urlscan.io logo urlscan.io
SecurityTrails logo

cs2.club Open in urlscan Pro
144.48.9.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cs2.club/
Effective URL: http://cs2.club/?index.html
Submission: On February 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 33 HTTP transactions. The main IP is 144.48.9.143, located in China and belongs to CLOUDIE-AS-AP Cloudie Limited, HK. The main domain is cs2.club.
This is the only time cs2.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 26 144.48.9.143 55933 (CLOUDIE-A...)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
19 103.74.192.238 133199 (SONDERCLO...)
4 103.235.46.191 55967 (CNNIC-BAI...)
33 5
Apex Domain
Subdomains		 Transfer
26 cs2.club
cs2.club
20 KB
19 jufutongfeng.com
www.jufutongfeng.com
770 KB
4 baidu.com
hm.baidu.com
libs.baidu.com Failed
22 KB
2 sfdg1.com
www.sfdg1.com
100 KB
0 51.la Failed
js.users.51.la Failed
0 qq.com Failed
wpa.qq.com Failed
33 6
Domain Requested by
26 cs2.club 21 redirects cs2.club
19 www.jufutongfeng.com cs2.club
4 hm.baidu.com www.sfdg1.com
cs2.club
2 www.sfdg1.com cs2.club
0 libs.baidu.com Failed cs2.club
0 js.users.51.la Failed cs2.club
0 wpa.qq.com Failed cs2.club
33 7

This site contains links to these domains. Also see Links.

Domain
277.19dfh.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-09-29 -
2019-09-29		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-12-03 -
2019-05-26		 6 months crt.sh

This page contains 1 frames:

Primary Page: http://cs2.club/?index.html
Frame ID: D7DF872CF331639E4BF129C1026F06FC
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cs2.club/ HTTP 301
    http://cs2.club/?index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

33
Requests

18 %
HTTPS

25 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

907 kB
Transfer

1286 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cs2.club/ HTTP 301
    http://cs2.club/?index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://cs2.club/?/ HTTP 301
  • http://cs2.club/?index.html
Request Chain 3
  • http://cs2.club/?templets/web/images/logo.png HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/logo.png
Request Chain 4
  • http://cs2.club/?templets/web/images/home_07.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/home_07.jpg
Request Chain 6
  • http://cs2.club/?templets/web/images/more.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/more.jpg
Request Chain 7
  • http://cs2.club/?uploads/131003/1-131003095F3608.jpg HTTP 302
  • http://www.jufutongfeng.com/uploads/131003/1-131003095F3608.jpg
Request Chain 8
  • http://cs2.club/?uploads/131003/1-131003095622950.jpg HTTP 302
  • http://www.jufutongfeng.com/uploads/131003/1-131003095622950.jpg
Request Chain 9
  • http://cs2.club/?uploads/131003/1-13100309542c62.jpg HTTP 302
  • http://www.jufutongfeng.com/uploads/131003/1-13100309542c62.jpg
Request Chain 10
  • http://cs2.club/?uploads/131003/1-131003094A0253.jpg HTTP 302
  • http://www.jufutongfeng.com/uploads/131003/1-131003094A0253.jpg
Request Chain 12
  • http://cs2.club/?templets/web/images/home_40.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/home_40.jpg
Request Chain 13
  • http://cs2.club/?Plugins/apps/CaiJiXia/cjx.js HTTP 302
  • http://www.jufutongfeng.com/Plugins/apps/CaiJiXia/cjx.js
Request Chain 14
  • http://cs2.club/?templets/web/js/jquery.js HTTP 302
  • http://www.jufutongfeng.com/templets/web/js/jquery.js
Request Chain 15
  • http://cs2.club/?templets/web/js/naverji.js HTTP 302
  • http://www.jufutongfeng.com/templets/web/js/naverji.js
Request Chain 20
  • http://cs2.club/?/templets/web/css/../images/bj_01.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/bj_01.jpg
Request Chain 21
  • http://cs2.club/?/templets/web/css/../images/nav_3.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/nav_3.jpg
Request Chain 22
  • http://cs2.club/?/templets/web/css/../images/nav_1.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/nav_1.jpg
Request Chain 23
  • http://cs2.club/?/templets/web/css/../images/nav_4.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/nav_4.jpg
Request Chain 24
  • http://cs2.club/?/templets/web/css/../images/nav_2.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/nav_2.jpg
Request Chain 25
  • http://cs2.club/?/templets/web/css/../images/home_04.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/home_04.jpg
Request Chain 26
  • http://cs2.club/?/templets/web/css/../images/home_05.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/home_05.jpg
Request Chain 27
  • http://cs2.club/?/templets/web/css/../images/home_06.jpg HTTP 302
  • http://www.jufutongfeng.com/templets/web/images/home_06.jpg

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cs2.club/
Redirect Chain
  • http://cs2.club/
  • http://cs2.club/?index.html
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
144.48.9.143 , China, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/5.4.45 ASP.NET
Resource Hash
fb615bf20357c38e8d98623064c5ade39b3c9a92ce1427dfd806ef88bbf36bcf

Request headers

Host
cs2.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html; charset=gbk
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Date
Thu, 21 Feb 2019 03:09:30 GMT
Content-Length
3590

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
?index.html
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Date
Thu, 21 Feb 2019 03:09:30 GMT
Content-Length
134
/
cs2.club/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cs2.club/?templets/web/css/style.css
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
144.48.9.143 , China, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/5.4.45 ASP.NET
Resource Hash
dd6faf89ac10f16a1a847cbd3e6b02d8c1f11a7dc3c3a7e1cfe980d36a506eaa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cs2.club
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 03:09:31 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
2888
Vary
Accept-Encoding
Content-Type
text/css
/
cs2.club/
Redirect Chain
  • http://cs2.club/?/
  • http://cs2.club/?index.html
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cs2.club/?index.html
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
144.48.9.143 , China, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/5.4.45 ASP.NET
Resource Hash
fb615bf20357c38e8d98623064c5ade39b3c9a92ce1427dfd806ef88bbf36bcf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cs2.club
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 03:09:31 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
3590
Vary
Accept-Encoding
Content-Type
text/html; charset=gbk

Redirect headers

Location
?index.html
Date
Thu, 21 Feb 2019 03:09:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
134
Content-Type
text/html; charset=UTF-8
js.js
www.sfdg1.com/ 		397 B
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sfdg1.com/js.js
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6833 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WAF/2.0
Resource Hash
073c9ddf70332179ae55ab8a5c52be6622edd380bc687cac84df758d211861ad

Request headers

Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 03:09:35 GMT
content-encoding
br
etag
W/"c671107af3afd41:0"
cf-cache-status
HIT
last-modified
Sat, 19 Jan 2019 12:35:36 GMT
server
cloudflare
x-powered-by
WAF/2.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ac603d7ae49c283-FRA
expires
Thu, 21 Feb 2019 07:09:35 GMT
logo.png
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?templets/web/images/logo.png
  • http://www.jufutongfeng.com/templets/web/images/logo.png
18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/logo.png
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
845fc41ee7d1cf232651a906a7003edbad322a3db7012e7039304dbb29f1629e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 Jul 2017 23:21:04 GMT
Server
Apache
ETag
"48c6-554f03c4b3800-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
18653

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/images/logo.png
Date
Thu, 21 Feb 2019 03:09:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
179
Content-Type
text/html; charset=UTF-8
home_07.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?templets/web/images/home_07.jpg
  • http://www.jufutongfeng.com/templets/web/images/home_07.jpg
4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/home_07.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
9cd4aa052628f558ef83770aec9087f5ce75e90aadefa83a61b5ae0c62b3e17a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:29:20 GMT
Server
Apache
ETag
"11d6-53e8cce3cfc00-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1747

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/images/home_07.jpg
Date
Thu, 21 Feb 2019 03:09:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
182
Content-Type
text/html; charset=UTF-8
cnsecnews.cn.gif
cs2.club/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cs2.club/cnsecnews.cn.gif
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
144.48.9.143 , China, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a511b443bcefaa680a944fb18998f3d6829d4b498b91b942b4b71fee1ea460b4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cs2.club
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 03:09:31 GMT
Last-Modified
Sat, 24 Nov 2018 02:55:37 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"a8f0a02da183d41:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2118
more.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?templets/web/images/more.jpg
  • http://www.jufutongfeng.com/templets/web/images/more.jpg
4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/more.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
ef814273284de6be97b19617483ba1f5132e5629674931557d498ae81c6f671e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:30 GMT
Server
Apache
ETag
"1013-53e8cc7ae8480-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1286

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/images/more.jpg
Date
Thu, 21 Feb 2019 03:09:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
179
Content-Type
text/html; charset=UTF-8
1-131003095F3608.jpg
www.jufutongfeng.com/uploads/131003/
Redirect Chain
  • http://cs2.club/?uploads/131003/1-131003095F3608.jpg
  • http://www.jufutongfeng.com/uploads/131003/1-131003095F3608.jpg
79 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/uploads/131003/1-131003095F3608.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
3ed468532361f4231256f568484d5d303a7cb5f2343af5ae2d2a0b07122f7cb8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:10:56 GMT
Server
Apache
ETag
"13a0d-53e8c8c6f4800-gzip"
Vary
Accept-Encoding
Upgrade
h2
Transfer-Encoding
chunked
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
http://www.jufutongfeng.com/uploads/131003/1-131003095F3608.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
186
Content-Type
text/html; charset=UTF-8
1-131003095622950.jpg
www.jufutongfeng.com/uploads/131003/
Redirect Chain
  • http://cs2.club/?uploads/131003/1-131003095622950.jpg
  • http://www.jufutongfeng.com/uploads/131003/1-131003095622950.jpg
115 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/uploads/131003/1-131003095622950.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
c317dbe3553af5f7829753cd3a769d8557573c120fcf0e1b357c9d3269c782ba

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:10:56 GMT
Server
Apache
ETag
"1cb13-53e8c8c6f4800-gzip"
Vary
Accept-Encoding
Upgrade
h2
Transfer-Encoding
chunked
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
http://www.jufutongfeng.com/uploads/131003/1-131003095622950.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
187
Content-Type
text/html; charset=UTF-8
1-13100309542c62.jpg
www.jufutongfeng.com/uploads/131003/
Redirect Chain
  • http://cs2.club/?uploads/131003/1-13100309542c62.jpg
  • http://www.jufutongfeng.com/uploads/131003/1-13100309542c62.jpg
201 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/uploads/131003/1-13100309542c62.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
25759f435a76302e03755bd55f7099825d0b7b7dd3faaa7fa5fac0729764e5c8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:10:54 GMT
Server
Apache
ETag
"322bf-53e8c8c50c380-gzip"
Vary
Accept-Encoding
Upgrade
h2
Transfer-Encoding
chunked
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
http://www.jufutongfeng.com/uploads/131003/1-13100309542c62.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
186
Content-Type
text/html; charset=UTF-8
1-131003094A0253.jpg
www.jufutongfeng.com/uploads/131003/
Redirect Chain
  • http://cs2.club/?uploads/131003/1-131003094A0253.jpg
  • http://www.jufutongfeng.com/uploads/131003/1-131003094A0253.jpg
269 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/uploads/131003/1-131003094A0253.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
36c7f5f035d66c07a07b6ff184c45e1d0c0402b858253165c586399f98b98007

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:10:54 GMT
Server
Apache
ETag
"4321f-53e8c8c50c380-gzip"
Vary
Accept-Encoding
Upgrade
h2
Transfer-Encoding
chunked
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
http://www.jufutongfeng.com/uploads/131003/1-131003094A0253.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
186
Content-Type
text/html; charset=UTF-8
pa
wpa.qq.com/ 		0
0
home_40.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?templets/web/images/home_40.jpg
  • http://www.jufutongfeng.com/templets/web/images/home_40.jpg
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/home_40.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
c864ee32d7cf613b75c5d001780d39e11421bb505aab9523981d6d756ae54110

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:06 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Jul 2017 02:14:24 GMT
Server
Apache
ETag
"414d-554f2a82ea000-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
16045

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/images/home_40.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
182
Content-Type
text/html; charset=UTF-8
cjx.js
www.jufutongfeng.com/Plugins/apps/CaiJiXia/
Redirect Chain
  • http://cs2.club/?Plugins/apps/CaiJiXia/cjx.js
  • http://www.jufutongfeng.com/Plugins/apps/CaiJiXia/cjx.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.jufutongfeng.com/Plugins/apps/CaiJiXia/cjx.js
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
5ae2b62fe5197aadb4833966d70cd89dfdef109e36aea15422fcc525cbe52675

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Apr 2016 15:18:36 GMT
Server
Apache
ETag
"9b8-530c3dfdb4b00-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1448

Redirect headers

Location
http://www.jufutongfeng.com/Plugins/apps/CaiJiXia/cjx.js
Date
Thu, 21 Feb 2019 03:09:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
179
Content-Type
text/html; charset=UTF-8
jquery.js
www.jufutongfeng.com/templets/web/js/
Redirect Chain
  • http://cs2.club/?templets/web/js/jquery.js
  • http://www.jufutongfeng.com/templets/web/js/jquery.js
56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.jufutongfeng.com/templets/web/js/jquery.js
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:05:30 GMT
Server
Apache
ETag
"dfb8-53e8c7900ea80-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
19745

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/js/jquery.js
Date
Thu, 21 Feb 2019 03:09:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
176
Content-Type
text/html; charset=UTF-8
naverji.js
www.jufutongfeng.com/templets/web/js/
Redirect Chain
  • http://cs2.club/?templets/web/js/naverji.js
  • http://www.jufutongfeng.com/templets/web/js/naverji.js
140 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.jufutongfeng.com/templets/web/js/naverji.js
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
5cd271c8f535a93eeebe45a79b85dbdba2f26641eb69cf4a26357899b59a4cb3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://cs2.club/?index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:05:30 GMT
Server
Apache
ETag
"8c-53e8c7900ea80-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
104

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/js/naverji.js
Date
Thu, 21 Feb 2019 03:09:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
177
Content-Type
text/html; charset=UTF-8
19009439.js
js.users.51.la/ 		0
0
bj_02.jpg
cs2.club/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cs2.club/images/bj_02.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
144.48.9.143 , China, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cs2.club
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 03:09:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
1163
Content-Type
text/html
hm.js
hm.baidu.com/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?ca562f27195099b179f838c70020268d
Requested by
Host: www.sfdg1.com
URL: https://www.sfdg1.com/js.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
de027f171b83b0233fc6097d6df80749445c9f7a7e91f20cedd0725101c46d33
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 03:09:37 GMT
Content-Encoding
gzip
Server
apache
Etag
806be5a93a9714cb5cc6f012f754b97a
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
10564
banner.jpg
www.sfdg1.com/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sfdg1.com/banner.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6833 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WAF/2.0
Resource Hash
d3a4b31a99f92f1f4073bcbb930742c76b6f0e4a09d20fb7b1189ae84e05d278

Request headers

Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 21 Feb 2019 03:09:36 GMT
etag
"209d5d63a824d41:0"
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Jul 2018 06:17:54 GMT
server
cloudflare
x-powered-by
WAF/2.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4ac603dd7dc4c283-FRA
content-length
101780
expires
Thu, 21 Feb 2019 07:09:36 GMT
bj_01.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?/templets/web/css/../images/bj_01.jpg
  • http://www.jufutongfeng.com/templets/web/images/bj_01.jpg
308 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/bj_01.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
8e9443246d3c9c32aa29a13042c5e70925c3dd4a6768380013bd30478c64ff0c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:18 GMT
Server
Apache
ETag
"4d1cf-53e8cc6f76980-gzip"
Vary
Accept-Encoding
Upgrade
h2
Transfer-Encoding
chunked
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/css/../images/bj_01.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
187
Content-Type
text/html; charset=UTF-8
nav_3.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?/templets/web/css/../images/nav_3.jpg
  • http://www.jufutongfeng.com/templets/web/images/nav_3.jpg
4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/nav_3.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
d61a43e7cc7819943a04d48a1b8d4d6128607ca5f2ff42bd47f59cae239c382f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:30 GMT
Server
Apache
ETag
"ee1-53e8cc7ae8480-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
936

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/css/../images/nav_3.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
187
Content-Type
text/html; charset=UTF-8
nav_1.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?/templets/web/css/../images/nav_1.jpg
  • http://www.jufutongfeng.com/templets/web/images/nav_1.jpg
4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/nav_1.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
bec2ea228d48b72eea5ab711f087b22f4367f27c593de463461839cbe0fee153

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:30 GMT
Server
Apache
ETag
"f40-53e8cc7ae8480-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1047

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/css/../images/nav_1.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
187
Content-Type
text/html; charset=UTF-8
nav_4.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?/templets/web/css/../images/nav_4.jpg
  • http://www.jufutongfeng.com/templets/web/images/nav_4.jpg
4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/nav_4.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
1539668f7273042e0ebb3e1ae6aef1cc27cb59191ad4ba6c985b9d340a653b0f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:32 GMT
Server
Apache
ETag
"e92-53e8cc7cd0900-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
821

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/css/../images/nav_4.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
187
Content-Type
text/html; charset=UTF-8
nav_2.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?/templets/web/css/../images/nav_2.jpg
  • http://www.jufutongfeng.com/templets/web/images/nav_2.jpg
4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/nav_2.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
b0285674fd6029168f278e4b938058e3817eedad71bde1aea884a307481d70de

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:30 GMT
Server
Apache
ETag
"f6d-53e8cc7ae8480-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1105

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/css/../images/nav_2.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
187
Content-Type
text/html; charset=UTF-8
home_04.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?/templets/web/css/../images/home_04.jpg
  • http://www.jufutongfeng.com/templets/web/images/home_04.jpg
4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/home_04.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
df23449c2e21c5fde99c52481a653c749a935d8e0948a230cf1347a3586cbbd9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:22 GMT
Server
Apache
ETag
"f8d-53e8cc7347280-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1116

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/css/../images/home_04.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
189
Content-Type
text/html; charset=UTF-8
home_05.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?/templets/web/css/../images/home_05.jpg
  • http://www.jufutongfeng.com/templets/web/images/home_05.jpg
4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/home_05.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
36f9abbff8fff13fa76bea263b0a4002d5cd970c5201ddbe268d7512d9ad23d6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:22 GMT
Server
Apache
ETag
"f2e-53e8cc7347280-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1029

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/css/../images/home_05.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
189
Content-Type
text/html; charset=UTF-8
home_06.jpg
www.jufutongfeng.com/templets/web/images/
Redirect Chain
  • http://cs2.club/?/templets/web/css/../images/home_06.jpg
  • http://www.jufutongfeng.com/templets/web/images/home_06.jpg
4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.jufutongfeng.com/templets/web/images/home_06.jpg
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Server
103.74.192.238 Mong Kok, Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
Apache /
Resource Hash
c67ea5c125b9cba22e428d2cc52439b4bc8ea2349bd0b1dfeb9715796bbf6ca0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.jufutongfeng.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://cs2.club/?templets/web/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cs2.club/?templets/web/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 00:42:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Oct 2016 01:27:18 GMT
Server
Apache
ETag
"ed9-53e8cc6f76980-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
929

Redirect headers

Location
http://www.jufutongfeng.com/templets/web/css/../images/home_06.jpg
Date
Thu, 21 Feb 2019 03:09:32 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.4.45 ASP.NET
Content-Length
189
Content-Type
text/html; charset=UTF-8
hm.js
hm.baidu.com/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?268d930a1711a4eff453983100e500db
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cc9777435db15f5cdaf8b5734fb6cbccd8367b01379ef1e5b590543770cd1637
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 03:09:37 GMT
Content-Encoding
gzip
Server
apache
Etag
f2cf50f315256c8d25912c6d100fb52a
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
10565
jquery.min.js
libs.baidu.com/jquery/1.4.2/ 		0
0
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1490641536&si=ca562f27195099b179f838c70020268d&v=1.2.38&lv=1&ct=!!&tt=%E8%8F%B2%E5%BE%8B%E5%AE%BE%E7%94%B3%E5%8D%9A%2C%E7%94%B3%E5%8D%9Asunbet%2C%E7%94%B3%E5%8D%9A%E6%B3%A8%E5%86%8C%2C%E7%94%B3%E5%8D%9A%E5%A8%B1%E4%B9%90%E5%AE%98%E7%BD%91%E7%BD%91%E7%AB%99&sn=29408
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Feb 2019 03:09:37 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=420102507&si=268d930a1711a4eff453983100e500db&v=1.2.38&lv=1&ct=!!&tt=%E8%8F%B2%E5%BE%8B%E5%AE%BE%E7%94%B3%E5%8D%9A%2C%E7%94%B3%E5%8D%9Asunbet%2C%E7%94%B3%E5%8D%9A%E6%B3%A8%E5%86%8C%2C%E7%94%B3%E5%8D%9A%E5%A8%B1%E4%B9%90%E5%AE%98%E7%BD%91%E7%BD%91%E7%AB%99&sn=29408
Requested by
Host: cs2.club
URL: http://cs2.club/?index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://cs2.club/?index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Feb 2019 03:09:37 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wpa.qq.com
URL
http://wpa.qq.com/pa?p=2:65425698:52
Domain
js.users.51.la
URL
https://js.users.51.la/19009439.js
Domain
libs.baidu.com
URL
http://libs.baidu.com/jquery/1.4.2/jquery.min.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| V_PATH object| _hmt object| _$ function| $ function| jQuery boolean| _bdhm_loaded_ca562f27195099b179f838c70020268d object| mini_tangram_log_wdp2zw boolean| _bdhm_loaded_268d930a1711a4eff453983100e500db object| mini_tangram_log_1bj176

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cs2.club
hm.baidu.com
js.users.51.la
libs.baidu.com
wpa.qq.com
www.jufutongfeng.com
www.sfdg1.com
js.users.51.la
libs.baidu.com
wpa.qq.com
103.235.46.191
103.74.192.238
144.48.9.143
2606:4700:30::6818:6833
073c9ddf70332179ae55ab8a5c52be6622edd380bc687cac84df758d211861ad
1539668f7273042e0ebb3e1ae6aef1cc27cb59191ad4ba6c985b9d340a653b0f
25759f435a76302e03755bd55f7099825d0b7b7dd3faaa7fa5fac0729764e5c8
29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800
36c7f5f035d66c07a07b6ff184c45e1d0c0402b858253165c586399f98b98007
36f9abbff8fff13fa76bea263b0a4002d5cd970c5201ddbe268d7512d9ad23d6
3ed468532361f4231256f568484d5d303a7cb5f2343af5ae2d2a0b07122f7cb8
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
5ae2b62fe5197aadb4833966d70cd89dfdef109e36aea15422fcc525cbe52675
5cd271c8f535a93eeebe45a79b85dbdba2f26641eb69cf4a26357899b59a4cb3
845fc41ee7d1cf232651a906a7003edbad322a3db7012e7039304dbb29f1629e
8e9443246d3c9c32aa29a13042c5e70925c3dd4a6768380013bd30478c64ff0c
9cd4aa052628f558ef83770aec9087f5ce75e90aadefa83a61b5ae0c62b3e17a
a511b443bcefaa680a944fb18998f3d6829d4b498b91b942b4b71fee1ea460b4
b0285674fd6029168f278e4b938058e3817eedad71bde1aea884a307481d70de
bec2ea228d48b72eea5ab711f087b22f4367f27c593de463461839cbe0fee153
c317dbe3553af5f7829753cd3a769d8557573c120fcf0e1b357c9d3269c782ba
c67ea5c125b9cba22e428d2cc52439b4bc8ea2349bd0b1dfeb9715796bbf6ca0
c864ee32d7cf613b75c5d001780d39e11421bb505aab9523981d6d756ae54110
cc9777435db15f5cdaf8b5734fb6cbccd8367b01379ef1e5b590543770cd1637
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3a4b31a99f92f1f4073bcbb930742c76b6f0e4a09d20fb7b1189ae84e05d278
d61a43e7cc7819943a04d48a1b8d4d6128607ca5f2ff42bd47f59cae239c382f
dd6faf89ac10f16a1a847cbd3e6b02d8c1f11a7dc3c3a7e1cfe980d36a506eaa
de027f171b83b0233fc6097d6df80749445c9f7a7e91f20cedd0725101c46d33
df23449c2e21c5fde99c52481a653c749a935d8e0948a230cf1347a3586cbbd9
ef814273284de6be97b19617483ba1f5132e5629674931557d498ae81c6f671e
fb615bf20357c38e8d98623064c5ade39b3c9a92ce1427dfd806ef88bbf36bcf