urlscan.io logo urlscan.io
SecurityTrails logo

nbjbbxyey888.com Open in urlscan Pro
154.82.100.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://imtken.app/
Effective URL: https://nbjbbxyey888.com/vip/
Submission: On November 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 29 HTTP transactions. The main IP is 154.82.100.109, located in Singapore and belongs to TERAEXCH, US. The main domain is nbjbbxyey888.com.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on November 16th 2024. Valid for: a year.
This is the only time nbjbbxyey888.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 116.213.39.101 45753 (NETSEC-HK...)
13 154.82.100.109 399077 (TERAEXCH)
11 163.171.129.134 54994 (ML-1432-5...)
2 240e:cf:8800:... 134238 (CT-JIANGX...)
1 240e:97b:500:... 4134 (CHINANET-...)
29 5
2    116.213.39.101 (Hong Kong)

ASN45753 (NETSEC-HK Netsec Limited, HK)
imtken.app
13    154.82.100.109 (Singapore)

ASN399077 (TERAEXCH, US)
nbjbbxyey888.com
11    163.171.129.134 (London, United Kingdom)

ASN54994 (ML-1432-54994, CA)
m.32r.com
2    240e:cf:8800:53:3::7ea (China)

ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN)
s9.cnzz.com
c.cnzz.com
1    240e:97b:500:2000::6 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
z12.cnzz.com
Apex Domain
Subdomains		 Transfer
13 nbjbbxyey888.com
nbjbbxyey888.com
431 KB
11 32r.com
m.32r.com
491 KB
3 cnzz.com
s9.cnzz.com — Cisco Umbrella Rank: 137146
z12.cnzz.com — Cisco Umbrella Rank: 199702
c.cnzz.com — Cisco Umbrella Rank: 91025
5 KB
2 imtken.app
imtken.app
845 B
29 4
Domain Requested by
13 nbjbbxyey888.com nbjbbxyey888.com
m.32r.com
11 m.32r.com nbjbbxyey888.com
m.32r.com
2 imtken.app
1 c.cnzz.com s9.cnzz.com
1 z12.cnzz.com s9.cnzz.com
1 s9.cnzz.com m.32r.com
29 6

This site contains no links.

Subject Issuer Validity Valid
imtken.app
R11		 2024-11-10 -
2025-02-08		 3 months crt.sh
nbjbbxyey888.com
Certum Domain Validation CA SHA2		 2024-11-16 -
2025-12-16		 a year crt.sh
*.32r.com
TrustAsia RSA DV TLS CA G3		 2024-03-18 -
2025-03-26		 a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-17 -
2025-03-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nbjbbxyey888.com/vip/
Frame ID: 937F3ECD37CB2D9B8EED1E9D0D6F3CDC
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

im下载

Page URL History Show full URLs

  1. https://imtken.app/ Page URL
  2. https://nbjbbxyey888.com/vip/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Page Statistics

29
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

5
IPs

4
Countries

928 kB
Transfer

1000 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://imtken.app/ Page URL
  2. https://nbjbbxyey888.com/vip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
imtken.app/ 		82 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imtken.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.213.39.101 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
82
content-type
text/html
date
Sat, 16 Nov 2024 07:18:58 GMT
etag
"67380fb3-52"
last-modified
Sat, 16 Nov 2024 03:21:23 GMT
server
nginx
strict-transport-security
max-age=31536000
Primary Request /
nbjbbxyey888.com/vip/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
f695c5352eaa1e86e7d0ef8823dc6a127ee86ba2342830f3ed0f20fdf18d2601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://imtken.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
3252
content-type
text/html
date
Sat, 16 Nov 2024 07:22:56 GMT
etag
"80e179dcbd34db1:0"
last-modified
Tue, 12 Nov 2024 04:46:39 GMT
server
NgxFence
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
DYNAMIC
x-powered-by
ASP.NET
favicon.ico
imtken.app/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://imtken.app/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.213.39.101 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://imtken.app/

Response headers

content-length
548
date
Sat, 16 Nov 2024 07:18:58 GMT
content-type
text/html
server
nginx
public.css
m.32r.com/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.32r.com/css/public.css
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
7c0f60bd8be8cfad6c27f69000e3b40459c6d36be6a54851700ac899cef64353

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/

Response headers

x-ws-request-id
67384850_PSygldLON2ew56_26951-30865
X-Via
1.1 x140:6 (Cdn Cache Server V2.0), 1.1 PS-HND-01bbh129:2 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:20 (Cdn Cache Server V2.0)
ETag
"03f192381b8da1:0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17739
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
text/css
Last-Modified
Fri, 07 Jun 2024 02:19:34 GMT
Server
Tengine
swiper.min.css
m.32r.com/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.32r.com/css/swiper.min.css
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
395db784c746486d4cf31adc79a5416d314c079b6962082689d023732d62fe86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/

Response headers

x-ws-request-id
67384850_PSygldLON2ew56_26150-20551
X-Via
1.1 PSxgHK6kj63:21 (Cdn Cache Server V2.0), 1.1 PSrbJP1al65:1 (Cdn Cache Server V2.0), 1.1 PS-LHR-01q9k95:17 (Cdn Cache Server V2.0)
ETag
"80d8595c9f0d71:0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17772
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
text/css
Last-Modified
Tue, 14 Dec 2021 09:04:21 GMT
Server
Tengine
appdetail.css
m.32r.com/css/ 		80 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.32r.com/css/appdetail.css?20240607
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
465ef58f9c0e9708d0cdaf023a328a2065b4a7f940cb7db57c6d6ea09df60907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/

Response headers

x-ws-request-id
67384850_PSygldLON2ew56_29544-3389
Content-Encoding
gzip
X-Via
1.1 PS-HKG-046K749:4 (Cdn Cache Server V2.0), 1.1 PS-HND-01SaS134:0 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:5 (Cdn Cache Server V2.0)
ETag
"07cf5e335deda1:0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13663
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
text/css
Last-Modified
Thu, 25 Jul 2024 01:56:40 GMT
Server
Tengine
public.js
m.32r.com/jcoms/ 		106 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.32r.com/jcoms/public.js?20240410
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
287779d97058fae47c5081afbd78ee783a424e10381699a45f58f2c07a1fca08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/

Response headers

x-ws-request-id
67384850_PSygldLON2ew56_25428-64426
X-Via
1.1 PS-000-01LpH100:5 (Cdn Cache Server V2.0), 1.1 PSrbJP1qr80:2 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:8 (Cdn Cache Server V2.0)
ETag
"80b9f8d1c210db1:0"
Age
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108321
Date
Sat, 16 Nov 2024 07:22:56 GMT
Content-Type
application/javascript
Last-Modified
Fri, 27 Sep 2024 09:51:27 GMT
Server
Tengine
15.png
nbjbbxyey888.com/vip/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbjbbxyey888.com/vip/img/15.png
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
09845bf37ea3d4301546e8fa451e14f71f84a6954171878dcda312ec174d1f31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
"8029768274c1da1:0"
accept-ranges
bytes
x-cache
HIT
content-length
7027
date
Sat, 16 Nov 2024 07:22:56 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 11:41:51 GMT
server
NgxFence
x-powered-by
ASP.NET
im.png
nbjbbxyey888.com/vip/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbjbbxyey888.com/vip/img/im.png
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
670b0ce9f7014f5857f8c3fbee1094f223a4162052a08625530138be90b3e12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
"80c5875a76c1da1:0"
accept-ranges
bytes
x-cache
HIT
content-length
28851
date
Sat, 16 Nov 2024 07:22:56 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 11:55:03 GMT
server
NgxFence
x-powered-by
ASP.NET
tp.png
nbjbbxyey888.com/vip/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbjbbxyey888.com/vip/img/tp.png
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
2e22a1448993cca6999859f94c9249cf028ef2a253cd2e3c942951eb79c2612c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
"80c5875a76c1da1:0"
accept-ranges
bytes
x-cache
HIT
content-length
14780
date
Sat, 16 Nov 2024 07:22:56 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 11:55:03 GMT
server
NgxFence
x-powered-by
ASP.NET
bitkeep.png
nbjbbxyey888.com/vip/img/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbjbbxyey888.com/vip/img/bitkeep.png
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
64c997be043c52b5b644b15d9857c0a1b1ce00b330d2ec006e652010628ba3d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
"80f2b85b76c1da1:0"
accept-ranges
bytes
x-cache
HIT
content-length
28135
date
Sat, 16 Nov 2024 07:22:56 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 11:55:05 GMT
server
NgxFence
x-powered-by
ASP.NET
tronlink1.png
nbjbbxyey888.com/vip/img/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbjbbxyey888.com/vip/img/tronlink1.png
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
8c15bc6cabce58f5ba52fadb7179a715ae654f9a74858014843ef173b89f65c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
"05c205b76c1da1:0"
accept-ranges
bytes
x-cache
HIT
content-length
43789
date
Sat, 16 Nov 2024 07:22:57 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 11:55:04 GMT
server
NgxFence
x-powered-by
ASP.NET
5cbc4_5_1242_2007.png
nbjbbxyey888.com/vip/img/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbjbbxyey888.com/vip/img/5cbc4_5_1242_2007.png
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
9bdc83af7ad59ad75d979c9263c7d38ca0dcadd8acc56902b117176056b70a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
"0bc467071c1da1:0"
accept-ranges
bytes
x-cache
HIT
content-length
152009
date
Sat, 16 Nov 2024 07:22:57 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 11:19:52 GMT
server
NgxFence
x-powered-by
ASP.NET
5cbc4_5_1242_2007-andoird.png
nbjbbxyey888.com/vip/img/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbjbbxyey888.com/vip/img/5cbc4_5_1242_2007-andoird.png
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
c6ee0e19c5c08b4167bafd6859c0cc27b21b751935b3192cf2402a216bdfd730
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
"09d3c7671c1da1:0"
accept-ranges
bytes
x-cache
HIT
content-length
125631
date
Sat, 16 Nov 2024 07:22:57 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 11:20:02 GMT
server
NgxFence
x-powered-by
ASP.NET
safari-tip.png
nbjbbxyey888.com/vip/img/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nbjbbxyey888.com/vip/img/safari-tip.png
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
7b74c576d3500e354ee8cf8a8592368716a1653fecb3060fa2a65ffbb2f86f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
"05117b71c1da1:0"
accept-ranges
bytes
x-cache
HIT
content-length
33472
date
Sat, 16 Nov 2024 07:22:57 GMT
content-type
image/png
last-modified
Tue, 18 Jun 2024 11:20:10 GMT
server
NgxFence
x-powered-by
ASP.NET
swiper.min.js
m.32r.com/jcoms/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.32r.com/jcoms/swiper.min.js
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
c2f5a0be24e711bffd5030b55ecc6054de3d9a66183a319980c6b5d8f3d55ef1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/

Response headers

x-ws-request-id
67384850_PSygldLON2ew56_25428-64436
X-Via
1.1 PSxgHKG8ef124:2 (Cdn Cache Server V2.0), 1.1 PSrbJP1ww66:9 (Cdn Cache Server V2.0), 1.1 PSygldLON2hl59:13 (Cdn Cache Server V2.0)
ETag
"09d4c9176cd81:0"
Age
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96375
Date
Sat, 16 Nov 2024 07:22:56 GMT
Content-Type
application/javascript
Last-Modified
Fri, 20 May 2022 07:04:02 GMT
Server
Tengine
appdetail.js
nbjbbxyey888.com/jcoms/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://nbjbbxyey888.com/jcoms/appdetail.js?20240408
Requested by
Host: nbjbbxyey888.com
URL: https://nbjbbxyey888.com/vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
x-cache
DYNAMIC
content-encoding
br
date
Sat, 16 Nov 2024 07:22:57 GMT
content-type
text/html
x-powered-by
ASP.NET
server
NgxFence
search.png
m.32r.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.32r.com/images/search.png
Requested by
Host: m.32r.com
URL: https://m.32r.com/css/public.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
c85477d84aebca2f5b2c854bead106d557f12f6e0d82b08c440def95759d38f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://m.32r.com/css/public.css

Response headers

x-ws-request-id
67384851_PSygldLON2ew56_26951-30883
X-Via
1.1 PSrbJP1ww66:2 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:5 (Cdn Cache Server V2.0)
ETag
"80a1e3dec1e4d71:0"
Age
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2946
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
image/png
Last-Modified
Mon, 29 Nov 2021 01:38:55 GMT
Server
Tengine
topMenu.png
m.32r.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.32r.com/images/topMenu.png
Requested by
Host: m.32r.com
URL: https://m.32r.com/css/public.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
4c9ef3abff9d62b01219d7cf7d90f6191e481d9e0b7e49e7abaed655317e1db1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://m.32r.com/css/public.css

Response headers

x-ws-request-id
67384851_PSygldLON2ew56_26150-20568
X-Via
1.1 PSrbJP1qr80:9 (Cdn Cache Server V2.0), 1.1 PSygldLON2hl59:11 (Cdn Cache Server V2.0)
ETag
"804db66ea221d91:0"
Age
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2206
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
image/png
Last-Modified
Fri, 06 Jan 2023 07:42:31 GMT
Server
Tengine
dyw-tip.png
m.32r.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.32r.com/images/dyw-tip.png
Requested by
Host: m.32r.com
URL: https://m.32r.com/css/appdetail.css?20240607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
bf7b1b0a9ccbd427d8363d69291ab259f7748c814e74409a3dc4a3760d6be5a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://m.32r.com/css/appdetail.css?20240607

Response headers

x-ws-request-id
67384851_PSygldLON2ew56_29544-3406
X-Via
1.1 PSrbJP1de68:2 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:13 (Cdn Cache Server V2.0)
ETag
"0aff4e45be7d71:0"
Age
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1832
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
image/png
Last-Modified
Thu, 02 Dec 2021 09:06:30 GMT
Server
Tengine
dyw-tip2.png
m.32r.com/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.32r.com/images/dyw-tip2.png
Requested by
Host: m.32r.com
URL: https://m.32r.com/css/appdetail.css?20240607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
687727238cb2594c8b9dfedb389cde59e8ddcd3b057ce19f30c5a9d4035b8ad4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://m.32r.com/css/appdetail.css?20240607

Response headers

x-ws-request-id
67384851_PSygldLON2ew56_25428-64440
X-Via
1.1 PSrbJP1jg79:1 (Cdn Cache Server V2.0), 1.1 PSygldLON2hl59:7 (Cdn Cache Server V2.0)
ETag
"026f2f3e4bd91:0"
Age
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15525
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
image/png
Last-Modified
Tue, 28 Feb 2023 06:30:44 GMT
Server
Tengine
edit_tip_pic.png
m.32r.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.32r.com/images/edit_tip_pic.png
Requested by
Host: m.32r.com
URL: https://m.32r.com/css/appdetail.css?20240607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
eadf5749e6eb1a8e25299fe2ff592d46b177472ef81a23531601a03f658a00ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://m.32r.com/css/appdetail.css?20240607

Response headers

x-ws-request-id
67384851_PSygldLON2ew56_26150-20572
X-Via
1.1 PSrbJP1de68:8 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:19 (Cdn Cache Server V2.0)
ETag
"80b9f5ba68e7d71:0"
Age
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2043
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
image/png
Last-Modified
Thu, 02 Dec 2021 10:38:23 GMT
Server
Tengine
index-icon.png
m.32r.com/images/ 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.32r.com/images/index-icon.png
Requested by
Host: m.32r.com
URL: https://m.32r.com/css/appdetail.css?20240607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.129.134 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
Tengine /
Resource Hash
9aeded920b737a5df695262add95600abf42784ecf042a4679bcb556899d76e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://m.32r.com/css/appdetail.css?20240607

Response headers

x-ws-request-id
67384851_PSygldLON2ew56_26951-30885
X-Via
1.1 PS-000-04Okn32:18 (Cdn Cache Server V2.0), 1.1 PSrbdbOSA2lx44:1 (Cdn Cache Server V2.0), 1.1 PS-LHR-01q9k95:13 (Cdn Cache Server V2.0)
ETag
"80f9c8e842c0d91:0"
Age
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
219351
Date
Sat, 16 Nov 2024 07:22:57 GMT
Content-Type
image/png
Last-Modified
Thu, 27 Jul 2023 04:29:19 GMT
Server
Tengine
sort.js
nbjbbxyey888.com/jcoms/ 		1 KB
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nbjbbxyey888.com/jcoms/sort.js
Requested by
Host: m.32r.com
URL: https://m.32r.com/jcoms/public.js?20240410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
2162b591ebe2b8db3fa5cf15a50922fcd6ca6232d05140cf0a15b9512e3ccd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://nbjbbxyey888.com/vip/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
x-cache
DYNAMIC
content-encoding
br
date
Sat, 16 Nov 2024 07:22:57 GMT
content-type
text/html
x-powered-by
ASP.NET
server
NgxFence
z_stat.php
s9.cnzz.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.cnzz.com/z_stat.php?id=1278666648&web_id=1278666648
Requested by
Host: m.32r.com
URL: https://m.32r.com/jcoms/public.js?20240410
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:cf:8800:53:3::7ea , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4f1905cbc217e09bd15fa49d877153fb22b3cb257201bd2c629bf46a5802d211

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/

Response headers

content-encoding
br
etag
W/"17358849587511100436"
age
243
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
date
Sat, 16 Nov 2024 07:18:55 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=300
x-swift-cachetime
294
timing-allow-origin
*
via
cache32.l2cn1802[0,0,304-0,H], cache19.l2cn1802[0,0], cache4.cn3693[0,0,200-0,H], cache9.cn3693[1,0]
ali-swift-global-savetime
1731741535
x-swift-savetime
Sat, 16 Nov 2024 07:19:01 GMT
eagleid
6ae1f19d17317417780628398e
content-length
3885
server
Tengine
cnzzo.js
nbjbbxyey888.com/jcoms/ 		1 KB
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nbjbbxyey888.com/jcoms/cnzzo.js
Requested by
Host: m.32r.com
URL: https://m.32r.com/jcoms/public.js?20240410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
2162b591ebe2b8db3fa5cf15a50922fcd6ca6232d05140cf0a15b9512e3ccd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://nbjbbxyey888.com/vip/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
x-cache
DYNAMIC
content-encoding
br
date
Sat, 16 Nov 2024 07:22:57 GMT
content-type
text/html
x-powered-by
ASP.NET
server
NgxFence
stat.htm
z12.cnzz.com/ 		2 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://z12.cnzz.com/stat.htm?id=1278666648&r=https%3A%2F%2Fimtken.app%2F&lg=de-de&ntime=none&cnzz_eid=1634888678-1731741778-https%3A%2F%2Fimtken.app%2F&showp=1600x1200&p=https%3A%2F%2Fnbjbbxyey888.com%2Fvip%2F&t=im%E4%B8%8B%E8%BD%BD&umuuid=19333da8155114a-0eb5e7b5a8f35f-17462c6e-1d4c00-19333da8156c99&h=1
Requested by
Host: s9.cnzz.com
URL: https://s9.cnzz.com/z_stat.php?id=1278666648&web_id=1278666648
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
240e:97b:500:2000::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/

Response headers

content-encoding
gzip
date
Sat, 16 Nov 2024 07:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
Tengine
c.js
c.cnzz.com/ 		907 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/c.js?web_id=1278666648&t=z
Requested by
Host: s9.cnzz.com
URL: https://s9.cnzz.com/z_stat.php?id=1278666648&web_id=1278666648
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:cf:8800:53:3::7ea , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b552bb4f6181d75e265bbbff36c40ed7d60ad105d2d138fca43453d237495e9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/

Response headers

cache-control
public, max-age=321
x-swift-cachetime
321
timing-allow-origin
*
etag
W/"9328853684670526411"
age
12
via
cache40.l2cn1802[0,0,304-0,H], cache48.l2cn1802[1,0], cache1.cn3693[0,0,200-0,H], cache9.cn3693[0,0]
ali-swift-global-savetime
1731741766
x-swift-savetime
Sat, 16 Nov 2024 07:22:46 GMT
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
content-length
907
date
Sat, 16 Nov 2024 07:22:46 GMT
content-type
application/javascript
eagleid
6ae1f19d17317417784088985e
server
Tengine
favicon.ico
nbjbbxyey888.com/ 		1 KB
690 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nbjbbxyey888.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.82.100.109 , Singapore, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence / ASP.NET
Resource Hash
2162b591ebe2b8db3fa5cf15a50922fcd6ca6232d05140cf0a15b9512e3ccd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nbjbbxyey888.com/vip/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
x-cache
DYNAMIC
content-encoding
br
date
Sat, 16 Nov 2024 07:22:58 GMT
content-type
text/html
x-powered-by
ASP.NET
server
NgxFence

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Cookie string| host string| ahost string| uAgent function| resizeRoot object| browser function| getSortHtml function| $ function| jQuery number| screenWidth_ function| cnzz function| Swiper string| ua object| Sys function| showSafariMask object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1278666648

2 Cookies

Domain/Path Name / Value
.nbjbbxyey888.com/ Name: UM_distinctid
Value: 19333da8155114a-0eb5e7b5a8f35f-17462c6e-1d4c00-19333da8156c99
nbjbbxyey888.com/ Name: CNZZDATA1278666648
Value: 1634888678-1731741778-https%253A%252F%252Fimtken.app%252F%7C1731741778

5 Console Messages

Source Level URL
Text
network error URL: https://imtken.app/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nbjbbxyey888.com/jcoms/appdetail.js?20240408
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nbjbbxyey888.com/jcoms/cnzzo.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nbjbbxyey888.com/jcoms/sort.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nbjbbxyey888.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.cnzz.com
imtken.app
m.32r.com
nbjbbxyey888.com
s9.cnzz.com
z12.cnzz.com
116.213.39.101
154.82.100.109
163.171.129.134
240e:97b:500:2000::6
240e:cf:8800:53:3::7ea
09845bf37ea3d4301546e8fa451e14f71f84a6954171878dcda312ec174d1f31
2162b591ebe2b8db3fa5cf15a50922fcd6ca6232d05140cf0a15b9512e3ccd45
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
287779d97058fae47c5081afbd78ee783a424e10381699a45f58f2c07a1fca08
2e22a1448993cca6999859f94c9249cf028ef2a253cd2e3c942951eb79c2612c
395db784c746486d4cf31adc79a5416d314c079b6962082689d023732d62fe86
465ef58f9c0e9708d0cdaf023a328a2065b4a7f940cb7db57c6d6ea09df60907
4c9ef3abff9d62b01219d7cf7d90f6191e481d9e0b7e49e7abaed655317e1db1
4f1905cbc217e09bd15fa49d877153fb22b3cb257201bd2c629bf46a5802d211
64c997be043c52b5b644b15d9857c0a1b1ce00b330d2ec006e652010628ba3d0
670b0ce9f7014f5857f8c3fbee1094f223a4162052a08625530138be90b3e12b
687727238cb2594c8b9dfedb389cde59e8ddcd3b057ce19f30c5a9d4035b8ad4
7b74c576d3500e354ee8cf8a8592368716a1653fecb3060fa2a65ffbb2f86f9c
7c0f60bd8be8cfad6c27f69000e3b40459c6d36be6a54851700ac899cef64353
8c15bc6cabce58f5ba52fadb7179a715ae654f9a74858014843ef173b89f65c1
9aeded920b737a5df695262add95600abf42784ecf042a4679bcb556899d76e8
9bdc83af7ad59ad75d979c9263c7d38ca0dcadd8acc56902b117176056b70a37
b552bb4f6181d75e265bbbff36c40ed7d60ad105d2d138fca43453d237495e9f
bf7b1b0a9ccbd427d8363d69291ab259f7748c814e74409a3dc4a3760d6be5a3
c2f5a0be24e711bffd5030b55ecc6054de3d9a66183a319980c6b5d8f3d55ef1
c6ee0e19c5c08b4167bafd6859c0cc27b21b751935b3192cf2402a216bdfd730
c85477d84aebca2f5b2c854bead106d557f12f6e0d82b08c440def95759d38f3
eadf5749e6eb1a8e25299fe2ff592d46b177472ef81a23531601a03f658a00ea
f695c5352eaa1e86e7d0ef8823dc6a127ee86ba2342830f3ed0f20fdf18d2601