urlscan.io logo urlscan.io
SecurityTrails logo

1688th.com Open in urlscan Pro
172.66.40.236  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3DjNW9j
Effective URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Submission Tags: #優塔娛樂城
Submission: On December 18 via manual from BD — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 26 HTTP transactions. The main IP is 172.66.40.236, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1688th.com.
TLS certificate: Issued by WE1 on December 5th 2024. Valid for: 3 months.
This is the only time 1688th.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
12 172.66.40.236 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 37.19.207.34 60068 (CDN77 Dat...)
3 2400:52e0:1a0... 200325 (BunnyCDN ...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2400:52e0:1a0... 200325 (BunnyCDN ...)
1 3.19.51.21 16509 (AMAZON-02)
26 8
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
12    172.66.40.236 (United States)

ASN13335 (CLOUDFLARENET, US)
1688th.com
1    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 37-19-207-34.bunnyinfra.net
hb.wpmucdn.com
3    2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)
b2467849.smushcdn.com
1    2607:f8b0:4004:c1f::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2400:52e0:1a00::1206:2 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)
stats.wpmucdn.com
1    3.19.51.21 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-51-21.us-east-2.compute.amazonaws.com
stats1.wpmudev.com
Apex Domain
Subdomains		 Transfer
12 1688th.com
1688th.com
371 KB
8 wpmucdn.com
hb.wpmucdn.com — Cisco Umbrella Rank: 33436
stats.wpmucdn.com — Cisco Umbrella Rank: 34084
59 KB
3 smushcdn.com
b2467849.smushcdn.com
22 KB
1 wpmudev.com
stats1.wpmudev.com — Cisco Umbrella Rank: 32023
127 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
95 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 7701
429 B
26 7
Domain Requested by
12 1688th.com 1688th.com
7 hb.wpmucdn.com 1688th.com
3 b2467849.smushcdn.com 1688th.com
1 stats1.wpmudev.com stats.wpmucdn.com
1 stats.wpmucdn.com 1688th.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com 1688th.com
1 bit.ly 1 redirects
26 8

This site contains links to these domains. Also see Links.

Domain
u.town
Subject Issuer Validity Valid
1688th.com
WE1		 2024-12-05 -
2025-03-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.wpmucdn.com
RapidSSL TLS RSA CA G1		 2024-03-13 -
2025-03-12		 a year crt.sh
*.smushcdn.com
RapidSSL TLS RSA CA G1		 2024-02-12 -
2025-02-11		 a year crt.sh
stats.wpmucdn.com
R10		 2024-12-05 -
2025-03-05		 3 months crt.sh
stats1.wpmudev.com
Amazon RSA 2048 M03		 2024-02-15 -
2025-03-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Frame ID: D983AEDCC860E33D1AF676D05CF01146
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

優塔娛樂城(UTown) - 娛樂城總代理(樂樂)|推薦百家樂與老虎機的最佳娛樂城

Page URL History Show full URLs

  1. https://bit.ly/3DjNW9j HTTP 301
    https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

546 kB
Transfer

1118 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3DjNW9j HTTP 301
    https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Redirect Chain
  • https://bit.ly/3DjNW9j
  • https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
88 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb57d366a145a65b3f26839586cb82ff32abb2be2771db20c4f96d06afac346

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
33220
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-apo-via
tcache
cf-cache-status
HIT
cf-edge-cache
cache, platform=WordPress
cf-ray
8f3bedb85d1eabd9-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 03:04:58 GMT
last-modified
Mon, 16 Dec 2024 19:39:44 GMT
link
<https://1688th.com/wp-json/>; rel="https://api.w.org/", <https://1688th.com/wp-json/wp/v2/wporg_wolf/7284>; rel="alternate"; title="JSON"; type="application/json", <https://1688th.com/?p=7284>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2FFAzPJwWoMtyAftWt%2B67rv%2BA40zjmce%2B1irEbWGXCUNToyaV3vJrRiFPWGmP%2FQhfuODjsaRzbYVKe0eeUzETUFTTv3XhDGIbVt6WStLdetXWjirWUtAHKn2P6A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=25699&min_rtt=25622&rtt_var=9663&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4254&recv_bytes=4395&delivery_rate=113759&cwnd=12000&unsent_bytes=0&cid=84a61de1c8cd560d&ts=57&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-cache
MISS
x-cache-enabled
true
x-ua-compatible
IE=edge

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
100
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Wed, 18 Dec 2024 03:04:58 GMT
location
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
referrer-policy
unsafe-url
server
nginx
via
1.1 google
js
www.googletagmanager.com/gtag/ 		266 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZGPK6HMJ5D
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50d05bda3fbb63cca582bd71ddeaccdf693cfa4cbc4c138c3096645371643dc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 03:04:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96104
x-xss-protection
0
server
Google Tag Manager
29b28d21-4acc-478e-a005-d655b6e692af.css
hb.wpmucdn.com/1688th.com/ 		800 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/1688th.com/29b28d21-4acc-478e-a005-d655b6e692af.css
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
7c92c980fdb4ed0407abe0c24132bb38376719ce502b6f0bc41753ce29275761

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"dc435e2dfc23be9f31817e79650f472d"
x-amz-meta-hb-minify
minify=22.4%, origSize=988
date
Wed, 18 Dec 2024 03:04:59 GMT
last-modified
Sat, 14 Dec 2024 20:00:04 GMT
cdn-cachedat
12/17/2024 14:50:57
vary
Accept-Encoding
content-type
text/css
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
a8b0971cdc44cfd531e7c68cf5167bd3
cdn-pullzone
1101156
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
x-amz-server-side-encryption
AES256
92642459-3946-4c0e-995f-20c78f188a98.css
hb.wpmucdn.com/1688th.com/ 		112 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/1688th.com/92642459-3946-4c0e-995f-20c78f188a98.css
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
3695e658a53e1d2ad696e5a4f1d32758a168f868b67f6a8c7aebaa929cf5fad9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"b439091503eff8ba8be5482cdeaa489c"
x-amz-meta-hb-minify
minify=0.0%, origSize=114706
date
Wed, 18 Dec 2024 03:04:59 GMT
last-modified
Sat, 14 Dec 2024 20:00:06 GMT
cdn-cachedat
12/17/2024 14:50:57
vary
Accept-Encoding
content-type
text/css
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
741914940c6dcf3ffd10a18c3617afe1
cdn-pullzone
1101156
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
x-amz-server-side-encryption
AES256
1090c9d3-1dfb-4a71-a66f-5f066e8e91d7.css
hb.wpmucdn.com/1688th.com/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/1688th.com/1090c9d3-1dfb-4a71-a66f-5f066e8e91d7.css
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
20ca99849a9cfb6b5612b5742670abc9c5ab1a7586ed37320c3e6e8391a895d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"ceb25bb0baada161702c5597a6a2e42d"
x-amz-meta-hb-minify
minify=0.0%, origSize=3356
date
Wed, 18 Dec 2024 03:04:59 GMT
last-modified
Sat, 14 Dec 2024 21:25:10 GMT
cdn-cachedat
12/18/2024 03:04:59
vary
Accept-Encoding
content-type
text/css
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cache
MISS
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
62ff046a5585c0c90e3c96e20a61e425
cdn-pullzone
1101156
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
x-amz-server-side-encryption
AES256
casino-page.css
1688th.com/wp-content/plugins/casino/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/css/casino-page.css
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a894db90cdef838b3570c8cbed053e751a14df7af9b5d3113086a6bd4d011f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"635c00a6-264c"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQmE5Z6EQ6mMUzsFwqZJvfxuno1ayfTsBbz4Gzzu%2F58WJBtfiSdTvLWDO%2BR5pDl3N9D4vPExURcgSWmN8xQusuQs4gqF8maR7R5sLxSlz32IyKcqoEYWKYoET9E%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25878&min_rtt=24883&rtt_var=582&sent=45&recv=33&lost=0&retrans=0&sent_bytes=30498&recv_bytes=7160&delivery_rate=391917&cwnd=19200&unsent_bytes=0&cid=84a61de1c8cd560d&ts=112&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
text/css
last-modified
Fri, 28 Oct 2022 16:17:42 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedb8bd8dabd9-YYZ
server
cloudflare
casino-sort.css
1688th.com/wp-content/plugins/casino/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/css/casino-sort.css
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d9e8afed51300dd74d8809df103840c4a449e2532992ef0fb7c8a97f44a65a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"635ca3ca-218e"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHEfnABWAcZveqdaNUKTsVP5OByL5qj8xPIb4ntBqhok8nTGxcl5tYCURqrYRr5wcIsLsnOdjFuOKdKlwzkSxZJh38sJzeTNiZSwg1ZRgJ1ajbYcaJPdBTRbHac%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25878&min_rtt=24883&rtt_var=582&sent=50&recv=33&lost=0&retrans=0&sent_bytes=35488&recv_bytes=7160&delivery_rate=391917&cwnd=19200&unsent_bytes=0&cid=84a61de1c8cd560d&ts=115&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
text/css
last-modified
Sat, 29 Oct 2022 03:53:46 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedb8bd8eabd9-YYZ
server
cloudflare
all.min.css
1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/css/ 		99 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/css/all.min.css
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"632ea185-18d4d"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I6AnS6Vg93bOASEwGctZfgdzHqOzbYxtHbIVISusdBCh8DJvUMO0CEHWnf5yb1baOQdi3PZz1%2FbGf9VRcmQFI4SGXpSqVZPmi8BppuA9xJQe7DSp7Klatm0WPFQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25878&min_rtt=24883&rtt_var=582&sent=55&recv=33&lost=0&retrans=0&sent_bytes=40221&recv_bytes=7160&delivery_rate=391917&cwnd=19200&unsent_bytes=0&cid=84a61de1c8cd560d&ts=120&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
text/css
last-modified
Sat, 24 Sep 2022 06:19:49 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedb8bd8fabd9-YYZ
server
cloudflare
kinerloader2.css
1688th.com/wp-content/plugins/casino/assets/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/css/kinerloader2.css
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f79055eaed12fbaeb19868e72e3466503c1345476fbcb79e8f7e80f37820d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6339e509-32ab"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2F1b%2BV%2FcvzcDNe3%2BiV9aXFjl42lqUZO0dwBzoAiAZNFgpTSVH2Loyt4kz6tSwx0j16PWMIGL5tAFqLuTqNKjG%2F9TJZdcC95UrXI8pccQ6mO%2BMS0bJxa73Yu6lgI%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25878&min_rtt=24883&rtt_var=582&sent=53&recv=33&lost=0&retrans=0&sent_bytes=38111&recv_bytes=7160&delivery_rate=391917&cwnd=19200&unsent_bytes=0&cid=84a61de1c8cd560d&ts=117&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
text/css
last-modified
Sun, 02 Oct 2022 19:22:49 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedb8bd90abd9-YYZ
server
cloudflare
percircle.css
1688th.com/wp-content/plugins/casino/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/css/percircle.css
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
636d4a10a0b994f09792721a156a5012d5ca07cf6938a86f899c51c05cefaaa9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6339e3ea-1eee"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAhR5dZD73%2B%2F5tiApvYH84ysVbuWvRddMHgkcOsxVjMiVWrUWMr56KCvc6%2BRpXnsx2reNuUk7ulvWt9BJuNyZrYfdKooUND1ZnQM2CGrSX0%2Bx4R6O5CiD0e4gRg%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25878&min_rtt=24883&rtt_var=582&sent=48&recv=33&lost=0&retrans=0&sent_bytes=33389&recv_bytes=7160&delivery_rate=391917&cwnd=19200&unsent_bytes=0&cid=84a61de1c8cd560d&ts=113&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
text/css
last-modified
Sun, 02 Oct 2022 19:18:02 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedb8bd91abd9-YYZ
server
cloudflare
rocket-loader.min.js
1688th.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1688th.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675318bd-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyYbcUfeFGbKxhffLKzbQqatMlhuZMgsjKMAqPb2i6WhiKYVFvbkTuv6VWMl%2BohphGbb%2BrZwa42pOoif%2F%2BY7zzxoAFVPfxk8B8kDErMs6aVYnd%2B91LjPe%2FR0UOU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f3bedb9beb2abd9-YYZ
expires
Fri, 20 Dec 2024 03:04:59 GMT
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
server
cloudflare
vary
Accept-Encoding
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
BG.webp
b2467849.smushcdn.com/2467849/wp-content/uploads/2022/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2467849.smushcdn.com/2467849/wp-content/uploads/2022/10/BG.webp?lossy=0&strip=1&webp=1
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1207 /
Resource Hash
5fd262ca6bd2bdcf82dddbc6202d7df76260d896be24ebdfb515262957defe6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"f001749e45d5894e4ba15c97b218786b"
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
image/webp
last-modified
Tue, 19 Nov 2024 03:38:53 GMT
x-amz-expiration
expiry-date="Fri, 20 Dec 2024 00:00:00 GMT", rule-id="expire"
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
12/17/2024 14:51:00
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
smushed
origFmt=webp, origSize=6634, smushRatio=16.82, skipped=0, originCache=HIT
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
c608494cff4ffd95f202dbb285def763
cdn-pullzone
1095164
cdn-proxyver
1.06
accept-ranges
bytes
access-control-allow-origin
*
content-length
5518
cdn-edgestorageid
871
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
CA
fa-solid-900.woff2
1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/webfonts/ 		151 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/webfonts/fa-solid-900.woff2
Requested by
Host: 1688th.com
URL: https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1688th.com
Referer
https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/css/all.min.css

Response headers

cf-cache-status
HIT
etag
"632ea185-25cd8"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u92V%2Bmtd1vVfAEChW3Bp1YcB3lTM0XLICoGAgRms16Qy%2FIj7ZiOoF0cB5E9FFMt%2Bfum6CkxWVE5%2BUQyQfKR4QDQ13K1J65e%2BSNtsnEpG0smEZ6X8SmklPWYDx7c%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27447&min_rtt=24883&rtt_var=1166&sent=83&recv=63&lost=0&retrans=0&sent_bytes=66976&recv_bytes=10414&delivery_rate=163618&cwnd=27600&unsent_bytes=0&cid=84a61de1c8cd560d&ts=423&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
font/woff2
last-modified
Sat, 24 Sep 2022 06:19:49 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedbaa822abd9-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
154840
server
cloudflare
fa-brands-400.woff2
1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/webfonts/ 		103 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/webfonts/fa-brands-400.woff2
Requested by
Host: 1688th.com
URL: https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1688th.com
Referer
https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/css/all.min.css

Response headers

cf-cache-status
HIT
etag
"632ea185-19a98"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w373XnKOMsy0L2BjfeTmqwMDEYVlJ0t6SRebBRmPCith1zCqiUA6f7dZiU8aEe1AOrVe6gsSEtMaU8sHV9pBTHymm8lc2gvgerTzO7lmYwbOsTGSpO%2FHJdBK5Ns%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27447&min_rtt=24883&rtt_var=1166&sent=106&recv=63&lost=0&retrans=0&sent_bytes=94576&recv_bytes=10414&delivery_rate=163618&cwnd=27600&unsent_bytes=0&cid=84a61de1c8cd560d&ts=425&x=1", cfExtPri, cfHdrFlush;dur=23
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
font/woff2
last-modified
Sat, 24 Sep 2022 06:19:49 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedbaa823abd9-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
105112
server
cloudflare
fa-regular-400.woff2
1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/webfonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/webfonts/fa-regular-400.woff2
Requested by
Host: 1688th.com
URL: https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ec4d833cfa502f109fcc197b417736165f53d3d0b4e73a2801c8d50b641805

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1688th.com
Referer
https://1688th.com/wp-content/plugins/casino/assets/fontawesome6.1.2/css/all.min.css

Response headers

cf-cache-status
HIT
etag
"632ea185-5ddc"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VttM4XMoorUaUfsHB8CFQMnS57qxIWXQOTrRjOSoQYrb0wG1DGVpB%2BoL4xtzxKwfrK5TJZq%2F5ug%2B904YFc81zT%2BYQCyu0z0Aoxa1mQnOAnEBeSJeahRisArVsQI%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27447&min_rtt=24883&rtt_var=1166&sent=106&recv=63&lost=0&retrans=0&sent_bytes=94576&recv_bytes=10414&delivery_rate=163618&cwnd=27600&unsent_bytes=0&cid=84a61de1c8cd560d&ts=424&x=1", cfExtPri, cfHdrFlush;dur=24
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
font/woff2
last-modified
Sat, 24 Sep 2022 06:19:49 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedbaa825abd9-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
24028
server
cloudflare
1305bcf5-2a96-4274-b287-0c56f29888ab.js
hb.wpmucdn.com/1688th.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/1688th.com/1305bcf5-2a96-4274-b287-0c56f29888ab.js
Requested by
Host: 1688th.com
URL: https://1688th.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
9e99b63d2e103f1ad059db7605f6195b3db1033c49a4d24817ada0adf8ea021a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
content-encoding
br
etag
"cb9969cd90ac3a9aef4812767f5ed197"
x-amz-meta-hb-minify
minify=0.0%, origSize=8214
date
Wed, 18 Dec 2024 03:04:59 GMT
last-modified
Sat, 14 Dec 2024 21:25:11 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
12/17/2024 14:50:59
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
d70215c3d9e3dd30e8f4587b4f7eee20
cdn-pullzone
1101156
cdn-proxyver
1.06
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
x-amz-server-side-encryption
AES256
382c3133-36dd-4f2f-9b84-b44cfcdff628.js
hb.wpmucdn.com/1688th.com/ 		773 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/1688th.com/382c3133-36dd-4f2f-9b84-b44cfcdff628.js
Requested by
Host: 1688th.com
URL: https://1688th.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
74e0277a63095468ad98efa29dc70932a7fc2f9e392d2d9d90063ca05ee32a69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
content-encoding
br
etag
"cbd1c1c9a00db855f825d06fc74d238d"
x-amz-meta-hb-minify
minify=0.0%, origSize=737
date
Wed, 18 Dec 2024 03:04:59 GMT
last-modified
Sat, 14 Dec 2024 20:00:11 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
12/17/2024 14:50:59
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
bc94cfd33af88261e231b452a0ef966c
cdn-pullzone
1101156
cdn-proxyver
1.06
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
x-amz-server-side-encryption
AES256
9a5137ac-e61b-4976-a9df-0fb2e566c320.js
hb.wpmucdn.com/1688th.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/1688th.com/9a5137ac-e61b-4976-a9df-0fb2e566c320.js
Requested by
Host: 1688th.com
URL: https://1688th.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
b0a225c2aa488adaf2ee757954355fae74c806fb7b19ce40446a8f2a435ee7bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
content-encoding
br
etag
"5e8700abdaca0e8a3458db36eb85b1b9"
x-amz-meta-hb-minify
minify=0.0%, origSize=7333
date
Wed, 18 Dec 2024 03:04:59 GMT
last-modified
Sat, 14 Dec 2024 20:00:10 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
12/17/2024 14:50:59
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
a504bae5656742ffbb20805f9ebf30a1
cdn-pullzone
1101156
cdn-proxyver
1.06
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
x-amz-server-side-encryption
AES256
percircle.js
1688th.com/wp-content/plugins/casino/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/js/percircle.js
Requested by
Host: 1688th.com
URL: https://1688th.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9866804c0ba5c626aeb04ef62e9c53bbfbd6eed74eae380816e26d355b97804b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"632ea186-47b"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7Ve2e5Guy3ZDvPEVwEGc%2BuvbCWDsVtKTF%2FkUBklDvq1LVsOrGYlXWycXih2dm2ziolNclkrO1cgGQTH2PXgiI%2FTS%2BZ0m8%2Bg8IquSVelRdUrce6L8jmhqZF1hd4%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27447&min_rtt=24883&rtt_var=1166&sent=106&recv=63&lost=0&retrans=0&sent_bytes=94576&recv_bytes=10414&delivery_rate=163618&cwnd=27600&unsent_bytes=0&cid=84a61de1c8cd560d&ts=434&x=1", cfExtPri, cfHdrFlush;dur=14
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 24 Sep 2022 06:19:50 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedbab82fabd9-YYZ
server
cloudflare
jquery-2.1.1.min.js
1688th.com/wp-content/plugins/casino/assets/js/ 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1688th.com/wp-content/plugins/casino/assets/js/jquery-2.1.1.min.js
Requested by
Host: 1688th.com
URL: https://1688th.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1b82725819fba761d03c03a208214a9157bb026cc5e843d43105970407603a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"632ea186-1493c"
age
166
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehvTUklZc9cqMOuCU3KHTfnnYtzHWs29V3Ctsl1SxIGne00hVm1Zf%2BOlj9ZiEsRVdWoZLyH6WenAjZ4rBr%2BcRDG2ChCAVGic6bOknNCL45wjgwR5tfgSrnfoCzw%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27447&min_rtt=24883&rtt_var=1166&sent=106&recv=63&lost=0&retrans=0&sent_bytes=94576&recv_bytes=10414&delivery_rate=163618&cwnd=27600&unsent_bytes=0&cid=84a61de1c8cd560d&ts=432&x=1", cfExtPri, cfHdrFlush;dur=16
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 24 Sep 2022 06:19:50 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3bedbab831abd9-YYZ
server
cloudflare
ddb9604e-7ef6-49bb-a23c-7192a6a7bfce.js
hb.wpmucdn.com/1688th.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/1688th.com/ddb9604e-7ef6-49bb-a23c-7192a6a7bfce.js
Requested by
Host: 1688th.com
URL: https://1688th.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
d6dfcc7041a92ddf0dc26b0b872e2dc4944035e70a3df447fb0176b870e38008

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
content-encoding
br
etag
"1c88cbc4adda8ca031607d326e19ebc0"
x-amz-meta-hb-minify
minify=0.0%, origSize=11894
date
Wed, 18 Dec 2024 03:04:59 GMT
last-modified
Sat, 14 Dec 2024 20:00:08 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
12/17/2024 14:50:59
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
d1d0ee66dfbc67550ab348d17dbd3c54
cdn-pullzone
1101156
cdn-proxyver
1.06
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
CA
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZGPK6HMJ5D&gtm=45je4cc1v895638224za200&_p=1734491099003&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dZGIzZG&cid=461662509.1734491099&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734491099&sct=1&seg=0&dl=https%3A%2F%2F1688th.com%2Fcasino%2F%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown%2F&dt=%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8E(UTown)%20-%20%E5%A8%9B%E6%A8%82%E5%9F%8E%E7%B8%BD%E4%BB%A3%E7%90%86(%E6%A8%82%E6%A8%82)%EF%BD%9C%E6%8E%A8%E8%96%A6%E7%99%BE%E5%AE%B6%E6%A8%82%E8%88%87%E8%80%81%E8%99%8E%E6%A9%9F%E7%9A%84%E6%9C%80%E4%BD%B3%E5%A8%9B%E6%A8%82%E5%9F%8E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=616
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZGPK6HMJ5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1688th.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
text/plain
server
Golfe2
cropped-%E6%A8%82%E6%A8%82%E5%8F%B0%E7%81%A3%E5%A8%9B%E6%A8%82%E5%9F%8E-32x32.webp
b2467849.smushcdn.com/2467849/wp-content/uploads/2022/10/ 		890 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b2467849.smushcdn.com/2467849/wp-content/uploads/2022/10/cropped-%E6%A8%82%E6%A8%82%E5%8F%B0%E7%81%A3%E5%A8%9B%E6%A8%82%E5%9F%8E-32x32.webp?lossy=0&strip=1&webp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1207 /
Resource Hash
7b9e6e0a5ef0bb675969a8b5c7c2fddc3f5734a25cd3e616456aeef3791d4cde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"5848d08eb58d5c1ccc86cdc2a2351a0d"
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
image/webp
last-modified
Mon, 25 Nov 2024 15:05:52 GMT
x-amz-expiration
expiry-date="Thu, 26 Dec 2024 00:00:00 GMT", rule-id="expire"
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
12/18/2024 03:02:14
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
2
smushed
origFmt=webp, origSize=1082, smushRatio=17.74, skipped=0, originCache=HIT
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
662bab19c9f05170580134cb59ab4cc4
cdn-pullzone
1095164
cdn-proxyver
1.07
accept-ranges
bytes
access-control-allow-origin
*
content-length
890
cdn-edgestorageid
1233
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
CA
analytics.js
stats.wpmucdn.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wpmucdn.com/analytics.js
Requested by
Host: 1688th.com
URL: https://1688th.com/casino/%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1206 /
Resource Hash
230facbc81b146c0992a734f6b1a47df5e051302a2c5b0412020a411a49f3a14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
content-encoding
br
etag
"65e9b379-1131c"
date
Wed, 18 Dec 2024 03:04:59 GMT
last-modified
Thu, 07 Mar 2024 12:30:49 GMT
cdn-cachedat
12/11/2024 04:23:50
vary
Accept-Encoding
content-type
application/javascript
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=86400
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
fa2065ea0617f3b52b9ff338660de6f5
cdn-pullzone
1121147
cdn-proxyver
1.06
cdn-edgestorageid
718
server
BunnyCDN-IL1-1206
cdn-requestcountrycode
CA
%E6%A8%82%E6%A8%82%E5%8F%B0%E7%81%A3%E5%A8%9B%E6%A8%82%E5%9F%8E.webp
b2467849.smushcdn.com/2467849/wp-content/uploads/2022/10/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2467849.smushcdn.com/2467849/wp-content/uploads/2022/10/%E6%A8%82%E6%A8%82%E5%8F%B0%E7%81%A3%E5%A8%9B%E6%A8%82%E5%9F%8E.webp?lossy=0&strip=1&webp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1207 /
Resource Hash
0fabadf3fa5f0d5984fc8fa2c76f1a6c0fbfe2498188035e7fc052eca199c2c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1688th.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"ab1de91b1b72edc119d6aeff47255a66"
date
Wed, 18 Dec 2024 03:04:59 GMT
content-type
image/webp
last-modified
Sun, 15 Dec 2024 20:52:13 GMT
x-amz-expiration
expiry-date="Wed, 15 Jan 2025 00:00:00 GMT", rule-id="expire"
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
12/17/2024 14:51:01
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
smushed
origFmt=webp, origSize=13588, smushRatio=0, skipped=1, originCache=HIT
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
e8b87a766172c0e8c898b276bdfe594e
cdn-pullzone
1095164
cdn-proxyver
1.07
accept-ranges
bytes
access-control-allow-origin
*
content-length
13588
cdn-edgestorageid
1233
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
CA
/
stats1.wpmudev.com/track/ 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats1.wpmudev.com/track/?action_name=%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8E(UTown)%20-%20%E5%A8%9B%E6%A8%82%E5%9F%8E%E7%B8%BD%E4%BB%A3%E7%90%86(%E6%A8%82%E6%A8%82)%EF%BD%9C%E6%8E%A8%E8%96%A6%E7%99%BE%E5%AE%B6%E6%A8%82%E8%88%87%E8%80%81%E8%99%8E%E6%A9%9F%E7%9A%84%E6%9C%80%E4%BD%B3%E5%A8%9B%E6%A8%82%E5%9F%8E&idsite=45042&rec=1&r=321695&h=19&m=4&s=59&url=https%3A%2F%2F1688th.com%2Fcasino%2F%E5%84%AA%E5%A1%94%E5%A8%9B%E6%A8%82%E5%9F%8Eutown%2F&_id=05496cd9b9fdd659&_idts=1734491100&_idvc=1&_idn=1&_refts=0&_viewts=1734491100&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension1=%7B%22ID%22%3A1%2C%22name%22%3A%22admin%22%2C%22avatar%22%3A%229ddd60a6bb8da7007850f5021707c0dd%22%7D&gt_ms=75&pv_id=fIMMhl
Requested by
Host: stats.wpmucdn.com
URL: https://stats.wpmucdn.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.51.21 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-51-21.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://1688th.com/

Response headers

access-control-allow-origin
https://1688th.com
content-encoding
none
date
Wed, 18 Dec 2024 03:04:59 GMT
server
nginx
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| mi_version boolean| mi_track_user object| MonsterInsightsDefaultLocations object| MonsterInsightsLocations object| disableStrs function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| monsterinsights_frontend object| __cfQR object| google_tag_manager object| google_tag_data object| gaGlobal function| MonsterInsights object| MonsterInsightsObject function| $ function| jQuery object| _paq object| generatepressMenu object| generatepressBackToTop object| lazySizes boolean| __cfRLUnblockHandlers object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

5 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: obi34W-efbd248312e5a46575-005
.1688th.com/ Name: _ga_ZGPK6HMJ5D
Value: GS1.1.1734491099.1.0.1734491099.0.0.0
.1688th.com/ Name: _ga
Value: GA1.1.461662509.1734491099
1688th.com/ Name: _pk_id.45042.f410
Value: 05496cd9b9fdd659.1734491100.1.1734491100.1734491100.
1688th.com/ Name: _pk_ses.45042.f410
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1688th.com
b2467849.smushcdn.com
bit.ly
hb.wpmucdn.com
stats.wpmucdn.com
stats1.wpmudev.com
www.google-analytics.com
www.googletagmanager.com
172.66.40.236
2400:52e0:1a00::1206:2
2400:52e0:1a00::1207:2
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1f::66
3.19.51.21
37.19.207.34
67.199.248.10
0fabadf3fa5f0d5984fc8fa2c76f1a6c0fbfe2498188035e7fc052eca199c2c1
1d9e8afed51300dd74d8809df103840c4a449e2532992ef0fb7c8a97f44a65a3
20ca99849a9cfb6b5612b5742670abc9c5ab1a7586ed37320c3e6e8391a895d7
230facbc81b146c0992a734f6b1a47df5e051302a2c5b0412020a411a49f3a14
3695e658a53e1d2ad696e5a4f1d32758a168f868b67f6a8c7aebaa929cf5fad9
50d05bda3fbb63cca582bd71ddeaccdf693cfa4cbc4c138c3096645371643dc9
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb
52ec4d833cfa502f109fcc197b417736165f53d3d0b4e73a2801c8d50b641805
59a894db90cdef838b3570c8cbed053e751a14df7af9b5d3113086a6bd4d011f
5fd262ca6bd2bdcf82dddbc6202d7df76260d896be24ebdfb515262957defe6a
636d4a10a0b994f09792721a156a5012d5ca07cf6938a86f899c51c05cefaaa9
70f79055eaed12fbaeb19868e72e3466503c1345476fbcb79e8f7e80f37820d9
74e0277a63095468ad98efa29dc70932a7fc2f9e392d2d9d90063ca05ee32a69
7b9e6e0a5ef0bb675969a8b5c7c2fddc3f5734a25cd3e616456aeef3791d4cde
7c92c980fdb4ed0407abe0c24132bb38376719ce502b6f0bc41753ce29275761
8fb57d366a145a65b3f26839586cb82ff32abb2be2771db20c4f96d06afac346
967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6
9866804c0ba5c626aeb04ef62e9c53bbfbd6eed74eae380816e26d355b97804b
9e99b63d2e103f1ad059db7605f6195b3db1033c49a4d24817ada0adf8ea021a
ac1b82725819fba761d03c03a208214a9157bb026cc5e843d43105970407603a
b0a225c2aa488adaf2ee757954355fae74c806fb7b19ce40446a8f2a435ee7bf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d6dfcc7041a92ddf0dc26b0b872e2dc4944035e70a3df447fb0176b870e38008
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855