CZ3peG57y_0_-BNtaHOBc4xmbJaaH0BcecpyczTltL9jAQ0%2C.Jz1NfCZYDX15Qupvbf30gI7YWys%2C
Request Chain 30
  • https://mc.yandex.com/watch/96812911?wmode=7&page-url=https%3A%2F%2Fbabovecutting.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A905768257268%3Ahid%3A27960608%3Az%3A60%3Ai%3A20241220225654%3Aet%3A1734731814%3Ac%3A1%3Arn%3A319652072%3Arqn%3A1%3Au%3A1734731814755118585%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1361%3Awv%3A2%3Ads%3A16%2C307%2C300%2C2%2C504%2C0%2C%2C261%2C1%2C%2C%2C%2C1392%3Aco%3A0%3Acpf%3A1%3Ans%3A1734731812380%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734731814%3At%3A_B%E5%BD%B1%E9%99%A2%EF%BC%8C%E5%85%A8%E7%90%83%E6%9C%80%E5%A4%A7%E5%BD%B1%E5%BA%93%EF%BC%8C%E6%B0%B8%E4%B9%85%E5%85%8D%E8%B4%B9%EF%BC%81&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96812911/1?wmode=7&page-url=https%3A%2F%2Fbabovecutting.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A905768257268%3Ahid%3A27960608%3Az%3A60%3Ai%3A20241220225654%3Aet%3A1734731814%3Ac%3A1%3Arn%3A319652072%3Arqn%3A1%3Au%3A1734731814755118585%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1361%3Awv%3A2%3Ads%3A16%2C307%2C300%2C2%2C504%2C0%2C%2C261%2C1%2C%2C%2C%2C1392%3Aco%3A0%3Acpf%3A1%3Ans%3A1734731812380%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734731814%3At%3A_B%E5%BD%B1%E9%99%A2%EF%BC%8C%E5%85%A8%E7%90%83%E6%9C%80%E5%A4%A7%E5%BD%B1%E5%BA%93%EF%BC%8C%E6%B0%B8%E4%B9%85%E5%85%8D%E8%B4%B9%EF%BC%81&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
babovecutting.xyz/
Redirect Chain
  • https://baboveannounced.xyz/
  • https://babovecutting.xyz/
49 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.79.11 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
7928310dce3c1b005d6c126e58cdd4d1a95086d49167b59110645326f081050b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 20 Dec 2024 21:56:53 GMT
etag
W/"6763ead2-c5af"
last-modified
Thu, 19 Dec 2024 09:43:46 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
142
content-type
text/html
date
Fri, 20 Dec 2024 21:56:52 GMT
location
https://babovecutting.xyz/
server
openresty
style.css
babovecutting.xyz/static/style1/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://babovecutting.xyz/static/style1/style.css
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.79.11 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
ba9cf03b4998566bcf48eccea15b9fc7af92708c8d3e5fdd7d7e4df4c699d2d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 21:56:53 GMT
etag
W/"66ed2835-2d48"
content-type
text/css
last-modified
Fri, 20 Sep 2024 07:45:57 GMT
server
nginx
vary
Accept-Encoding
a1.jpg
babovecutting.xyz/static/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babovecutting.xyz/static/images/a1.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.79.11 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
575e67cebf7ea4c16c9d2d167ac27ea1d0390f1d56e3f7351dd2df835ca7b829

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

accept-ranges
bytes
content-length
19306
date
Fri, 20 Dec 2024 21:56:53 GMT
etag
"6530070a-4b6a"
content-type
image/jpeg
last-modified
Wed, 18 Oct 2023 16:25:46 GMT
server
nginx
main.js
babovecutting.xyz/static/ad/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babovecutting.xyz/static/ad/main.js
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.79.11 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
9a894741ac7b69b5a5aa6f1b1bd72ff4a69b90511cd2867aa503958672db2e35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 21:56:53 GMT
etag
W/"6763eacc-265b"
content-type
application/javascript
last-modified
Thu, 19 Dec 2024 09:43:40 GMT
server
nginx
vary
Accept-Encoding
tag.js
mc.yandex.ru/metrika/ 		222 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"67655eba-12b7d"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Fri, 20 Dec 2024 22:56:53 GMT
access-control-allow-origin
*
content-length
76669
date
Fri, 20 Dec 2024 21:56:53 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
content-type
application/javascript
a1.jpg
babovecutting.xyz/static/images/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://babovecutting.xyz/static/images/a1.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.79.11 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
575e67cebf7ea4c16c9d2d167ac27ea1d0390f1d56e3f7351dd2df835ca7b829

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

accept-ranges
bytes
content-length
19306
date
Fri, 20 Dec 2024 21:56:53 GMT
etag
"6530070a-4b6a"
content-type
image/jpeg
last-modified
Wed, 18 Oct 2023 16:25:46 GMT
server
nginx
353c6adb433dbdbbb7658131aea8c969.jpg
tpdhuahwduahdinwq.com/p2/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/353c6adb433dbdbbb7658131aea8c969.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
2ba494512924ef3ec2d6245d2d38539e2aa663dc0bd0fb7a1464fc47694b1432
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"674c5ea7-14b54"
accept-ranges
bytes
content-length
84820
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Sun, 01 Dec 2024 13:03:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
362bff7a5d4ccd30cdb6dc2cc3412907.jpg
tpdhuahwduahdinwq.com/p2/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/362bff7a5d4ccd30cdb6dc2cc3412907.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
306f9e48f744e9e73691a0c37a9e46b4dd5ac50b59630075473a499b68fb0049
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"6758f971-114a1"
accept-ranges
bytes
content-length
70817
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Wed, 11 Dec 2024 02:31:13 GMT
server
nginx
x-frame-options
SAMEORIGIN
d14461be4546f36550e5fa08b557326a.jpg
tpdhuahwduahdinwq.com/p2/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/d14461be4546f36550e5fa08b557326a.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
b1de606af59d0a625a1a579e81306c7b7c10531094497353f1484c09fe9b5be2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"67441e3a-18ac6"
accept-ranges
bytes
content-length
101062
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Mon, 25 Nov 2024 06:50:34 GMT
server
nginx
x-frame-options
SAMEORIGIN
67d477c03e4f7921513e684f87cb82af.jpg
tpdhuahwduahdinwq.com/p2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/67d477c03e4f7921513e684f87cb82af.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
7ed3c668c94bf7730c1e3eca1dc79d75c1cca972ae1db3ec1b6840243dedf7d4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"6741944c-2413"
accept-ranges
bytes
content-length
9235
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Sat, 23 Nov 2024 08:37:32 GMT
server
nginx
x-frame-options
SAMEORIGIN
7c15249afa7ca69ca918964d33ae2dcc.jpg
tpdhuahwduahdinwq.com/p2/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/7c15249afa7ca69ca918964d33ae2dcc.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
3373cbaa8cbc46f101ca6eade642af2d9318cf8e96e16e1ac4093dc881b5b674
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"67441dd7-132a6"
accept-ranges
bytes
content-length
78502
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Mon, 25 Nov 2024 06:48:55 GMT
server
nginx
x-frame-options
SAMEORIGIN
3b0042fe42e44fab5d3291c5ec8146bf.jpg
tpdhuahwduahdinwq.com/p2/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/3b0042fe42e44fab5d3291c5ec8146bf.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
5cbee11d496e2650064c6efb0dbeea820e9460198978170352c3eac1a1417c2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"67441e20-17580"
accept-ranges
bytes
content-length
95616
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Mon, 25 Nov 2024 06:50:08 GMT
server
nginx
x-frame-options
SAMEORIGIN
5d84bb9ebe4a32e3bf43ebbcb2999a3a.jpg
tpdhuahwduahdinwq.com/p2/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/5d84bb9ebe4a32e3bf43ebbcb2999a3a.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
42351701e15494b5b7594a9bc1ab28b4d61820396425ef4dd504d1b4751ab75c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"6735f13d-11893"
accept-ranges
bytes
content-length
71827
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Thu, 14 Nov 2024 12:46:53 GMT
server
nginx
x-frame-options
SAMEORIGIN
360ec5fc9bc2e74a307b4d69e5f8474b.jpg
tpdhuahwduahdinwq.com/p2/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/360ec5fc9bc2e74a307b4d69e5f8474b.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
ed8c4e2ac2397bdfe2522d7e380367d068caae28911d92d38f6d70c28f2125bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"674420c3-172b5"
accept-ranges
bytes
content-length
94901
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Mon, 25 Nov 2024 07:01:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
4b1fe275652fb5e2ec5333915088208d.jpg
tpdhuahwduahdinwq.com/p2/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/4b1fe275652fb5e2ec5333915088208d.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
a5bd3238bd5c2e18c5f24fddd56567f6d7d56b54a44761ef970f64aaa66079db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"67388cb5-dd1e"
accept-ranges
bytes
content-length
56606
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Sat, 16 Nov 2024 12:14:45 GMT
server
nginx
x-frame-options
SAMEORIGIN
82be570b850cfd70f640b4f5d74ea497.jpg
tpdhuahwduahdinwq.com/p2/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/82be570b850cfd70f640b4f5d74ea497.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
da0045ce23a1e67c837b3ab6670a9e70a92de841f22268ca1710ade680a68edb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"67388c9d-c507"
accept-ranges
bytes
content-length
50439
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Sat, 16 Nov 2024 12:14:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
ca4ff77738fc64f9ca45aa02435a32a1.jpg
tpdhuahwduahdinwq.com/p2/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/ca4ff77738fc64f9ca45aa02435a32a1.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
d3f3bd99d132ac94b1fae24fd4517d6ad269b4bc058b57a858913bb8d65c7405
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"6731c6ad-f140"
accept-ranges
bytes
content-length
61760
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 08:56:13 GMT
server
nginx
x-frame-options
SAMEORIGIN
e834e71bbc64500ea016889bf47aa797.jpg
tpdhuahwduahdinwq.com/p2/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/e834e71bbc64500ea016889bf47aa797.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
087d447ad70719b361d860fc15bd25ec7533d56c4bd424baaec9880824c1d2cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"6731c685-ba2b"
accept-ranges
bytes
content-length
47659
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 08:55:33 GMT
server
nginx
x-frame-options
SAMEORIGIN
a0e7a97afb3457ffe426baa8a3461b26.jpg
tpdhuahwduahdinwq.com/p2/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/a0e7a97afb3457ffe426baa8a3461b26.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
735abda548365c0a8e06d5730a0dbe5d191d07b0727ffb1dc57086ff90a7cb7c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"675983d4-94ad"
accept-ranges
bytes
content-length
38061
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Wed, 11 Dec 2024 12:21:40 GMT
server
nginx
x-frame-options
SAMEORIGIN
b71979635fc32788b01900f8c9a81383.jpg
tpdhuahwduahdinwq.com/p2/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/b71979635fc32788b01900f8c9a81383.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
0c71d6557187cb204ce4f221a0e7145a62f6edb7d389a3fb380a7c4cf045f712
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"672b677d-facc"
accept-ranges
bytes
content-length
64204
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Wed, 06 Nov 2024 12:56:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
ed4df553d2cf19c877dfcb668d81bb32.jpg
tpdhuahwduahdinwq.com/p2/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/ed4df553d2cf19c877dfcb668d81bb32.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
c3e5d626dbf9280702c3e37c3d979b8a18cad018fab6bb04f83245d32c3ebc21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"66f7745f-d8d9"
accept-ranges
bytes
content-length
55513
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Sat, 28 Sep 2024 03:13:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
6f0577d2d1c84a52b82b197699c361d8.gif
w0057.com/ 		270 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w0057.com:33236/6f0577d2d1c84a52b82b197699c361d8.gif
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
43.251.59.162 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
nginx /
Resource Hash
9403b8b30e7645acc52f6f37cc9cb704d63c5ef781a7487310de3a6d20340072

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

Cache-Control
max-age=3600
ETag
"675ad3ee-43989"
Accept-Ranges
bytes
X-Cache
HIT from my109-cdnb-g01-ty8z259-42
Content-Length
276873
Date
Thu, 19 Dec 2024 16:14:02 GMT
Content-Type
image/gif
Last-Modified
Thu, 12 Dec 2024 12:15:42 GMT
Server
nginx
29f6d0540df5412fa62c69301ca91fc6.gif
777wy555bb.com/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://777wy555bb.com/29f6d0540df5412fa62c69301ca91fc6.gif
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.179.210 , United States, ASN46844 (SHARKTECH, US),
Reverse DNS
d16-packageaccountimprove.nl
Software
nginx /
Resource Hash
d847dc3fe6ed2f8685e1895d1a56c32c64e6cb8535c58c60bc85126ba3bb17dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"6763e6f5-29d794"
psc-cache-status
HIT
accept-ranges
bytes
content-length
2742164
date
Fri, 20 Dec 2024 21:56:55 GMT
content-type
image/gif
last-modified
Thu, 19 Dec 2024 09:27:17 GMT
server
nginx
af5035aed35f4eb1b300b4a68be7760a.gif
666wy999bb.com/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://666wy999bb.com/af5035aed35f4eb1b300b4a68be7760a.gif
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.179.194 , United States, ASN46844 (SHARKTECH, US),
Reverse DNS
customer.sharktech.net
Software
nginx /
Resource Hash
0089a6a256113314467e317c2606e39e5489bd291c8be79a00fac9c6cf1d95ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"676009af-1a4cf"
psc-cache-status
HIT
accept-ranges
bytes
content-length
107727
date
Fri, 20 Dec 2024 21:56:55 GMT
content-type
image/gif
last-modified
Mon, 16 Dec 2024 11:06:23 GMT
server
nginx
960-150.gif
cc777img.dqsldz.com/i/2024/11/08/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc777img.dqsldz.com/i/2024/11/08/960-150.gif
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.174.12.113 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
42925c0630069c11ee0f720ce2a98f297e5b90a5e452fb8fbf23722134dbfddd
Security Headers
Name Value
Strict-Transport-Security max-age=66666

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

x-request-ip
193.32.126.148
x-request-id
86f8f2ad7d2e14d0adb35b714c84665b
x-bdcdn-cache-status
TCP_HIT
content-encoding
gzip
etag
"672e1e95-2d691"
age
2436
expires
Sun, 19 Jan 2025 21:16:19 GMT
date
Fri, 20 Dec 2024 21:56:55 GMT
content-type
image/gif
last-modified
Fri, 08 Nov 2024 14:22:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=66666
cache-control
max-age=43200
x-tt-trace-tag
id=5
via
cache03.hsct02
content-length
185507
x-response-cache
edge_hit
server
Byte-nginx
x-response-cinfo
193.32.126.148
c10b5f4ea1584e7d93521da5962eaf79.gif
333wy888bb.com/ 		763 KB
764 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://333wy888bb.com/c10b5f4ea1584e7d93521da5962eaf79.gif
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.179.195 , United States, ASN46844 (SHARKTECH, US),
Reverse DNS
d1-packageaccountimprove.nl
Software
nginx /
Resource Hash
8d62e53e5bcbe0a4b508ad38531802f53b57bb2c52172b76d2639f2178502aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"676009e8-bea7e"
psc-cache-status
HIT
accept-ranges
bytes
content-length
780926
date
Fri, 20 Dec 2024 21:56:55 GMT
content-type
image/gif
last-modified
Mon, 16 Dec 2024 11:07:20 GMT
server
nginx
deb4410b6d090326b9b94f34c77efe39.jpg
tpdhuahwduahdinwq.com/p2/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpdhuahwduahdinwq.com:1443/p2/deb4410b6d090326b9b94f34c77efe39.jpg
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
223.111.117.96 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
0e5ca031093172624f14bd21c35168bd2cd7509425ffc11a21fa6b9542e253e6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

etag
"672379f2-111f0"
accept-ranges
bytes
content-length
70128
date
Sat, 21 Dec 2024 05:54:00 GMT
content-type
image/jpeg
last-modified
Thu, 31 Oct 2024 12:37:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
960-150_1.gif
cc777img.dqsldz.com/i/2024/11/08/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc777img.dqsldz.com/i/2024/11/08/960-150_1.gif
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.174.12.113 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
e60406183b4fec579028466149a2b608c4a791e34c652752edc80b18573b9fae
Security Headers
Name Value
Strict-Transport-Security max-age=66666

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

x-request-ip
193.32.126.148
x-request-id
af4224d88a8cf90dcb76907368d55dd7
x-bdcdn-cache-status
TCP_HIT
content-encoding
gzip
etag
"672e1ea6-255e4"
age
2437
expires
Sun, 19 Jan 2025 21:16:19 GMT
date
Fri, 20 Dec 2024 21:56:55 GMT
content-type
image/gif
last-modified
Fri, 08 Nov 2024 14:22:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=66666
cache-control
max-age=43200
x-tt-trace-tag
id=5
via
cache03.hsct02
content-length
152958
x-response-cache
edge_hit
server
Byte-nginx
x-response-cinfo
193.32.126.148
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10600.lyH9NMt30Lq4wAcNxJloVUVth-Kf1xWkKZ4J9jHcGMFYLQ9Jqk2dmIjHHaOIHA-t.N89w3DjuXhfrnEttGnMU2YCZgSU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10600.GGT3r9GHSSEDxsQP4i3y379lHBgyN8763I4Tq5IsMk8uUQ7PXGCpzZinnpU6CNUWSkDrQiIENg4WE9yjjptuwQUlewO-_ei8ArQjAlx7Etb3JTvElWtXff6aqqowkNkipfc2IIrqy7...
43 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10600.GGT3r9GHSSEDxsQP4i3y379lHBgyN8763I4Tq5IsMk8uUQ7PXGCpzZinnpU6CNUWSkDrQiIENg4WE9yjjptuwQUlewO-_ei8ArQjAlx7Etb3JTvElWtXff6aqqowkNkipfc2IIrqy7IpoNHxRE26nSeuZVgQyHsjDBtDeAwssKvpvx2Jt-CHD3r10vC3CZ3peG57y_0_-BNtaHOBc4xmbJaaH0BcecpyczTltL9jAQ0%2C.Jz1NfCZYDX15Qupvbf30gI7YWys%2C
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 21:56:54 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.com/sync_cookie_image_decide?token=10600.GGT3r9GHSSEDxsQP4i3y379lHBgyN8763I4Tq5IsMk8uUQ7PXGCpzZinnpU6CNUWSkDrQiIENg4WE9yjjptuwQUlewO-_ei8ArQjAlx7Etb3JTvElWtXff6aqqowkNkipfc2IIrqy7IpoNHxRE26nSeuZVgQyHsjDBtDeAwssKvpvx2Jt-CHD3r10vC3CZ3peG57y_0_-BNtaHOBc4xmbJaaH0BcecpyczTltL9jAQ0%2C.Jz1NfCZYDX15Qupvbf30gI7YWys%2C
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 21:56:54 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"67655eba-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Fri, 20 Dec 2024 22:56:54 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Fri, 20 Dec 2024 21:56:54 GMT
content-type
image/gif
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 64C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://babovecutting.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
2080
content-type
text/html
date
Fri, 20 Dec 2024 21:56:54 GMT
etag
"67655eba-820"
expires
Fri, 20 Dec 2024 22:56:54 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/96812911/
Redirect Chain
  • https://mc.yandex.com/watch/96812911?wmode=7&page-url=https%3A%2F%2Fbabovecutting.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/96812911/1?wmode=7&page-url=https%3A%2F%2Fbabovecutting.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8...
603 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96812911/1?wmode=7&page-url=https%3A%2F%2Fbabovecutting.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A905768257268%3Ahid%3A27960608%3Az%3A60%3Ai%3A20241220225654%3Aet%3A1734731814%3Ac%3A1%3Arn%3A319652072%3Arqn%3A1%3Au%3A1734731814755118585%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1361%3Awv%3A2%3Ads%3A16%2C307%2C300%2C2%2C504%2C0%2C%2C261%2C1%2C%2C%2C%2C1392%3Aco%3A0%3Acpf%3A1%3Ans%3A1734731812380%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734731814%3At%3A_B%E5%BD%B1%E9%99%A2%EF%BC%8C%E5%85%A8%E7%90%83%E6%9C%80%E5%A4%A7%E5%BD%B1%E5%BA%93%EF%BC%8C%E6%B0%B8%E4%B9%85%E5%85%8D%E8%B4%B9%EF%BC%81&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
Requested by
Host: babovecutting.xyz
URL: https://babovecutting.xyz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
bb834edc54b453bd320171bbffe175045aed0272f13f025123917468c3df803c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 20-Dec-2024 21:56:54 GMT
access-control-allow-origin
https://babovecutting.xyz
content-length
603
date
Fri, 20 Dec 2024 21:56:54 GMT
x-xss-protection
1; mode=block
last-modified
Fri, 20-Dec-2024 21:56:54 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/96812911/1?wmode=7&page-url=https%3A%2F%2Fbabovecutting.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A905768257268%3Ahid%3A27960608%3Az%3A60%3Ai%3A20241220225654%3Aet%3A1734731814%3Ac%3A1%3Arn%3A319652072%3Arqn%3A1%3Au%3A1734731814755118585%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1361%3Awv%3A2%3Ads%3A16%2C307%2C300%2C2%2C504%2C0%2C%2C261%2C1%2C%2C%2C%2C1392%3Aco%3A0%3Acpf%3A1%3Ans%3A1734731812380%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734731814%3At%3A_B%E5%BD%B1%E9%99%A2%EF%BC%8C%E5%85%A8%E7%90%83%E6%9C%80%E5%A4%A7%E5%BD%B1%E5%BA%93%EF%BC%8C%E6%B0%B8%E4%B9%85%E5%85%8D%E8%B4%B9%EF%BC%81&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Fri, 20-Dec-2024 21:56:54 GMT
access-control-allow-origin
https://babovecutting.xyz
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 21:56:54 GMT
last-modified
Fri, 20-Dec-2024 21:56:54 GMT
favicon.ico
babovecutting.xyz/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://babovecutting.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.79.11 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
fd637dce9da3d9af759b960be67658e92b2b7573a3b339867f5584f39d67b44d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

accept-ranges
bytes
content-length
1150
date
Fri, 20 Dec 2024 21:56:56 GMT
etag
"65300ac4-47e"
content-type
image/x-icon
last-modified
Wed, 18 Oct 2023 16:41:40 GMT
server
nginx
1
mc.yandex.com/watch/96812911/ 		43 B
277 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96812911/1?page-url=https%3A%2F%2Fbabovecutting.xyz%2F&charset=utf-8&hittoken=1734731814_b95af498dbe2735353f6a346586cd9684b41f700788a9b01901a6b8ef563695d&browser-info=nb%3A1%3Acl%3A372%3Aar%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A905768257268%3Ahid%3A27960608%3Az%3A60%3Ai%3A20241220225709%3Aet%3A1734731829%3Ac%3A1%3Arn%3A812379171%3Arqn%3A2%3Au%3A1734731814755118585%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C4509%2C4509%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1734731812380%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1734731829&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009088)dss(2)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct%22%3A%5B%5D%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://babovecutting.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Fri, 20-Dec-2024 21:57:09 GMT
access-control-allow-origin
https://babovecutting.xyz
content-length
43
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 21:57:09 GMT
last-modified
Fri, 20-Dec-2024 21:57:09 GMT
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ym function| classify function| fictionify function| clickVfp object| downloadomain string| url string| fullURL object| globalConfig object| Ya object| yaCounter96812911

18 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: 60019I3yv+u1o1WgKo4b4ljuJUg+G2xrbbpV7X7WQt2V24IwHZ18Vkpll1AMzI3mUhdU98fucNaj2iTRe2l5WawyqkY=
.yandex.ru/ Name: yandexuid
Value: 9682376411734731813
.yandex.ru/ Name: yashr
Value: 5327568081734731813
.babovecutting.xyz/ Name: _ym_uid
Value: 1734731814755118585
.babovecutting.xyz/ Name: _ym_d
Value: 1734731814
.yandex.com/ Name: yashr
Value: 5413204171734731814
.babovecutting.xyz/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 460462822fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1486116963fake
.yandex.com/ Name: yandexuid
Value: 9682376411734731813
.yandex.com/ Name: yuidss
Value: 9682376411734731813
.yandex.com/ Name: i
Value: 60019I3yv+u1o1WgKo4b4ljuJUg+G2xrbbpV7X7WQt2V24IwHZ18Vkpll1AMzI3mUhdU98fucNaj2iTRe2l5WawyqkY=
.yandex.com/ Name: yp
Value: 1734818214.yu.7560965561734731814
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 965057571734731814
.yandex.com/ Name: ymex
Value: 1737323814.oyu.7560965561734731814#1766267814.yrts.1734731814
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGCm0Je7Bg==

4 Console Messages

Source Level URL
Text
security warning URL: https://babovecutting.xyz/
Message:
Mixed Content: The page at 'https://babovecutting.xyz/' was loaded over HTTPS, but requested an insecure element 'http://777wy555bb.com/29f6d0540df5412fa62c69301ca91fc6.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://babovecutting.xyz/
Message:
Mixed Content: The page at 'https://babovecutting.xyz/' was loaded over HTTPS, but requested an insecure element 'http://777wy555bb.com/29f6d0540df5412fa62c69301ca91fc6.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://babovecutting.xyz/
Message:
Mixed Content: The page at 'https://babovecutting.xyz/' was loaded over HTTPS, but requested an insecure element 'http://777wy555bb.com/29f6d0540df5412fa62c69301ca91fc6.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://babovecutting.xyz/
Message:
Mixed Content: The page at 'https://babovecutting.xyz/' was loaded over HTTPS, but requested an insecure element 'http://777wy555bb.com/29f6d0540df5412fa62c69301ca91fc6.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

333wy888bb.com
666wy999bb.com
777wy555bb.com
baboveannounced.xyz
babovecutting.xyz
cc777img.dqsldz.com
mc.yandex.com
mc.yandex.ru
tpdhuahwduahdinwq.com
w0057.com
104.160.179.194
104.160.179.195
104.160.179.210
111.174.12.113
172.247.79.11
172.247.94.164
223.111.117.96
2a02:6b8::1:119
43.251.59.162
0089a6a256113314467e317c2606e39e5489bd291c8be79a00fac9c6cf1d95ef
087d447ad70719b361d860fc15bd25ec7533d56c4bd424baaec9880824c1d2cb
0c71d6557187cb204ce4f221a0e7145a62f6edb7d389a3fb380a7c4cf045f712
0e5ca031093172624f14bd21c35168bd2cd7509425ffc11a21fa6b9542e253e6
2ba494512924ef3ec2d6245d2d38539e2aa663dc0bd0fb7a1464fc47694b1432
306f9e48f744e9e73691a0c37a9e46b4dd5ac50b59630075473a499b68fb0049
3373cbaa8cbc46f101ca6eade642af2d9318cf8e96e16e1ac4093dc881b5b674
42351701e15494b5b7594a9bc1ab28b4d61820396425ef4dd504d1b4751ab75c
42925c0630069c11ee0f720ce2a98f297e5b90a5e452fb8fbf23722134dbfddd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
575e67cebf7ea4c16c9d2d167ac27ea1d0390f1d56e3f7351dd2df835ca7b829
5cbee11d496e2650064c6efb0dbeea820e9460198978170352c3eac1a1417c2c
735abda548365c0a8e06d5730a0dbe5d191d07b0727ffb1dc57086ff90a7cb7c
7928310dce3c1b005d6c126e58cdd4d1a95086d49167b59110645326f081050b
7ed3c668c94bf7730c1e3eca1dc79d75c1cca972ae1db3ec1b6840243dedf7d4
8d62e53e5bcbe0a4b508ad38531802f53b57bb2c52172b76d2639f2178502aa6
9403b8b30e7645acc52f6f37cc9cb704d63c5ef781a7487310de3a6d20340072
9a894741ac7b69b5a5aa6f1b1bd72ff4a69b90511cd2867aa503958672db2e35
a5bd3238bd5c2e18c5f24fddd56567f6d7d56b54a44761ef970f64aaa66079db
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
b1de606af59d0a625a1a579e81306c7b7c10531094497353f1484c09fe9b5be2
ba9cf03b4998566bcf48eccea15b9fc7af92708c8d3e5fdd7d7e4df4c699d2d7
bb834edc54b453bd320171bbffe175045aed0272f13f025123917468c3df803c
c3e5d626dbf9280702c3e37c3d979b8a18cad018fab6bb04f83245d32c3ebc21
d3f3bd99d132ac94b1fae24fd4517d6ad269b4bc058b57a858913bb8d65c7405
d847dc3fe6ed2f8685e1895d1a56c32c64e6cb8535c58c60bc85126ba3bb17dc
da0045ce23a1e67c837b3ab6670a9e70a92de841f22268ca1710ade680a68edb
e60406183b4fec579028466149a2b608c4a791e34c652752edc80b18573b9fae
ed8c4e2ac2397bdfe2522d7e380367d068caae28911d92d38f6d70c28f2125bb
fd637dce9da3d9af759b960be67658e92b2b7573a3b339867f5584f39d67b44d