urlscan.io logo urlscan.io
SecurityTrails logo

lap.sj999.top Open in urlscan Pro
2606:4700:3034::6815:19fb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lap.sj999.top/step2.php
Effective URL: https://lap.sj999.top/step2.php
Submission: On January 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3034::6815:19fb, located in United States and belongs to CLOUDFLARENET, US. The main domain is lap.sj999.top.
TLS certificate: Issued by GTS CA 1P5 on December 5th 2023. Valid for: 3 months.
This is the only time lap.sj999.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 8 146.75.28.193 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 2607:f8b0:400... 15169 (GOOGLE)
19 11
1    2606:4700:3032::ac43:86f4 (United States)

ASN13335 (CLOUDFLARENET, US)
lap.sj999.top
1    2606:4700:3034::6815:19fb (United States)

ASN13335 (CLOUDFLARENET, US)
lap.sj999.top
1    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3030::ac43:9a37 (United States)

ASN13335 (CLOUDFLARENET, US)
563cdn.com
8    146.75.28.193 (Ashburn, United States)

ASN54113 (FASTLY, US)
i.imgur.com
2    2606:4700:3032::ac43:9ca4 (United States)

ASN13335 (CLOUDFLARENET, US)
tj.657g.xyz
1    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3033::ac43:9de8 (United States)

ASN13335 (CLOUDFLARENET, US)
lap.wlb9i.top
1    2606:4700:3031::6815:2364 (United States)

ASN13335 (CLOUDFLARENET, US)
lap.cx31.top
1    2606:4700:3030::6815:3560 (United States)

ASN13335 (CLOUDFLARENET, US)
lap.sj979.top
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    2607:f8b0:4004:c17::71 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7298
321 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10853
12 KB
2 657g.xyz
tj.657g.xyz
2 KB
2 sj999.top
lap.sj999.top
8 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
253 B
1 sj979.top
lap.sj979.top
34 KB
1 cx31.top
lap.cx31.top
34 KB
1 wlb9i.top
lap.wlb9i.top
34 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
1 563cdn.com
563cdn.com
89 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
33 KB
19 11
Domain Requested by
8 i.imgur.com 1 redirects lap.sj999.top
2 hm.baidu.com lap.sj999.top
2 tj.657g.xyz lap.sj999.top
tj.657g.xyz
2 lap.sj999.top 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 lap.sj979.top ajax.googleapis.com
1 lap.cx31.top ajax.googleapis.com
1 lap.wlb9i.top ajax.googleapis.com
1 www.googletagmanager.com lap.sj999.top
1 563cdn.com lap.sj999.top
1 ajax.googleapis.com lap.sj999.top
19 11

This site contains no links.

Subject Issuer Validity Valid
sj999.top
GTS CA 1P5		 2023-12-05 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
563cdn.com
Cloudflare Inc ECC CA-3		 2023-05-12 -
2024-05-10		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
657g.xyz
GTS CA 1P5		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
wlb9i.top
GTS CA 1P5		 2023-12-05 -
2024-03-04		 3 months crt.sh
cx31.top
GTS CA 1P5		 2024-01-24 -
2024-04-23		 3 months crt.sh
sj979.top
GTS CA 1P5		 2023-12-05 -
2024-03-04		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lap.sj999.top/step2.php
Frame ID: C6700F59BF8BA53EE7206B84DCB455EB
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

STUDENTS LAPTOPS SUPPORT 2024

Page URL History Show full URLs

  1. http://lap.sj999.top/step2.php HTTP 301
    https://lap.sj999.top/step2.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

83 %
IPv6

11
Domains

11
Subdomains

11
IPs

2
Countries

658 kB
Transfer

1113 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lap.sj999.top/step2.php HTTP 301
    https://lap.sj999.top/step2.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://i.imgur.com/xp1ER6K.jpg HTTP 302
  • https://i.imgur.com/removed.png

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request step2.php
lap.sj999.top/
Redirect Chain
  • http://lap.sj999.top/step2.php
  • https://lap.sj999.top/step2.php
24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:19fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8188e0beea1a705337cdaf02c14cec279094570a95619e25a18987ab5fe2fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84bbf8ef582a4bc7-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 Jan 2024 21:50:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ocQyG1UVrLEKs5%2BK8eF%2B0%2FPzggnCQaWM3ZknmCXMFToSo2lLZ8hCAnRSe%2Bn2fC8uLUpaNt8M6QMSerMP7q18NQBoemPxM6q1Rk%2BcbgKHNGTI2pgTG8cKSMvS8ksCMdcroOt2Z%2F2gZs0Shfo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
84bbf8ee3c126aed-BUF
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 26 Jan 2024 21:50:35 GMT
Expires
Fri, 26 Jan 2024 22:50:35 GMT
Location
https://lap.sj999.top/step2.php
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trJwAq%2FEKckYRzAq3m2LgE4Aky4EDEaM1vtOV%2F9ZBhCsJoilGH5Fl%2FylCVritmWEDkEoPi8QbWNznrVEgRFulk3MD54IsoIkzmNLDj32PcwVuo3319EG2J3N%2BFRs1I%2FgO57B%2FpHcpxfy0dRP"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 16:24:21 GMT
laptopfree.jpeg
563cdn.com/images/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://563cdn.com/images/laptopfree.jpeg
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:9a37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7887bebae5fca7fb2139245ab9ae67b401da166c6737367a98097b73b7db8dda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:36 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 24 Jan 2024 01:59:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ad43c64a98ce069e008bd61dbd64f87e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arEE1H%2FwfUjMIhrv7TSDWWlulhu%2Bfo4UkOfAZFUIaw6Nxk9KFVd6yg6MG8twYFW3yKz5kTSxzvwhbiMwJiId%2BSmPZn9V0TyHdNpiDP15rwK9Iza3vXM0BzCzdyUWr3Q%2F5DGiC8jQ%2B7Yu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbf8f1eb324bc3-BUF
alt-svc
h3=":443"; ma=86400
content-length
90602
KVSxPlB.png
i.imgur.com/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/KVSxPlB.png
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
515fad34dd3614b1e333d2ac791a7d99568e4c71972750650c8ae0f9a40e60ec
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:35 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1269053
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
100200
x-served-by
cache-iad-kiad7000106-IAD
last-modified
Mon, 13 Mar 2023 09:34:32 GMT
server
cat factory 1.0
x-timer
S1706305836.830737,VS0,VE2
etag
"b6b79b21819de0e1bacfd881b2f6fa5c"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
h8QYHtbY5JHYratkl1Rge-7I3pgcJTPAM3oTMPX6eQdErJdf7xgc_Q==
x-cache-hits
1
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/xp1ER6K.jpg
  • https://i.imgur.com/removed.png
503 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:35 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
4544160
x-cache
HIT
content-length
503
x-served-by
cache-iad-kiad7000106-IAD
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1706305836.981869,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
51575

Redirect headers

x-cache-hits
0
date
Fri, 26 Jan 2024 21:50:35 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
x-timer
S1706305836.904492,VS0,VE19
x-cache
HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kiad7000106-IAD
X7zwjbp.png
i.imgur.com/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/X7zwjbp.png
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
21b86e847df9171acc3e09d37b72b5711d26a023ed7686a1e8c2dcf423c51855
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:35 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P1
age
1446792
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
66340
x-served-by
cache-iad-kiad7000106-IAD
last-modified
Mon, 13 Mar 2023 10:06:03 GMT
server
cat factory 1.0
x-timer
S1706305836.904660,VS0,VE2
etag
"e4304d5652b780b64411fad267ff70b4"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bxhYAOgTYbR9yfHoLEGInjdWr6FMOrQaF5SjYPes44hXj-OHnodZNA==
x-cache-hits
1
zn9ACZw.jpg
i.imgur.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/zn9ACZw.jpg
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a6cfbe85f5c657ab20c4d866d086ec47505bb8c5016cb15f53ab0931a1943a66
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:35 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
223633
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
25522
x-served-by
cache-iad-kiad7000106-IAD
last-modified
Mon, 03 Jul 2023 07:59:40 GMT
server
cat factory 1.0
x-timer
S1706305836.904829,VS0,VE1
etag
"d964240f6d11948bf8d0f72498d2caf8"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gvOh_jDnxovRLDfc0p8xluQmcZMnRCfMvnQqJIQ_twqTNzadcWkQbg==
x-cache-hits
1
iJ7drVk.png
i.imgur.com/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/iJ7drVk.png
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d1ed2123cb99a69af3766b092ef3afa829d465c6f12b3fc83ef401280d6760f1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:35 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-P1
age
963746
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
44356
x-served-by
cache-iad-kiad7000106-IAD
last-modified
Mon, 03 Jul 2023 07:59:41 GMT
server
cat factory 1.0
x-timer
S1706305836.904932,VS0,VE2
etag
"9564047137c2d7c3e9109c378eafbb1f"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gkYM4qqAEKkHt0YASi9_uCfNSMsgjOiEQRC4olEaqfcOrW_i6NlZ-w==
x-cache-hits
1
HU9yXmp.png
i.imgur.com/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/HU9yXmp.png
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1044dbb59ef354c7bf686f138fd068bc54ae1effc53e3b4c3c2726776cb6442b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:35 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
4543381
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
45590
x-served-by
cache-iad-kiad7000106-IAD
last-modified
Mon, 03 Jul 2023 07:59:40 GMT
server
cat factory 1.0
x-timer
S1706305836.905449,VS0,VE1
etag
"f8d1cd360f202fce5a04958753354e18"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
MaRyG9gb8wAJ9yOsrIF6aD6w8wF5l3q4Xc1wuETMgPwOVoQKJpwe-A==
x-cache-hits
1
eR7rBVn.png
i.imgur.com/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/eR7rBVn.png
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
75b6a8b5f5aa45a6de41b44756b2329e7a21032883a3c2c539fc37d80fea1a2f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:35 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
221629
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
43839
x-served-by
cache-iad-kiad7000106-IAD
last-modified
Mon, 03 Jul 2023 07:59:40 GMT
server
cat factory 1.0
x-timer
S1706305836.905390,VS0,VE2
etag
"2409c2b754c5ab9bd54a8d4d40abcd0a"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Y7eSiDpyAgKuTwvfRRaxeZh14pGTERNWTvp8I-nLfBYMfHqtzHpblg==
x-cache-hits
1
script.js
tj.657g.xyz/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tj.657g.xyz/js/script.js
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9ca4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9857
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Jan 2024 19:06:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJq22hGp1iSqEK9H9xoBWTiFlcaClAKsf4%2Fhyz87h0Tr3j%2BXTkumF8Bw2OYdoWyL2J27w%2B7Wsl55%2F426%2FCe5XII6QV8qh5AlPekfyyL5LHfUpTvsYMz7yCHvZ11ziUIsk3H2KuKyvkAcjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
84bbf8f3db4f4bd2-BUF
expires
Sat, 27 Jan 2024 07:07:58 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7X1E48RS3B
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8c0cd1cadb5e1f7d28c6e37d512e82537b0367f078c705c8fd7c243530ad082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93895
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 21:50:35 GMT
jquery.min.js
lap.wlb9i.top/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lap.wlb9i.top/js/jquery.min.js?_=1706305835880
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9de8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640068c9-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfr3GvELB3bUyxNgI6qhc14hPkOk26PKS5dDxKXWVM25iDHfQaEiKlNFn9JBSQvxK3WkL0Ia4qKrPXIfnVDILbZVOfxv2ri%2Bt6FvIzWwqTc20%2BnFEr9CPt3WFuW0VQkvEwJBMTaYswgwT3Pv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
84bbf8f3ddee6aed-BUF
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jan 2024 09:50:36 GMT
jquery.min.js
lap.cx31.top/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lap.cx31.top/js/jquery.min.js?_=1706305835881
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640068c9-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGTJV2A1LQa9nRfm7J4Xv%2FfFN%2FyTusb0KKx1whiAQTK%2F2ocI3%2BKMLG2a5ssNxlhbMpa49xZJ1uPkEVGQBBah9xWGbPKP7AsuBnJ1dpzmovoRI%2BGbS4eNMaU4%2BS%2FO%2BlpO%2FH%2Ft%2FONLae4%2FDN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
84bbf8f3e8844bd3-BUF
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jan 2024 09:50:36 GMT
jquery.min.js
lap.sj979.top/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lap.sj979.top/js/jquery.min.js?_=1706305835882
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:50:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 09:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640068c9-1762e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ%2BNlx%2Fh%2B45tuHnd5tKJ7UYd7BxnJBv8YIyzgGiBvA85TS1xi5YedfraUHAFL0qyTb252vJQjVce80gTgbtfjuFGavlfyECwfpGw2iaRwkxzQwDNzjzSK%2FrYzfGAQ6nfxrmrPSdLhMZb2m8E"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
84bbf8f3ed1f4bc1-BUF
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jan 2024 09:50:36 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?fcd00d91beb664338cdb1c25cac35fd3
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
c45b81580ab84205fbd1a88e23bf7539a1d7d20924f7b08359b4a3dfea27b1ec
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 21:50:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
8af023564613895ce2bed129d984eb11
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11259
collect
www.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7X1E48RS3B&gtm=45je41o0v9173669795&_p=1706305835916&gcd=11l1l1l1l1&dma=0&cid=1647672684.1706305836&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706305836&sct=1&seg=0&dl=https%3A%2F%2Flap.sj999.top%2Fstep2.php&dt=STUDENTS%20LAPTOPS%20SUPPORT%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7X1E48RS3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 21:50:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lap.sj999.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
tj.657g.xyz/api/ 		2 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tj.657g.xyz/api/event
Requested by
Host: tj.657g.xyz
URL: https://tj.657g.xyz/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9ca4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://lap.sj999.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Jan 2024 21:50:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYzzxDbSq0PX7f0eCjWJFKZ8bcrbyHLST6yH32ciVmsAbDfvzQo0Feq9VsGUHrXpzcFoUpNZKfnqn4PTZ0CcQqLhOgTV3yTU554ljm%2F7O31jqtP7SiDWWspjlA0nZkCV2S%2FvkFOObwCbiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
84bbf8f4898b4bbd-BUF
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F64ENTeoyNiuW_caJiwi
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=936542272&si=fcd00d91beb664338cdb1c25cac35fd3&v=1.3.0&lv=1&sn=36577&r=0&ww=1600&u=https%3A%2F%2Flap.sj999.top%2Fstep2.php%231706305836417&tt=STUDENTS%20LAPTOPS%20SUPPORT%202024
Requested by
Host: lap.sj999.top
URL: https://lap.sj999.top/step2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lap.sj999.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Jan 2024 21:50:37 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Cookies number| timeleft number| downloadTimer number| quota number| time number| likes number| comments number| shares string| text1 string| text2 string| text3 string| error string| abcde string| saved string| share object| swidth number| width function| randomString function| hh function| jp function| fh function| gtag object| dataLayer object| _hmt object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| plausible boolean| _bdhm_loaded_fcd00d91beb664338cdb1c25cac35fd3 object| mini_tangram_log_doiqgi

7 Cookies

Domain/Path Name / Value
lap.sj999.top/ Name: loclang
Value: en
.sj999.top/ Name: _ga_7X1E48RS3B
Value: GS1.1.1706305836.1.0.1706305836.0.0.0
.sj999.top/ Name: _ga
Value: GA1.1.1647672684.1706305836
lap.sj999.top/ Name: jumpurl
Value: lap.cx31.top
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 874C3E2DCDF49402
.lap.sj999.top/ Name: Hm_lvt_fcd00d91beb664338cdb1c25cac35fd3
Value: 1706305837
.lap.sj999.top/ Name: Hm_lpvt_fcd00d91beb664338cdb1c25cac35fd3
Value: 1706305837

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

563cdn.com
ajax.googleapis.com
hm.baidu.com
i.imgur.com
lap.cx31.top
lap.sj979.top
lap.sj999.top
lap.wlb9i.top
tj.657g.xyz
www.google-analytics.com
www.googletagmanager.com
103.235.46.191
146.75.28.193
2606:4700:3030::6815:3560
2606:4700:3030::ac43:9a37
2606:4700:3031::6815:2364
2606:4700:3032::ac43:86f4
2606:4700:3032::ac43:9ca4
2606:4700:3033::ac43:9de8
2606:4700:3034::6815:19fb
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c17::71
2607:f8b0:4004:c1b::61
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
1044dbb59ef354c7bf686f138fd068bc54ae1effc53e3b4c3c2726776cb6442b
1f8188e0beea1a705337cdaf02c14cec279094570a95619e25a18987ab5fe2fd
21b86e847df9171acc3e09d37b72b5711d26a023ed7686a1e8c2dcf423c51855
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
515fad34dd3614b1e333d2ac791a7d99568e4c71972750650c8ae0f9a40e60ec
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
75b6a8b5f5aa45a6de41b44756b2329e7a21032883a3c2c539fc37d80fea1a2f
7887bebae5fca7fb2139245ab9ae67b401da166c6737367a98097b73b7db8dda
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
a6cfbe85f5c657ab20c4d866d086ec47505bb8c5016cb15f53ab0931a1943a66
b8c0cd1cadb5e1f7d28c6e37d512e82537b0367f078c705c8fd7c243530ad082
c45b81580ab84205fbd1a88e23bf7539a1d7d20924f7b08359b4a3dfea27b1ec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1ed2123cb99a69af3766b092ef3afa829d465c6f12b3fc83ef401280d6760f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855