urlscan.io logo urlscan.io
SecurityTrails logo

nicljr.com Open in urlscan Pro
156.242.202.204  Public Scan

Go To Rescan Add Verdict Report
URL: http://nicljr.com/
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 34 HTTP transactions. The main IP is 156.242.202.204, located in United States and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is nicljr.com.
This is the only time nicljr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 156.242.202.204 132839 (POWERLINE...)
2 103.235.46.191 55967 (BAIDU Bei...)
22 13.94.62.116 8075 (MICROSOFT...)
1 2a04:4e42:c00... 54113 (FASTLY)
1 221.231.83.250 ()
2 2a05:d018:183... 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
34 8
1    156.242.202.204 (United States)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
nicljr.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
22    13.94.62.116 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.kf3ju.com
1    2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    221.231.83.250 (None, )

ASN- ()
s96.cnzz.com
2    2a05:d018:183:5c00:4294:5ccd:8cd6:df82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
api.geetest.com
2    2600:9000:206f:7c00:1:fa24:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.geetest.com
Apex Domain
Subdomains		 Transfer
22 kf3ju.com
www.kf3ju.com
5 MB
4 geetest.com
api.geetest.com — Cisco Umbrella Rank: 33287
static.geetest.com — Cisco Umbrella Rank: 31451
336 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8233
12 KB
1 cnzz.com
s96.cnzz.com
c.cnzz.com Failed
z5.cnzz.com Failed
4 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1256
416 B
1 nicljr.com
nicljr.com
2 KB
34 6
Domain Requested by
22 www.kf3ju.com nicljr.com
www.kf3ju.com
2 static.geetest.com www.kf3ju.com
static.geetest.com
2 api.geetest.com www.kf3ju.com
static.geetest.com
2 hm.baidu.com nicljr.com
1 s96.cnzz.com www.kf3ju.com
1 polyfill.io www.kf3ju.com
1 nicljr.com
0 z5.cnzz.com Failed
0 c.cnzz.com Failed s96.cnzz.com
34 9

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-02-21 -
2022-08-02		 5 months crt.sh
kf3ju.com
R3		 2022-03-26 -
2022-06-24		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-01-11 -
2023-02-12		 a year crt.sh
*.geetest.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-20 -
2022-12-21		 a year crt.sh

This page contains 2 frames:

Primary Page: http://nicljr.com/
Frame ID: 790E70D4638DF6B457370233E7CECB22
Requests: 3 HTTP requests in this frame

Frame: https://www.kf3ju.com:9142/register?agent_code=5432067
Frame ID: 8FCEE93B861B88A4653D8A1B0A47FA4E
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

安全注册

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

34
Requests

88 %
HTTPS

43 %
IPv6

6
Domains

9
Subdomains

8
IPs

3
Countries

5238 kB
Transfer

6749 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nicljr.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nicljr.com/
Protocol
HTTP/1.1
Server
156.242.202.204 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
Tengine /
Resource Hash
bc82182e05e0dc5f4aacf20d984a18ac79542bdf36ebd53144e84ba3b61eb049

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Fri, 29 Apr 2022 16:03:51 GMT
Server
Tengine
Transfer-Encoding
chunked
Vary
Accept-Encoding
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?adaed39a6eb1a5cc4f48aac4d4bed212
Requested by
Host: nicljr.com
URL: http://nicljr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
37290b4d5aabf7deceae91d0b5a2b1e542c0b42ff91db261b19a0a331b680014
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nicljr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 16:03:52 GMT
Content-Encoding
gzip
Server
apache
Etag
6fd1eddc645b7f46c25aad1a7043df04
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11012
register
www.kf3ju.com/ Frame 8FCE 		1 MB
347 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/register?agent_code=5432067
Requested by
Host: nicljr.com
URL: http://nicljr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
c94b3d2a1c9835a30500555f0f0aa75d2878162478256ee2ab106ec47344e69c

Request headers

Referer
http://nicljr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 29 Apr 2022 16:03:52 GMT
etag
W/"626ad9d7-130780"
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 18:15:51 GMT
server
nginx
vary
Accept-Encoding
x-remote-addr
185.213.155.163
polyfill.min.js
polyfill.io/v3/ Frame 8FCE 		101 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default%2Ces2015%2Ces2016%2Ces2017%2Ces2018%2Ces2019%2Ces5%2Ces6%2Ces7%2Csmoothscroll
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

Referer
https://www.kf3ju.com:9142/
Origin
https://www.kf3ju.com:9142
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:52 GMT
content-encoding
br
last-modified
Sat, 23 Apr 2022 19:41:54 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/101.0.0
server-timing
cache-hhn4060, PASS, fastly;desc="Edge time";dur=12
accept-ranges
bytes
content-length
94
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1257473622&si=adaed39a6eb1a5cc4f48aac4d4bed212&v=1.2.92&lv=1&sn=28373&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fnicljr.com%2F&tt=%E5%AE%89%E5%85%A8%E6%B3%A8%E5%86%8C
Requested by
Host: nicljr.com
URL: http://nicljr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nicljr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Apr 2022 16:03:52 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
getPreNewWebInfo
www.kf3ju.com/api/v2/Static/ Frame 8FCE 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/api/v2/Static/getPreNewWebInfo
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
29fe9563fba741265b043557b42004b3cc04014ca89e036594f0e76c1f0f5f4a

Request headers

X-API-XXX
2BF42866D2248083E74D1ABFDBCBED2912CE245985BC94845DA8016C3EF9D02E
accept-language
de-DE,de;q=0.9
X-API-ID
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
client-type
web
X-API-TOKEN
null

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
*
content-type
application/json;charset=utf8;
access-control-allow-origin
*
x-remote-addr
185.213.155.163
access-control-allow-credentials
true
http-geo-ipcountry
DE
91.0165c2f70fa744e8c01a.css
www.kf3ju.com/static/ Frame 8FCE 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/91.0165c2f70fa744e8c01a.css
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
60cfeba7c6dfc7f58528cde13dd77057d89ba167f0e8a135ac5e4b64646a6427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:39 GMT
server
nginx
etag
W/"626ad3ef-1338"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
vendors~userRegister.68e4d48b4007056c9b31.js
www.kf3ju.com/static/ Frame 8FCE 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/vendors~userRegister.68e4d48b4007056c9b31.js
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e1824c9ede9bca289752e8eebf77e00aea83f2a71ca54e240bb212c27a729d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:39 GMT
server
nginx
etag
W/"626ad3ef-10af9"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
84.79b7ac49956494917464.css
www.kf3ju.com/static/ Frame 8FCE 		8 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/84.79b7ac49956494917464.css
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
4fa79c6a36811de9817b43db885f56541acfe5577b5e9eee7833c141780920b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:39 GMT
server
nginx
etag
W/"626ad3ef-2139"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
userRegister.098d0991c28e9df0b55e.js
www.kf3ju.com/static/ Frame 8FCE 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/userRegister.098d0991c28e9df0b55e.js
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2178abca59f7f2148586a8ad89a63165c2cc975cdd1b5a2a098f686480125cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:39 GMT
server
nginx
etag
W/"626ad3ef-c1c1"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
7.1510eb3c215dcbe2012e.js
www.kf3ju.com/static/ Frame 8FCE 		281 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/7.1510eb3c215dcbe2012e.js
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
08ab80a70989a9d7695261efd26d7e78869a2ec32a9f203ab98ae9a4b971955c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
W/"626ad3ee-4649e"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
0.9af1e1b66fb8f0a38d7c.js
www.kf3ju.com/static/ Frame 8FCE 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/0.9af1e1b66fb8f0a38d7c.js
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
0fcea53978e20f38fc644977bb77f57d7f01d500a591bd35d6ce8dd320828eca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
W/"626ad3ee-aaa7"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
4.60f2038a0600769e9248.css
www.kf3ju.com/static/ Frame 8FCE 		57 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/4.60f2038a0600769e9248.css
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
edb335f2ea3f9cf1eedc6b15248f6e0d4d90237e4af093f156bfc28c12e17be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
W/"626ad3ee-e2fc"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
vendors~appPage~chess-overview~deposit~eSportsLandingPage~egame~help~home~lottery-overview~realbet~s~b80583d7.5ee2e08479ed74f259a3.js
www.kf3ju.com/static/ Frame 8FCE 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/vendors~appPage~chess-overview~deposit~eSportsLandingPage~egame~help~home~lottery-overview~realbet~s~b80583d7.5ee2e08479ed74f259a3.js
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
a35b50d46018555cc75b6d1cd4dccfbbec1f7d3edb68d14935635f7fd6950fed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
W/"626ad3ee-4d3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
72.a86cbae47378729f0e62.css
www.kf3ju.com/static/ Frame 8FCE 		40 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/72.a86cbae47378729f0e62.css
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
32dbfab91252ecc73feec1081e3b1e55eec061df352d80060682183e68f5cd69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:39 GMT
server
nginx
etag
W/"626ad3ef-9ead"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
smallRedPacket.61222aaf7210ce68ea89.js
www.kf3ju.com/static/ Frame 8FCE 		148 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/smallRedPacket.61222aaf7210ce68ea89.js
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
01eb58cc462b2c4316b9f920523c31d79dcab3a8daa01d6b61fb92416d190336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:39 GMT
server
nginx
etag
W/"626ad3ef-24f97"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
truncated
/ Frame 8FCE 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72a898c85256858a800bb8f8b0959172021b1f73382668c4da2abbcc311851e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
validateCode
www.kf3ju.com/api/v2/common/ Frame 8FCE 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/api/v2/common/validateCode
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
6500288bd22f07e0487e054830c5a844e94b031c4e0b80f6662b6f83c31baf1a

Request headers

Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
client-type
web

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
server
nginx
x-code
103991963716791824
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
*
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
x-remote-addr
185.213.155.163
access-control-allow-credentials
true
http-geo-ipcountry
DE
content-type
image/png
w_logo1-a238.png
www.kf3ju.com/static/ Frame 8FCE 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kf3ju.com:9142/static/w_logo1-a238.png
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
a380361f1732d8ead9e3696b50b171f0d8e33167a26a7cffd3fa52c865eff465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
W/"626ad3ee-7116"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
truncated
/ Frame 8FCE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb5c611b3d25462a435625a2af6909520b6ea94d6f217f50dcbb11ba7fbf7228

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
show_code
www.kf3ju.com/api/v2/ Frame 8FCE 		210 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/api/v2/show_code?
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
12f53321b9651be0e36ae2d471871e219844a2e72de1a3a214b8cf6865504ede

Request headers

X-API-XXX
F41D19F5B88F9E4D7F08D9918E821DCE4303C0E9E3A993F6E672B263D687DB6C
accept-language
de-DE,de;q=0.9
X-API-ID
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
client-type
web
X-API-TOKEN
null

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json;charset=utf8;
access-control-allow-origin
*
x-remote-addr
185.213.155.163
access-control-allow-credentials
true
http-geo-ipcountry
DE
register-ac5a.jpg
www.kf3ju.com/static/ Frame 8FCE 		98 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kf3ju.com:9142/static/register-ac5a.jpg
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/static/84.79b7ac49956494917464.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
31415b09fa7500441804384f79caf782d07f523cc470bd59123dd2cbf71ebeb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/static/84.79b7ac49956494917464.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
W/"626ad3ee-186bd"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
register_box-a9ce.png
www.kf3ju.com/static/ Frame 8FCE 		237 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kf3ju.com:9142/static/register_box-a9ce.png
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
f1a5b6747c4e60876931418e1caef530535a651f058be85665d764277c8296df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
content-encoding
br
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
W/"626ad3ee-3b5ca"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
truncated
/ Frame 8FCE 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e36c8605c7d3c00b254fadec1b8e998edeceacf0c51285dd4dff57790c77685a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8FCE 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
736f04d253d133dfad6cc641b6abdd6471318eb6881a3d886ab561dfbd2a300d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8FCE 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a40274f7dd79b967350e5d2761544c412d1d2a2ccb4608f30766fd8904dafae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8FCE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5979b13c6bfe6dd1c6c582222d8a3e228e960e87597bf7c0efca3eb7885798b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
bg_batch-0ac1.mp4
www.kf3ju.com/static/ Frame 8FCE 		88 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/bg_batch-0ac1.mp4
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
Content-Range
bytes 0-4075197/4075198
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
Content-Length
4075198
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
"626ad3ee-3e2ebe"
access-control-allow-methods
*
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
bg_batch-0ac1.mp4
www.kf3ju.com/static/ Frame 8FCE 		12 KB
12 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/bg_batch-0ac1.mp4
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e7a333f457b32fbf60fee9f35ead5f97c3632ccc3c049e7b018fb187aa6e8bdf

Request headers

Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=4063232-

Response headers

date
Fri, 29 Apr 2022 16:03:53 GMT
Content-Range
bytes 4063232-4075197/4075198
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
Content-Length
11966
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
"626ad3ee-3e2ebe"
access-control-allow-methods
*
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:53 GMT
getToken
www.kf3ju.com/stream/web/v1/ Frame 8FCE 		91 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/stream/web/v1/getToken?
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
0e3bb90717d88dbb27f8084e40d7ef0123d1f97f77f62027e61b6519fc89ed6a

Request headers

X-API-XXX
7347BDA208AA276DEF42E8B31372A63C01523EDB6B0A6A85C8FFF121D09BB3CD
accept-language
de-DE,de;q=0.9
X-API-ID
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
client-type
web
X-API-TOKEN
null

Response headers

date
Fri, 29 Apr 2022 16:03:54 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-remote-addr
185.213.155.163
access-control-allow-credentials
true
http-geo-ipcountry
DE
8798c582-c70e-449f-9c68-c3721e792393
https://www.kf3ju.com:9142/ Frame 8FCE 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.kf3ju.com:9142/8798c582-c70e-449f-9c68-c3721e792393
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6500288bd22f07e0487e054830c5a844e94b031c4e0b80f6662b6f83c31baf1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
6121
Content-Type
image/png
bg_batch-0ac1.mp4
www.kf3ju.com/static/ Frame 8FCE 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/static/bg_batch-0ac1.mp4
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
1239f1ae700cc19f80522ce04fa42d620a8b942ce535e20ff6ff70854674bd49

Request headers

Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=65536-

Response headers

date
Fri, 29 Apr 2022 16:03:54 GMT
Content-Range
bytes 65536-4075197/4075198
x-remote-addr
185.213.155.163
http-geo-ipcountry
DE
Content-Length
4009662
last-modified
Thu, 28 Apr 2022 17:50:38 GMT
server
nginx
etag
"626ad3ee-3e2ebe"
access-control-allow-methods
*
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
true
x-forwarded-port
9142
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-proxy-cache
HIT
expires
Fri, 29 Apr 2022 16:13:54 GMT
z_stat.php
s96.cnzz.com/ Frame 8FCE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s96.cnzz.com/z_stat.php?id=1275990545&web_id=1275990545
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.231.83.250 -, , ASN (),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
7fcff4607717f2e23b37844bb0e4caea3f752aa946693819da539aef47c2a6ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 14:09:57 GMT
content-encoding
gzip
age
6839
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:10:1469087812
x-swift-cachetime
10800
x-swift-savetime
Fri, 29 Apr 2022 14:09:57 GMT
content-length
4051
last-modified
Fri, 29 Apr 2022 14:09:57 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1651241397
content-type
application/javascript
via
cache49.l2cn2656[38,39,200-0,M], cache40.l2cn2656[39,0], cache17.cn2570[0,0,200-0,H], cache25.cn2570[0,0]
cache-control
max-age=5400,s-maxage=10800
timing-allow-origin
*
eagleid
dde7532d16512482361415217e
gettype.php
api.geetest.com/ Frame 8FCE 		475 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.geetest.com/gettype.php?gt=54f11016f00ca56cafb0c9973e3bdd30&callback=geetest_1651248239728
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/static/userRegister.098d0991c28e9df0b55e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:183:5c00:4294:5ccd:8cd6:df82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
34ebe766f9e7d4673e63dd29e6e9dd2cde23fefbf3fcbc5ddbc95569c231b05e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 16:03:54 GMT
server
openresty
etag
"c7251ef0f784d2eed6eab0a229377b3cf4d17ef0"
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
475
expires
0
fullpage.9.0.9.js
static.geetest.com/static/js/ Frame 8FCE 		328 KB
329 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/static/js/fullpage.9.0.9.js
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/static/userRegister.098d0991c28e9df0b55e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7c00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9723c20961f63a892008d4fa8481f468cdcc75bdde1ab626ab60384cb1cfffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 02:29:27 GMT
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Mar 2022 03:05:07 GMT
server
AmazonS3
age
48869
etag
"982aa104441d90e4421dc89c6d1524e0"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
336200
x-amz-cf-id
k5RiEvbZTyRkHyrPWYEk7oogNcd2WeeLfErYcGkcvJ0XsBkiEonSkw==
x-amz-meta-mtime
1642404639
get.php
api.geetest.com/ Frame 8FCE 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.geetest.com/get.php?gt=54f11016f00ca56cafb0c9973e3bdd30&challenge=997c1652379b86d60422ede3050c1218&lang=zh-cn&pt=0&client_type=web&w=B4mYe37qq5jmo64PAaXuEyGjF2kTC5nKhmHtDJCT19aRM(cf0o58ccIK)rKi2UVo59VgZI6q8zOUPOZBTYpjgUF2wwKfpZHT7jTUiVBRnJZZ2aeBUkwaQj4hhx9heay)vtIo4075U5a(chTBn(2unlaW)p01Ky6zDWUit()egXO0PzCNwUR)Ce4vFLLUb5QXsesL54tybJJdtPg(x0c9LOI8GUSi1cmRzw(JAa)wZduibzWGSpNdwJSbTMcBn2L1W3wbjkuUpNDD7TRQU3pyagBxo(fHvEzIcDhyE2vsnPn4MZqb(2mQfT67aKZ6ozlU0QAWRmhWq(mTL6CjXngcPOVQCPzgpAe6JXrORWeDBJVxhWhbtylRRXnJdhg29fFh)pBw9dWcB4NFDhWaOR3OSjuZe0tbsl1HLmSHeh7br3316F1vJ(2IyRv(HkXYV7yFFiSwAQ1820YAFPHrdPWrVvOz4CEgvPfHPzRv)oWc8Jk)LD)8G)T)pB8tRhubFr)TN)Xe)p9lk)BwZXFeZoX71m7TtcemluyAfHl9x7us2ItZ0bI(63GVSSWGTNNUe2IbF8SQBMfq6W9esXyVJfovOxsEA4N(iJ2l3SGGwRYL(MFsXRgV2ExLfdwYiKVd(OyBeSp9O1EBXxkrnClVQfx0Ocuwu)fOYbkZsIgl6eo40DKOLoeIbePHjU5KBBoF4kVLm1PhlQK311J)0HuiM7IRPxm6wddjhMHbnpUIMqREVVd2RgnxQNZAzHHRd)ruULBT)MzKGVC3cW)wlOfni5BcBsjIasbiW7adqDFCC79mRvO2iHBaQczmnuMLMZfB71Ueqo3rX2xCF)k1ZKDHva9JrpOy1ymZwAYjm46U3TUU6clr5qWBaj1A042w38JdgWRavQJqx(uY5745zSUZEs(YefnDto9T2n3DBFmSU1gpQZTgYMO)eSno8KyWmCHQamWJPCLfSiN5Ap2bkSJ16OhhKsIie69M5vDHaMl7OMqJNe4A88BM3zHvvwVv(fqUUA1cix1TiTQhO)VfUALM)o4lwK8pRr)nvwYhloRTT8LNsTULCPJ2XutqRxdzMCNIjioa6kFS8qCU2ccUf8NDSqjcFkebI9RFKp6bcPeKcRboX)uSZY1unhV5ytx6aZjhKn81Roh6GHWzEtWbmsOyVxP)lkP5SMQybdFlttFkgqwmTLccUSSze3TfM7n52HgOSssLvRqNDG80IHWwL3ItVLCkmVTEMGkVxn04pgoXr4e9bJpAfltUn8kfTeMMc7LZcivOXb9yRgxM589ds8kvq5nF8kIg(gSHa3sphduDsIA)4ma5lR)a2iy0NmZfd9r02SujjGshUnt9FXEDOlWwZwifHPprVSoaPi5ZveXKpR(56KZrJ8I1TchWdGOzbG6OfISg4t5w1)ND3ZhmKiY0pc29WRrkeSb3e6TUgCjFVP4KcghRyiCtJ17Cp3qz7HcPLoxzMMIMw2MU2JHkvvUnOHHvnA(6))Oqj0zI80iz5qlWcAo.4dfd5004f7df0dcbd2f78be0adaa470607a05155929f192fd014fcd2fb06a9f947df90ee7b5530e4806c3a001480cdff777459cb3e0849e71d286ce596df4eb1340b5b3a16ed0faae33e2fe5ae900555e40ce6836e9fb812c988aaac96c82ba373ac72fee7c7b505512b8db15a628630ca2e78ee115e8d0bdd173e17fcef593a&callback=geetest_1651248237469
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.0.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:183:5c00:4294:5ccd:8cd6:df82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a5b70c77186f5451ccca4984652ac91c720fb07003d540d95b156de8040ee079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 16:03:55 GMT
server
openresty
etag
"c932ff1f8f864beea408cfd4dc0dd1b350848507"
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
1272
expires
0
style_https.1.5.8.css
static.geetest.com/static/wind/ Frame 8FCE 		40 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/static/wind/style_https.1.5.8.css
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.0.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7c00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kf3ju.com:9142/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 11:59:35 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 03:04:56 GMT
server
AmazonS3
age
101061
etag
W/"3fb6aacfd5ae2d3894f2f00b0d5f3236"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
qvJuERona_yuaWyLg0gzbPeSbfbaQGLUvo1AyyOZNdb9fl22sWX4vw==
x-amz-meta-mtime
1585034197
grabExpires
www.kf3ju.com/api/v2/hby/ Frame 8FCE 		95 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kf3ju.com:9142/api/v2/hby/grabExpires?
Requested by
Host: www.kf3ju.com
URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.94.62.116 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
3f9fadf9aaa726186b20ab505c4d03aff2c72141a3d5d33678cd0e10920c2137

Request headers

X-API-XXX
267F2C81FC642D7F815F7995099A2D8B21E22BEA027D9B81E3948B13956D467D
accept-language
de-DE,de;q=0.9
X-API-ID
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.kf3ju.com:9142/register?agent_code=5432067
client-type
web
X-API-TOKEN
null

Response headers

date
Fri, 29 Apr 2022 16:03:55 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json;charset=utf8;
access-control-allow-origin
*
x-remote-addr
185.213.155.163
access-control-allow-credentials
true
http-geo-ipcountry
DE
core.php
c.cnzz.com/ Frame 8FCE 		0
0
stat.htm
z5.cnzz.com/ Frame 8FCE 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.cnzz.com
URL
https://c.cnzz.com/core.php?web_id=1275990545&t=z
Domain
z5.cnzz.com
URL
https://z5.cnzz.com/stat.htm?id=1275990545&r=http%3A%2F%2Fnicljr.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2Fwww.kf3ju.com%3A9142%2Fregister%3Fagent_code%3D5432067&t=BOB%E4%BD%93%E8%82%B2%C2%B7%E5%BE%B7%E7%94%B2%E5%A4%9A%E7%89%B9%E8%92%99%E5%BE%B7%E5%AE%98%E6%96%B9%E5%90%88%E4%BD%9C%E4%BC%99%E4%BC%B4&umuuid=180761086e6ea-0f3469282c0c9-12333272-1d4c00-180761086e7e3d&h=1&rnd=162773081

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| _hmt function| isMobile string| url string| sUserAgent boolean| bIsIpad boolean| bIsIphoneOs boolean| bIsMidp boolean| bIsUc7 boolean| bIsUc boolean| bIsAndroid boolean| bIsCE boolean| bIsWM function| getIosVersion string| u boolean| isIOS function| randomNum boolean| _bdhm_loaded_adaed39a6eb1a5cc4f48aac4d4bed212 object| mini_tangram_log_vk15rx

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 5C1B748CFF7679CD
.nicljr.com/ Name: Hm_lvt_adaed39a6eb1a5cc4f48aac4d4bed212
Value: 1651248233
.nicljr.com/ Name: Hm_lpvt_adaed39a6eb1a5cc4f48aac4d4bed212
Value: 1651248233

3 Console Messages

Source Level URL
Text
rendering warning URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Message:
[.WebGL-0x4f402b04600] GL_OUT_OF_MEMORY: Internal Vulkan error (-2): A device memory allocation has failed.
rendering warning URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Message:
WebGL: CONTEXT_LOST_WEBGL: loseContext: context lost
rendering warning URL: https://www.kf3ju.com:9142/register?agent_code=5432067
Message:
WebGL: CONTEXT_LOST_WEBGL: loseContext: context lost

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.geetest.com
c.cnzz.com
hm.baidu.com
nicljr.com
polyfill.io
s96.cnzz.com
static.geetest.com
www.kf3ju.com
z5.cnzz.com
c.cnzz.com
z5.cnzz.com
103.235.46.191
13.94.62.116
156.242.202.204
221.231.83.250
2600:9000:206f:7c00:1:fa24:cf00:93a1
2a04:4e42:c00::282
2a05:d018:183:5c00:4294:5ccd:8cd6:df82
01eb58cc462b2c4316b9f920523c31d79dcab3a8daa01d6b61fb92416d190336
08ab80a70989a9d7695261efd26d7e78869a2ec32a9f203ab98ae9a4b971955c
0e3bb90717d88dbb27f8084e40d7ef0123d1f97f77f62027e61b6519fc89ed6a
0fcea53978e20f38fc644977bb77f57d7f01d500a591bd35d6ce8dd320828eca
1239f1ae700cc19f80522ce04fa42d620a8b942ce535e20ff6ff70854674bd49
12f53321b9651be0e36ae2d471871e219844a2e72de1a3a214b8cf6865504ede
2178abca59f7f2148586a8ad89a63165c2cc975cdd1b5a2a098f686480125cc3
29fe9563fba741265b043557b42004b3cc04014ca89e036594f0e76c1f0f5f4a
31415b09fa7500441804384f79caf782d07f523cc470bd59123dd2cbf71ebeb0
32dbfab91252ecc73feec1081e3b1e55eec061df352d80060682183e68f5cd69
34ebe766f9e7d4673e63dd29e6e9dd2cde23fefbf3fcbc5ddbc95569c231b05e
37290b4d5aabf7deceae91d0b5a2b1e542c0b42ff91db261b19a0a331b680014
3f9fadf9aaa726186b20ab505c4d03aff2c72141a3d5d33678cd0e10920c2137
4fa79c6a36811de9817b43db885f56541acfe5577b5e9eee7833c141780920b8
5979b13c6bfe6dd1c6c582222d8a3e228e960e87597bf7c0efca3eb7885798b9
60cfeba7c6dfc7f58528cde13dd77057d89ba167f0e8a135ac5e4b64646a6427
6500288bd22f07e0487e054830c5a844e94b031c4e0b80f6662b6f83c31baf1a
72a898c85256858a800bb8f8b0959172021b1f73382668c4da2abbcc311851e8
736f04d253d133dfad6cc641b6abdd6471318eb6881a3d886ab561dfbd2a300d
7fcff4607717f2e23b37844bb0e4caea3f752aa946693819da539aef47c2a6ef
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
a35b50d46018555cc75b6d1cd4dccfbbec1f7d3edb68d14935635f7fd6950fed
a380361f1732d8ead9e3696b50b171f0d8e33167a26a7cffd3fa52c865eff465
a40274f7dd79b967350e5d2761544c412d1d2a2ccb4608f30766fd8904dafae9
a5b70c77186f5451ccca4984652ac91c720fb07003d540d95b156de8040ee079
bc82182e05e0dc5f4aacf20d984a18ac79542bdf36ebd53144e84ba3b61eb049
c1e1824c9ede9bca289752e8eebf77e00aea83f2a71ca54e240bb212c27a729d
c94b3d2a1c9835a30500555f0f0aa75d2878162478256ee2ab106ec47344e69c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
e36c8605c7d3c00b254fadec1b8e998edeceacf0c51285dd4dff57790c77685a
e7a333f457b32fbf60fee9f35ead5f97c3632ccc3c049e7b018fb187aa6e8bdf
e9723c20961f63a892008d4fa8481f468cdcc75bdde1ab626ab60384cb1cfffd
edb335f2ea3f9cf1eedc6b15248f6e0d4d90237e4af093f156bfc28c12e17be2
f1a5b6747c4e60876931418e1caef530535a651f058be85665d764277c8296df
fb5c611b3d25462a435625a2af6909520b6ea94d6f217f50dcbb11ba7fbf7228