urlscan.io logo urlscan.io
SecurityTrails logo

www.marksydney.com Open in urlscan Pro
23.27.71.143  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.marksydney.com/
Submission: On September 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 35 HTTP transactions. The main IP is 23.27.71.143, located in Santa Clara, United States and belongs to EGIHOSTING, US. The main domain is www.marksydney.com.
This is the only time www.marksydney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 23.27.71.143 18779 (EGIHOSTING)
1 3 157.230.249.119 14061 (DIGITALOC...)
1 1 104.21.76.124 13335 (CLOUDFLAR...)
17 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 185.59.220.193 60068 (CDN77 ^_^)
2 18.142.153.230 16509 (AMAZON-02)
35 5
13    23.27.71.143 (Santa Clara, United States)

ASN18779 (EGIHOSTING, US)
www.marksydney.com
3    157.230.249.119 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
168xoso.com
1682xoso.com
1    104.21.76.124 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
www.vb135.com
17    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
www.tk88.win
1    185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-601.bunnyinfra.net
w.ladicdn.com
2    18.142.153.230 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-153-230.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
Apex Domain
Subdomains		 Transfer
17 tk88.win
www.tk88.win
763 KB
13 marksydney.com
www.marksydney.com
239 KB
2 ladipage.com
a.ladipage.com — Cisco Umbrella Rank: 109175
632 B
2 1682xoso.com
1682xoso.com
38 KB
1 ladicdn.com
w.ladicdn.com — Cisco Umbrella Rank: 92809
83 KB
1 vb135.com
www.vb135.com
462 B
1 168xoso.com
168xoso.com
227 B
35 7
Domain Requested by
17 www.tk88.win www.marksydney.com
www.tk88.win
13 www.marksydney.com www.marksydney.com
2 a.ladipage.com www.tk88.win
2 1682xoso.com www.marksydney.com
1 w.ladicdn.com www.tk88.win
1 www.vb135.com 1 redirects
1 168xoso.com 1 redirects
35 7

This site contains links to these domains. Also see Links.

Domain
1682xoso.com
Subject Issuer Validity Valid
*.tk88.win
E1		 2022-08-25 -
2022-11-23		 3 months crt.sh
w.ladicdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
a.ladipage.com
Amazon		 2022-06-17 -
2023-07-16		 a year crt.sh
1682xoso.com
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.marksydney.com/
Frame ID: AEBC445DD7EB9ED6C07758CC8F9002AA
Requests: 15 HTTP requests in this frame

Frame: https://www.tk88.win/?inviteCode=06099013
Frame ID: 23A7325136A410AAD1760913E02719E3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

bạch thủ mb hôm nay_Đại lý lô đề tỉ lệ ăn cao

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

60 %
HTTPS

17 %
IPv6

7
Domains

7
Subdomains

5
IPs

4
Countries

1123 kB
Transfer

2358 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://168xoso.com/ma-nhung-ket-qua HTTP 301
  • https://1682xoso.com/ma-nhung-ket-qua
Request Chain 12
  • https://www.vb135.com/?inviteCode=06099013 HTTP 301
  • https://www.tk88.win/?inviteCode=06099013

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.marksydney.com/ 		52 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
802bdb5b75c9b512be5255101c7cd670cbd590d2ed2babc9ff2da4e839652c82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 21:02:30 GMT
Server
Microsoft-IIS/8.5
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
newstyle.css
www.marksydney.com/template/bbs/xoso/static/css/ 		43 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/template/bbs/xoso/static/css/newstyle.css
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2b1378200a2ceb7c3e84ff2d3930259237ca6716a88438bca21a4304c012bb0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Oct 2021 05:24:45 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c3174b8ee13c"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
lol.css
www.marksydney.com/template/bbs/xoso/static/css/ 		296 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/template/bbs/xoso/static/css/lol.css
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
41a0aa56710a783277e9e68f1b55652b9c96229ec6b8d571adbda24462951d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Oct 2021 05:25:12 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c3175ba2b365"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
calendar.css
www.marksydney.com/template/bbs/xoso/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/template/bbs/xoso/static/css/calendar.css
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0da29a548f441fedb5d861ef65ed805f1880d27b84ac15a69197cf29652755dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Oct 2021 02:30:11 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c2fee890abcf"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
babylonassjs.js
www.marksydney.com/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/babylonassjs.js
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
89fc221a82d42de9262158ab82a14356d4834109221164c827e897dcbbf3f5ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:30 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
tinhwaiting.gif
www.marksydney.com/template/bbs/xoso/static/picture/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.marksydney.com/template/bbs/xoso/static/picture/tinhwaiting.gif
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
31b5d5ee88d03f762ca6e6ade0844020fd693dd72b332443891301910b8770e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:31 GMT
Last-Modified
Sun, 17 Oct 2021 02:31:57 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c2ff27bf1c6f"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
4335
ma-nhung-ket-qua
1682xoso.com/
Redirect Chain
  • https://168xoso.com/ma-nhung-ket-qua
  • https://1682xoso.com/ma-nhung-ket-qua
99 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1682xoso.com/ma-nhung-ket-qua
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
H2
Server
157.230.249.119 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / LarVPS
Resource Hash
8902841a07a49d9893bc0d4a066a35e1787a9c681d0f176c31eb4d6565ffd511
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
content-encoding
gzip
server
nginx
x-powered-by
LarVPS
x-download-options
noopen, noopen
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
link
<https://1682xoso.com/backend/wp-json/>; rel="https://api.w.org/", <https://1682xoso.com/backend/wp-json/wp/v2/pages/57232>; rel="alternate"; type="application/json", <https://1682xoso.com/?p=57232>; rel=shortlink
access-control-allow-headers
X-Requested-With
x-xss-protection
1; mode=block, 1; mode=block

Redirect headers

date
Thu, 29 Sep 2022 21:02:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
x-powered-by
LarVPS
x-download-options
noopen
content-type
text/html
location
https://1682xoso.com/ma-nhung-ket-qua
content-length
162
x-xss-protection
1; mode=block
tj-easy-autocomplete-countdown.js
www.marksydney.com/ 		0
291 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/tj-easy-autocomplete-countdown.js
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:31 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
jquerylib.js
www.marksydney.com/template/bbs/xoso/static/js/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/template/bbs/xoso/static/js/jquerylib.js
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b0ea3d9ba83e515d8ae6a36eea23403c8928b81a8f84ac93d10c4e6a22d6b93a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Oct 2021 02:31:58 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c2ff28521cd5"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
xsdp.min.js
www.marksydney.com/template/bbs/xoso/static/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/template/bbs/xoso/static/js/xsdp.min.js
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f46ab3e7d03e2d95df0eb7311579b4cc75e0b756d5c6edc8c3ad835c6e9be3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Oct 2021 02:30:16 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c2feeb8be74b"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
main.js
www.marksydney.com/template/bbs/xoso/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/template/bbs/xoso/static/js/main.js
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8c97bc08aa96c0cb22cccdad42835954e4dafa4f8c6f5b4aac3bec7ec2cf9a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Oct 2021 02:31:57 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c2ff27bf1dd7"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
main_index.js
www.marksydney.com/template/bbs/xoso/static/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/template/bbs/xoso/static/js/main_index.js
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
335e27241743545d00324b1911fd0ae938ddc5ddf0d1d74864e1f5314119d752

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Oct 2021 02:32:01 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c2ff2a217ae0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
newscript.js
www.marksydney.com/template/bbs/xoso/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/template/bbs/xoso/static/js/newscript.js
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9a47238b6cac453c13d7c1fc00c7eb52443956e1b761d6cd801361f15ec83cba

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Oct 2021 02:31:59 GMT
Server
Microsoft-IIS/8.5
ETag
"1d7c2ff28f0378b"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
/
www.tk88.win/ Frame 23A7
Redirect Chain
  • https://www.vb135.com/?inviteCode=06099013
  • https://www.tk88.win/?inviteCode=06099013
55 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tk88.win/?inviteCode=06099013
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b3ade141b228efaa39fc0f5a5ff142582b04f6cb4ebaa0bbc5313c666e0c0f8

Request headers

Referer
http://www.marksydney.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7527a90d5dd4bbe6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 21:02:33 GMT
last-modified
Fri, 26 Aug 2022 05:39:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ETGvGO2fScZD7Qj6CkUHG%2BGLt5Q5TDqsyInUk8%2BkTvFDuryjcZE5D3FYHv8%2BTHcRNbWd%2FTwx8HwR1AAmfHuePJzFS1KXaFuI3p0%2FP4UntkJ8atBBQwqru4OvmJGKRFw6hDcxr2PpTKKJTU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
7527a90cac927735-LHR
date
Thu, 29 Sep 2022 21:02:32 GMT
expires
Thu, 29 Sep 2022 22:02:32 GMT
location
https://www.tk88.win/?inviteCode=06099013
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEo007FkWTezDJrVBDbeDTH5TMRDKGj8JIp4MQn7U8hhD7rSWmQCLzpqH6ERwdRqfFdPyivNFe70PwkGNK4jZ8eLT85t8bBeaI4%2BqFH3PSvX27vLSDor24i4fhvbaKnA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
fontawesome-webfont.woff2
www.marksydney.com/xskt/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.marksydney.com/xskt/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.marksydney.com
URL: http://www.marksydney.com/template/bbs/xoso/static/css/lol.css
Protocol
HTTP/1.1
Server
23.27.71.143 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer
http://www.marksydney.com/template/bbs/xoso/static/css/lol.css
Origin
http://www.marksydney.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Thu, 29 Sep 2022 21:02:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
a6b1fa952b524422900b489eaa9a8541.css
www.tk88.win/static/css/ Frame 23A7 		4 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tk88.win/static/css/a6b1fa952b524422900b489eaa9a8541.css
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8243e7ea6f6319c0bee0038a824a757ba48667fcdeb682174fb3bbc39fd2e8dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117473
cf-polished
origSize=5131
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
W/"140b-63085c8a-2b21f2d39da34467;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FGeo9cJV1s%2BODFIvd%2BIjIs43h9PPfTolX78j9BI%2Feh%2BD0Xx2ye50uiLepSKU9SelYyZuLonsLYbZlsj1bGypx0GzTngdt5btue2VQeWBFa20VvXnqY%2FNteE2mF%2FCB57Pd8ddhq9GCboQf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
cf-ray
7527a910eedebbe6-FRA
expires
Wed, 05 Oct 2022 12:24:40 GMT
ladipage.vi.min.js
w.ladicdn.com/v2/source/ Frame 23A7 		334 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1661487971092
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-601.bunnyinfra.net
Software
BunnyCDN-DE-601 /
Resource Hash
76c63f3d954dfb8074fc01e8933edeb19b17a91adf7097a0eb776dc1e0045f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
content-encoding
br
cdn-edgestorageid
722
perma-cache
HIT
cdn-storageserver
NY-267
cdn-cachedat
08/26/2022 04:35:34
cdn-pullzone
575124
last-modified
Fri, 26 Aug 2022 04:32:43 GMT
server
BunnyCDN-DE-601
cdn-fileserver
353
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
W/"63084ceb-53771"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
595f2f5d-bafe-46b1-9efc-ee9b65944aba
cache-control
public, max-age=31919000
cdn-requestid
f68fd281c4cc3c9872ea3cd4ccf8e5cd
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ladipage.min.css
www.tk88.win/static/css/ Frame 23A7 		66 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tk88.win/static/css/ladipage.min.css
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117473
etag
W/"1071e-63085c8a-48f0923edf0b0737;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdfCV90bdCXxP87OUvsJvv%2F8FP2d2GOiWzMslzOKMhsabWyiZelFaRSW9C%2B%2F9TUCJhtt77S80GVN0JIhJkIkbc7OzdZ7uKW42LcDZVUeNT%2B6GplXexmrabN0A27S7CovWKnEnG5a3F39jfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
cf-ray
7527a910eee2bbe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 12:24:40 GMT
ladipage.vi.min.js
www.tk88.win/static/js/ Frame 23A7 		334 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tk88.win/static/js/ladipage.vi.min.js
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c63f3d954dfb8074fc01e8933edeb19b17a91adf7097a0eb776dc1e0045f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
506636
etag
W/"53771-63085c8a-b09b5f4bd01da518;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmyO3T3T8z7GfkTh5IhDWJ%2BW032bA3z7T38t8tI2%2BMV14dklTiVLcB7jYgR26lJtcQdwX5R2PqT8wisvnfNAJgRkSaBGyKQOE2xbO5DUWweoHv9zEXmijcfX28BYi9yvVWmMGXr5OUtEwWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
cf-ray
7527a910eee5bbe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 01 Oct 2022 00:18:36 GMT
bg-20220825095059.jpg
www.tk88.win/static/images/ Frame 23A7 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/bg-20220825095059.jpg
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a4b717fee128e1f8ff3b2111ba83115578dfcb21e95313795fc327314635e2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110640
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27079
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
"69c7-63085c8a-b6171f9e438b7786;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLjDG0cPZKI%2BNhCNc0Y43F067%2BXjM4%2BQAegVgbyI1IVwAupb4VAOwGWkA%2BKVxRAesCNw5CSCMXMiBTvrnA9p3RImOtFuoyKVKjkDjVSiH34Gh%2F2kTNKIUY4E1DTKmjr%2FPppQF5nKwT2Iyr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff10bbe6-FRA
expires
Wed, 05 Oct 2022 14:18:33 GMT
khung-20220825095059.png
www.tk88.win/static/images/ Frame 23A7 		494 KB
494 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/khung-20220825095059.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8adc72ae707dcbdb953551252549ae5c480adddaa59886b3facf11382298e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500848
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
505445
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
"7b665-63085c8a-bab9f96699caa698;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fk13bkezBtyHARR39qVWFcwFzp1Rv%2BFh0Yc4xr%2BdbRNCegiWAsUnoi%2By9DV8raf2G0zUBzkmZX%2FE0lx%2BfhiqSm12JV3HEa9KHBtpk%2BpRvDQRdkJ52cCnX0Xv6qX6aKOAjGAWCeUVJMRTdOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff12bbe6-FRA
expires
Sat, 01 Oct 2022 01:55:04 GMT
ios_android-20220825095059.png
www.tk88.win/static/images/ Frame 23A7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/ios_android-20220825095059.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c3a78971a638166fbfafc043e8535e0225271505d056941576f8bb271c02a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527512
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3853
last-modified
Fri, 26 Aug 2022 05:39:24 GMT
server
cloudflare
etag
"f0d-63085c8c-631a3cd48ec36599;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs2aNSCcug9uZPXk7gW24WbAHXDSDnDgjvuQATkCE41Vx6ZVho%2BP6kIBxT1fGhOZRvyJxLHvEEtmBcq4HiSqHE4V2uyC8aky0tkx1DjSpZXiDqg7DqCjRqeqU2ZUc8a0TsZ4y41Nsf4ktvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff13bbe6-FRA
expires
Fri, 30 Sep 2022 18:30:41 GMT
link-tai-app_-tk88app-20220825095059.png
www.tk88.win/static/images/ Frame 23A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/link-tai-app_-tk88app-20220825095059.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a55b587dd96bac0db52d259a14ed16a29b4fdbba051f74a1d7e808a2c6ed535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110640
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1817
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
"719-63085c8a-cf792f37da590167;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkKXnXHK0q%2BQNEk6Kt7MIFgCKwRaDVGd9%2Bg4Vvxcc%2F1EXjhKW4wJqqfP7l6uLG%2FSqW7hfORmarW72seQ7ht54ha842SrxC25pU4Mw9MsDbjFqDvIMvgKVmWQD6Ifz7WyjYSdvc2GqSX4b60%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff14bbe6-FRA
expires
Wed, 05 Oct 2022 14:18:33 GMT
link-truy-cap-moi_-tk88com-20220825095059.png
www.tk88.win/static/images/ Frame 23A7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/link-truy-cap-moi_-tk88com-20220825095059.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e702e15ba704fe91c6d9c5da563e92b6cf60c7d7def08a895d2534bb15dd5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
591620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6684
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
"1a1c-63085c8a-627114b4a954e78a;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pf9xD2NVhIbaVvwsVBYzctK%2BsSoYqOizVqicvKkJALvaCONV8kMGqrDmtmxHg6%2FcLc9whuZU6RpOueH7FXVWJ8iypv1N0UlRU0cFO33vIs%2F1J5a3u7O2v%2BSu12d%2Blu4nJu5%2BBz5NQukoSHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff16bbe6-FRA
expires
Fri, 30 Sep 2022 00:42:13 GMT
logo--20220825095059.png
www.tk88.win/static/images/ Frame 23A7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/logo--20220825095059.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12190e12c8458811b039179f69aeceba38ea3797106417a13197d21e50deb068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500832
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7912
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
"1ee8-63085c8a-7a1f59b6dd9bb93e;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHFwOligJaBy8aVhEucJ8f9MZ%2F%2B4xdWXt8ktEzK0SCBA%2Fc8Bd7ggABMZdmF2%2FDyVykIkrHn%2FxOFj50BTKHJ7Vadh1VqoXvd04RiGvqlcADSbHWF8Vt5ROnBVVRXRyuaM0WCtigvmyDuJ43E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff18bbe6-FRA
expires
Sat, 01 Oct 2022 01:55:20 GMT
qr-20220825095059.png
www.tk88.win/static/images/ Frame 23A7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/qr-20220825095059.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccafcc2b51304b66e991b7dabbb7003bb2595763dc9427054c460f5dfb4319d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500849
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8486
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
"2126-63085c8a-cb7774a81c55a8c1;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4o92a5YWG6t%2F6FYLiyC8D676UhUtDIpusHQ1mCWKNSkzKc8hOSORvvgtto7RpC7kkUMFbmCwtqwJ98MgjuvITFSBt%2BYCCpnRtulsBvsA%2FfN1HlEVwurpkcNk1J3nAFnbZML9HOEw2WQ1%2FCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff1abbe6-FRA
expires
Sat, 01 Oct 2022 01:55:04 GMT
tai-xuong-ung-dung-20220825095059.png
www.tk88.win/static/images/ Frame 23A7 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/tai-xuong-ung-dung-20220825095059.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a7d04952fbee606d82c34ffbd65ff1fe1aae65b71fe4196a7dd695e4fa19e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
510565
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6315
last-modified
Fri, 26 Aug 2022 05:39:24 GMT
server
cloudflare
etag
"18ab-63085c8c-10168167b363bc8a;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcP6%2B4vZ5aRT%2Fta8ThyxEGNpjYwLJ%2Bu6ATFBlVhdaoysPqWTKzs9PQzWUlqvUf5zxCGTW2N3gpPNdp3tJ7gfXqL1S9ugdQez4wOU5cgHuycbQ0%2BuenkMkc8K4%2F7RXhbGg%2BJcbI2yoWTXKmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff1bbbe6-FRA
expires
Fri, 30 Sep 2022 23:13:08 GMT
vb66_tk88-20220826053330.png
www.tk88.win/static/images/ Frame 23A7 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/vb66_tk88-20220826053330.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2edbe47c3a223df552bb783bdacb7ae02c29950e7341ee53fbfaaebfd5814ee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110640
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14462
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
"387e-63085c8a-731990b7c5ab5c0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JerWer%2BHqksFA%2BwrjE8JNyJSf3d1jn3LF5JrtlQG%2BXuI25cHbCYHaQCkZMm2TfvSTciqFxFmMY%2FjQ%2FRbChx2zvEgDfFs%2FrEoG2cpBZk4rdNOxyUO1Qm2lYj9bczcuFKR0BTHKXSd%2FlNZlIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff1cbbe6-FRA
expires
Wed, 05 Oct 2022 14:18:33 GMT
thong-tin-chi-tiet-lien-he-cskh-truc-tuyen-24_7-20220825100530.png
www.tk88.win/static/images/ Frame 23A7 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tk88.win/static/images/thong-tin-chi-tiet-lien-he-cskh-truc-tuyen-24_7-20220825100530.png
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/?inviteCode=06099013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8813b4063a830e4e43a770d989dbafc51ccd4a378e7ea63ea6b7553c72f9046f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tk88.win/?inviteCode=06099013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110640
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6370
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
server
cloudflare
etag
"18e2-63085c8a-3cadcad7ee90585f;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIgIjUIafvgy3ar7Klme9MhJGwExx%2BqYjHtBbqVePal9b8Vi7dV63QLK3XegKCKIaAyZRj%2BW8XvwpoEc1N6OdUOH3p%2Bisz8ul%2FFMCyEXCjuhQI%2FIrmkx1TgNzQq6ER1ibhT7Qn%2FsgXmjmZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527a910ff20bbe6-FRA
expires
Wed, 05 Oct 2022 14:18:33 GMT
memvyags126mizpba-uvwbx2vvnxbbobj2ovts-muw.woff2
www.tk88.win/static/fonts/ Frame 23A7 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tk88.win/static/fonts/memvyags126mizpba-uvwbx2vvnxbbobj2ovts-muw.woff2
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/static/css/a6b1fa952b524422900b489eaa9a8541.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Request headers

Referer
https://www.tk88.win/static/css/a6b1fa952b524422900b489eaa9a8541.css
Origin
https://www.tk88.win
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5430
etag
"af38-63085c8a-a10c328de88fe154;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E80Izk%2BdOX48Jx9FoE3fOl6KLPfZ35Kh5m1jZEgVVpuWmN3GfpuKqf%2B76wqrqBMSLzCyOhxgBf3mLERwIoh3xOZZNeXc5dC5son%2BhD7nGA%2Bwu7xtzA6d0R7VsbdtgjPsJkibJkuRZBf5QyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7527a9111f77bbe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44856
memvyags126mizpba-uvwbx2vvnxbbobj2ovtsgmu1ab.woff2
www.tk88.win/static/fonts/ Frame 23A7 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tk88.win/static/fonts/memvyags126mizpba-uvwbx2vvnxbbobj2ovtsgmu1ab.woff2
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/static/css/a6b1fa952b524422900b489eaa9a8541.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Request headers

Referer
https://www.tk88.win/static/css/a6b1fa952b524422900b489eaa9a8541.css
Origin
https://www.tk88.win
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5430
etag
"7a58-63085c8a-559a6148af506d91;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tme%2FCeFG%2BF1XqlhRrvxvDFqJ%2Fdr6liACKOuQcq2TS157N4JTy0M%2FI8ZItScIfef5aZcSQiJ%2BAotwxBjlq3g3Bc56CWP%2BEOAYLp05egcdmvyp595oGmowvIripZBeXGatAk1VbL4aLVWzdv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7527a9111f7cbbe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31320
event
a.ladipage.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.153.230 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-153-230.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method
POST
Origin
https://www.tk88.win
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 29 Sep 2022 21:02:33 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
0
event
a.ladipage.com/ Frame 23A7 		106 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/static/js/ladipage.vi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.153.230 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-153-230.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
LADI_CAMP_NAME
Content-Type
application/json
accept-language
de-DE,de;q=0.9
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
Referer
https://www.tk88.win/
LADI_PAGE_VIEW
0
LADI_CAMP_TYPE

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
memvyags126mizpba-uvwbx2vvnxbbobj2ovtscmu1ab.woff2
www.tk88.win/static/fonts/ Frame 23A7 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tk88.win/static/fonts/memvyags126mizpba-uvwbx2vvnxbbobj2ovtscmu1ab.woff2
Requested by
Host: www.tk88.win
URL: https://www.tk88.win/static/css/a6b1fa952b524422900b489eaa9a8541.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6

Request headers

Referer
https://www.tk88.win/static/css/a6b1fa952b524422900b489eaa9a8541.css
Origin
https://www.tk88.win
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 05:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5429
etag
"36d8-63085c8a-eb7183ac2b5adb2b;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9C%2ByQfQvKP6rheYoB3doi2Yo4K7ZCeTUDxqZrMPD4F24PeKLW6%2FzorOWmZvzT0S%2FZFnXL5E2S%2Ffsar3zJZ4tOxmYR6mTb5HPkD0LTJwue49xQF0b0QfmZ4W2F2w8ceioTfQqQC%2F7eYUICUg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7527a9116ccc9079-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14040
loading.svg
1682xoso.com/backend/resources/assets/frontend/images/ 		1 KB
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1682xoso.com/backend/resources/assets/frontend/images/loading.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.230.249.119 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / LarVPS
Resource Hash
8452ad2eb25fdfa02457786e819932108478cf036882ae6a4acd36f9dd097b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.marksydney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 21:02:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2020 18:06:08 GMT
server
nginx
content-encoding
gzip
etag
W/"5f74c910-400"
x-download-options
noopen
vary
Accept-Encoding
x-powered-by
LarVPS
content-type
image/svg+xml
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| goPAGE string| tb_kqxs168_w string| custom_168_area string| custom_168_width string| custom_168_font string| custom_168_bgcolor string| custom_168_bgtitle string| custom_168_bgdb function| $ function| jQuery object| jQuery11240432052456779878 string| my_domain string| domain_daiphat object| xsdpconfig object| xsdp undefined| reg undefined| sub boolean| isSubscribed boolean| isBlock boolean| autoRegist string| domainName boolean| isInit function| firtInitialiseUI function| initialiseUI function| showNote function| hideNote function| ShowNotifyConfig function| CancelAds function| subscribeNotify function| unsubscribe function| loadRongBach function| doso function| createChoose function| choose object| elem function| openFullscreen function| closeFullscreen object| e object| n object| a object| t object| s object| d string| ngay string| ngay2 string| ngay3 function| calcTime function| dnmb_DN function| h3tab function| smmnTab

1 Cookies

Domain/Path Name / Value
www.tk88.win/ Name: _timenow
Value: 1664485353160

2 Console Messages

Source Level URL
Text
network error URL: http://www.marksydney.com/xskt/fonts/fontawesome-webfont.woff2?v=4.5.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://www.tk88.win/?inviteCode=06099013
Message:
The resource https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1661487971092 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1682xoso.com
168xoso.com
a.ladipage.com
w.ladicdn.com
www.marksydney.com
www.tk88.win
www.vb135.com
104.21.76.124
157.230.249.119
18.142.153.230
185.59.220.193
23.27.71.143
2a06:98c1:3120::c
0b3ade141b228efaa39fc0f5a5ff142582b04f6cb4ebaa0bbc5313c666e0c0f8
0da29a548f441fedb5d861ef65ed805f1880d27b84ac15a69197cf29652755dd
12190e12c8458811b039179f69aeceba38ea3797106417a13197d21e50deb068
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
2b1378200a2ceb7c3e84ff2d3930259237ca6716a88438bca21a4304c012bb0b
2edbe47c3a223df552bb783bdacb7ae02c29950e7341ee53fbfaaebfd5814ee6
31b5d5ee88d03f762ca6e6ade0844020fd693dd72b332443891301910b8770e2
335e27241743545d00324b1911fd0ae938ddc5ddf0d1d74864e1f5314119d752
41a0aa56710a783277e9e68f1b55652b9c96229ec6b8d571adbda24462951d0b
4a55b587dd96bac0db52d259a14ed16a29b4fdbba051f74a1d7e808a2c6ed535
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
6a4b717fee128e1f8ff3b2111ba83115578dfcb21e95313795fc327314635e2c
70c3a78971a638166fbfafc043e8535e0225271505d056941576f8bb271c02a4
76c63f3d954dfb8074fc01e8933edeb19b17a91adf7097a0eb776dc1e0045f27
802bdb5b75c9b512be5255101c7cd670cbd590d2ed2babc9ff2da4e839652c82
8243e7ea6f6319c0bee0038a824a757ba48667fcdeb682174fb3bbc39fd2e8dc
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
8452ad2eb25fdfa02457786e819932108478cf036882ae6a4acd36f9dd097b12
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8813b4063a830e4e43a770d989dbafc51ccd4a378e7ea63ea6b7553c72f9046f
8902841a07a49d9893bc0d4a066a35e1787a9c681d0f176c31eb4d6565ffd511
89fc221a82d42de9262158ab82a14356d4834109221164c827e897dcbbf3f5ad
8c97bc08aa96c0cb22cccdad42835954e4dafa4f8c6f5b4aac3bec7ec2cf9a66
9a47238b6cac453c13d7c1fc00c7eb52443956e1b761d6cd801361f15ec83cba
a4a7d04952fbee606d82c34ffbd65ff1fe1aae65b71fe4196a7dd695e4fa19e3
a8adc72ae707dcbdb953551252549ae5c480adddaa59886b3facf11382298e1c
b0ea3d9ba83e515d8ae6a36eea23403c8928b81a8f84ac93d10c4e6a22d6b93a
ccafcc2b51304b66e991b7dabbb7003bb2595763dc9427054c460f5dfb4319d0
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f46ab3e7d03e2d95df0eb7311579b4cc75e0b756d5c6edc8c3ad835c6e9be3f5
f6e702e15ba704fe91c6d9c5da563e92b6cf60c7d7def08a895d2534bb15dd5f