Submitted URL: http://028de.com/
Effective URL: http://www.bws68.xyz/222/
Submission Tags: falconsandbox
Submission: On October 12 via api from US — Scanned from DE

Summary

This website contacted 27 IPs in 5 countries across 25 domains to perform 71 HTTP transactions. The main IP is 107.164.146.157, located in United States and belongs to EGIHOSTING, US. The main domain is www.bws68.xyz.
This is the only time www.bws68.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 45.38.149.99 18779 (EGIHOSTING)
6 107.164.146.87 18779 (EGIHOSTING)
10 136.0.56.195 18779 (EGIHOSTING)
1 9 107.164.146.157 18779 (EGIHOSTING)
8 104.22.44.113 13335 (CLOUDFLAR...)
8 104.22.1.86 13335 (CLOUDFLAR...)
1 45.32.84.27 20473 (AS-CHOOPA)
1 172.67.147.153 13335 (CLOUDFLAR...)
2 23.79.145.185 16625 (AKAMAI-AS)
1 172.67.172.77 13335 (CLOUDFLAR...)
1 203.205.239.16 132203 (TENCENT-N...)
2 8.134.16.137 37963 (CNNIC-ALI...)
1 119.8.19.147 135026 (THINKDREA...)
1 2.16.186.192 20940 (AKAMAI-ASN1)
1 172.67.161.228 13335 (CLOUDFLAR...)
1 23.224.92.250 40065 (CNSERVERS)
2 218.12.76.151 4837 (CHINA169-...)
2 183.131.207.66 136190 (CHINATELE...)
2 124.237.176.160 4134 (CHINANET-...)
1 202.189.8.69 4837 (CHINA169-...)
1 163.171.128.148 54994 (QUANTILNE...)
1 47.246.43.179 24429 (TAOBAO Zh...)
1 101.33.10.45 132203 (TENCENT-N...)
1 221.5.75.35 17816 (CHINA169-...)
1 203.205.224.13 132203 (TENCENT-N...)
3 58.218.208.15 4134 (CHINANET-...)
71 27
Domain Requested by
9 www.bws68.xyz 1 redirects www.snmm58.com
www.bws68.xyz
8 ljcdn.comtucdncom.com www.bws68.xyz
8 fmlb.netlbtu.com www.bws68.xyz
6 www.snmm58.com www.028de.com
www.snmm58.com
3 pc.yttycd.com
3 www.028de.com www.028de.com
2 hm.baidu.com www.bws68.xyz
2 ia.51.la www.bws68.xyz
2 js.users.51.la 136.0.56.195
2 tttppp.oss-cn-guangzhou.aliyuncs.com www.bws68.xyz
2 dimg04.c-ctrip.com www.bws68.xyz
1 yd.gxdianhua.com yd.yuanqitu.com
1 5c.tepusi888.cn fv.u1n6ok.cn
1 yd.yuanqitu.com 136.0.56.195
1 fv.u1n6ok.cn 136.0.56.195
1 run.fintechpi.com 136.0.56.195
1 www.govhechi.cn 136.0.56.195
1 img.123456img.com www.bws68.xyz
1 go.imgtata.xyz www.bws68.xyz
1 sc04.alicdn.com www.bws68.xyz
1 aq720.com www.bws68.xyz
1 p.qlogo.cn www.bws68.xyz
1 go.imgdudu.xyz www.bws68.xyz
1 go.imgbaba.xyz www.bws68.xyz
1 78z65m.com www.bws68.xyz
1 028de.com 1 redirects
0 kanjiantu.com Failed www.bws68.xyz
71 27
Subject Issuer Validity Valid
*.comtucdncom.com
R3
2021-09-09 -
2021-12-08
3 months crt.sh
78z65m.com
Sectigo RSA Domain Validation Secure Server CA
2021-08-21 -
2022-08-21
a year crt.sh
*.imgbaba.xyz
R3
2021-10-02 -
2021-12-31
3 months crt.sh
trip.com
DigiCert SHA2 Secure Server CA
2021-09-27 -
2022-09-27
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-08 -
2022-09-07
a year crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G2
2021-04-26 -
2022-05-28
a year crt.sh
*.oss-cn-shenzhen.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2
2021-01-25 -
2022-02-26
a year crt.sh
*.alicdn.com
DigiCert SHA2 Secure Server CA
2021-02-26 -
2022-02-28
a year crt.sh
*.imgtata.xyz
R3
2021-10-11 -
2022-01-09
3 months crt.sh
img.123456img.com
TrustAsia TLS RSA CA
2021-09-03 -
2022-09-02
a year crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020
2020-08-27 -
2022-04-19
2 years crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2021-07-01 -
2022-08-02
a year crt.sh
govhechi.cn
TrustAsia TLS RSA CA
2021-06-07 -
2022-06-06
a year crt.sh
run.fintechpi.com
Encryption Everywhere DV TLS CA - G1
2021-05-14 -
2022-05-14
a year crt.sh
fv.u1n6ok.cn
TrustAsia TLS RSA CA
2021-08-17 -
2022-08-16
a year crt.sh
5c.tepusi888.cn
TrustAsia TLS RSA CA
2021-09-27 -
2022-09-26
a year crt.sh
yd.gxdianhua.com
TrustAsia TLS RSA CA
2021-03-31 -
2022-03-30
a year crt.sh
pc.yttycd.com
Encryption Everywhere DV TLS CA - G1
2021-10-02 -
2022-10-02
a year crt.sh

This page contains 1 frames:

Primary Page: http://www.bws68.xyz/222/
Frame ID: 98C5DB532F86D7AB24473311F8D5074C
Requests: 71 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://028de.com/ HTTP 301
    http://www.028de.com/index.php Page URL
  2. http://www.snmm58.com/ Page URL
  3. http://www.bws68.xyz/222 HTTP 301
    http://www.bws68.xyz/222/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

71
Requests

44 %
HTTPS

0 %
IPv6

25
Domains

27
Subdomains

27
IPs

5
Countries

8026 kB
Transfer

8340 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://028de.com/ HTTP 301
    http://www.028de.com/index.php Page URL
  2. http://www.snmm58.com/ Page URL
  3. http://www.bws68.xyz/222 HTTP 301
    http://www.bws68.xyz/222/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://028de.com/ HTTP 301
  • http://www.028de.com/index.php

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
index.php
www.028de.com/
Redirect Chain
  • http://028de.com/
  • http://www.028de.com/index.php
2 KB
799 B
Document
General
Full URL
http://www.028de.com/index.php
Protocol
HTTP/1.1
Server
45.38.149.99 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
1324509e73e33647fef09dea54cb0d72fe382a6c455148e26f7fb36fce10ff94

Request headers

Host
www.028de.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 12 Oct 2021 22:10:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 12 Oct 2021 22:10:32 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Location
http://www.028de.com/index.php
common.js
www.028de.com/
2 KB
904 B
Script
General
Full URL
http://www.028de.com/common.js
Requested by
Host: www.028de.com
URL: http://www.028de.com/index.php
Protocol
HTTP/1.1
Server
45.38.149.99 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
fbe44263690766131dea5a37fe025a1e9f1ea25f0073e45a566a35c00c4f7553

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.028de.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.028de.com/index.php
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.028de.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:10:32 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.028de.com/
260 B
416 B
Script
General
Full URL
http://www.028de.com/tj.js
Requested by
Host: www.028de.com
URL: http://www.028de.com/index.php
Protocol
HTTP/1.1
Server
45.38.149.99 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.028de.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.028de.com/index.php
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.028de.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:10:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
260
Content-Type
application/x-javascript
/
www.snmm58.com/
7 KB
2 KB
Document
General
Full URL
http://www.snmm58.com/
Requested by
Host: www.028de.com
URL: http://www.028de.com/common.js
Protocol
HTTP/1.1
Server
107.164.146.87 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Host
www.snmm58.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.028de.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.028de.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Mon, 11 Oct 2021 16:41:42 GMT
Accept-Ranges
bytes
ETag
"027b2debebed71:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Date
Tue, 12 Oct 2021 22:12:14 GMT
Content-Length
1680
111.css
www.snmm58.com/css/
2 KB
1 KB
Stylesheet
General
Full URL
http://www.snmm58.com/css/111.css
Requested by
Host: www.snmm58.com
URL: http://www.snmm58.com/
Protocol
HTTP/1.1
Server
107.164.146.87 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.snmm58.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.snmm58.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.snmm58.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 14:15:04 GMT
Server
Microsoft-IIS/8.5
ETag
"7318f1eee6cd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
945
222.css
www.snmm58.com/css/
152 KB
21 KB
Stylesheet
General
Full URL
http://www.snmm58.com/css/222.css
Requested by
Host: www.snmm58.com
URL: http://www.snmm58.com/
Protocol
HTTP/1.1
Server
107.164.146.87 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.snmm58.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.snmm58.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.snmm58.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 14:15:09 GMT
Server
Microsoft-IIS/8.5
ETag
"80d4a2f1e6cd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
20974
333.css
www.snmm58.com/css/
2 KB
1 KB
Stylesheet
General
Full URL
http://www.snmm58.com/css/333.css
Requested by
Host: www.snmm58.com
URL: http://www.snmm58.com/
Protocol
HTTP/1.1
Server
107.164.146.87 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.snmm58.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.snmm58.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.snmm58.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 14:14:58 GMT
Server
Microsoft-IIS/8.5
ETag
"b9c030ebe6cd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
860
444.css
www.snmm58.com/css/
4 KB
1 KB
Stylesheet
General
Full URL
http://www.snmm58.com/css/444.css
Requested by
Host: www.snmm58.com
URL: http://www.snmm58.com/
Protocol
HTTP/1.1
Server
107.164.146.87 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.snmm58.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.snmm58.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.snmm58.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 14:15:01 GMT
Server
Microsoft-IIS/8.5
ETag
"8020deece6cd61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
935
222.jpg
www.snmm58.com/css/
11 KB
11 KB
Image
General
Full URL
http://www.snmm58.com/css/222.jpg
Requested by
Host: www.snmm58.com
URL: http://www.snmm58.com/
Protocol
HTTP/1.1
Server
107.164.146.87 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.snmm58.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.snmm58.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.snmm58.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Last-Modified
Tue, 07 Apr 2020 14:15:15 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"ca9336f5e6cd61:0"
Content-Length
10800
Content-Type
image/jpeg
tj.js
136.0.56.195/
218 B
508 B
Script
General
Full URL
http://136.0.56.195/tj.js
Requested by
Host: www.snmm58.com
URL: http://www.snmm58.com/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.snmm58.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 07:08:38 GMT
Server
Microsoft-IIS/8.5
ETag
"7057db613688d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
224
xuanfu.js
136.0.56.195/
1 KB
926 B
Script
General
Full URL
http://136.0.56.195/xuanfu.js
Requested by
Host: www.snmm58.com
URL: http://www.snmm58.com/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.snmm58.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Oct 2021 09:04:19 GMT
Server
Microsoft-IIS/8.5
ETag
"2ad4342448bfd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
642
Primary Request /
www.bws68.xyz/222/
Redirect Chain
  • http://www.bws68.xyz/222
  • http://www.bws68.xyz/222/
20 KB
6 KB
Document
General
Full URL
http://www.bws68.xyz/222/
Requested by
Host: www.snmm58.com
URL: http://www.snmm58.com/
Protocol
HTTP/1.1
Server
107.164.146.157 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / PHP/7.1.33
Resource Hash
3060d4b082f1d15e158f81fcfd7d59ee2b476bbfe31f11e7d983d118b238cbb7

Request headers

Host
www.bws68.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.snmm58.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.snmm58.com/

Response headers

Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
PHP/7.1.33
Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Length
6207

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
http://www.bws68.xyz/222/
Server
Microsoft-IIS/8.5
Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Length
148
ate.css
www.bws68.xyz/222/template/99uuuu/css/
74 KB
5 KB
Stylesheet
General
Full URL
http://www.bws68.xyz/222/template/99uuuu/css/ate.css
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
107.164.146.157 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bws68.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.bws68.xyz/222/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/222/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 15:04:12 GMT
Server
Microsoft-IIS/8.5
ETag
"0be88412d35d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4498
zui.css
www.bws68.xyz/222/template/99uuuu/css/
84 KB
15 KB
Stylesheet
General
Full URL
http://www.bws68.xyz/222/template/99uuuu/css/zui.css
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
107.164.146.157 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bws68.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.bws68.xyz/222/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/222/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 15:04:13 GMT
Server
Microsoft-IIS/8.5
ETag
"805421422d35d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
15351
1.js
136.0.56.195/
6 KB
2 KB
Script
General
Full URL
http://136.0.56.195/1.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b926f363c5b185aea65cbc1ff94035f54dd4a51ff95829cc105d34c9feb4ec9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Oct 2021 07:37:53 GMT
Server
Microsoft-IIS/8.5
ETag
"80de4be672bed71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1325
dh.js
136.0.56.195/
5 KB
1022 B
Script
General
Full URL
http://136.0.56.195/dh.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6f27883cf686354b9ac8b8f286bd88e331a07ee09163d19500f4b45fb56f8f62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Oct 2021 08:10:58 GMT
Server
Microsoft-IIS/8.5
ETag
"0d5728577bed71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
739
2.js
136.0.56.195/
2 KB
1 KB
Script
General
Full URL
http://136.0.56.195/2.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
c7928a01936039ba697426b65b30bdfdd43ee6d817d777a02b45a8cf1eb9e038

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Oct 2021 15:47:46 GMT
Server
Microsoft-IIS/8.5
ETag
"d345e0d65bbcd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
747
dmm14580.jpg
fmlb.netlbtu.com/images/2021/10/6/
103 KB
104 KB
Image
General
Full URL
http://fmlb.netlbtu.com/images/2021/10/6/dmm14580.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
104.22.44.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327ba1de5bff58a1420779d4ef70da72ebdeb59bb6d55382a7e65c27970ea64a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
CF-Cache-Status
REVALIDATED
Cf-Bgj
imgq:85,h2pri
Server
cloudflare
ETag
"4c64bf21eb9d71:0"
Vary
Accept
Content-Type
image/webp
Cache-Control
max-age=31536000
Cf-Polished
qual=85, origFmt=jpeg, origSize=143368
Last-Modified
Mon, 04 Oct 2021 12:54:19 GMT
Content-Disposition
inline; filename="dmm14580.webp"
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
69d3ab327d623237-FRA
Content-Length
105904
dmm14579.jpg
fmlb.netlbtu.com/images/2021/10/6/
154 KB
154 KB
Image
General
Full URL
http://fmlb.netlbtu.com/images/2021/10/6/dmm14579.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
104.22.44.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42745aa766ef6269ebb366f21cd265d64009a86f8f27aba32dca6baecad18171

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
CF-Cache-Status
REVALIDATED
Cf-Bgj
imgq:85,h2pri
Server
cloudflare
ETag
"1dda3ff21eb9d71:0"
Vary
Accept
Content-Type
image/webp
Cache-Control
max-age=31536000
Cf-Polished
qual=85, origFmt=jpeg, origSize=182999
Last-Modified
Mon, 04 Oct 2021 12:54:19 GMT
Content-Disposition
inline; filename="dmm14579.webp"
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
69d3ab326a92430f-FRA
Content-Length
157366
dmm14578.jpg
fmlb.netlbtu.com/images/2021/10/6/
109 KB
109 KB
Image
General
Full URL
http://fmlb.netlbtu.com/images/2021/10/6/dmm14578.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
104.22.44.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd31cae43ca1e37750f87de2e4a4d76a49fb733693db1cb08aa193e0bffc1a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
CF-Cache-Status
REVALIDATED
Cf-Bgj
imgq:85,h2pri
Server
cloudflare
ETag
"21b338f21eb9d71:0"
Vary
Accept
Content-Type
image/webp
Cache-Control
max-age=31536000
Cf-Polished
qual=85, origFmt=jpeg, origSize=142666
Last-Modified
Mon, 04 Oct 2021 12:54:19 GMT
Content-Disposition
inline; filename="dmm14578.webp"
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
69d3ab326b4f6919-FRA
Content-Length
111508
dmm14576.jpg
fmlb.netlbtu.com/images/2021/10/6/
161 KB
161 KB
Image
General
Full URL
http://fmlb.netlbtu.com/images/2021/10/6/dmm14576.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
104.22.44.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a792bdb2e0350d24020afa052f437c802111200b6cacd5b9a3ea57d5c02cca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
CF-Cache-Status
REVALIDATED
Cf-Bgj
imgq:85,h2pri
Server
cloudflare
ETag
"b3161cf21eb9d71:0"
Vary
Accept
Content-Type
image/webp
Cache-Control
max-age=31536000
Cf-Polished
qual=85, origFmt=jpeg, origSize=219357
Last-Modified
Mon, 04 Oct 2021 12:54:19 GMT
Content-Disposition
inline; filename="dmm14576.webp"
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
69d3ab3269524a86-FRA
Content-Length
164352
dmm14574.jpg
fmlb.netlbtu.com/images/2021/10/6/
172 KB
172 KB
Image
General
Full URL
http://fmlb.netlbtu.com/images/2021/10/6/dmm14574.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
104.22.44.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70d84d27622cbd8c6bd473c3ba136d3404fdfe9ab5b3c5c051bf2352a9af173

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Mon, 04 Oct 2021 12:54:19 GMT
Server
cloudflare
ETag
"1c66bf21eb9d71:0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Cf-Polished
degrade=85, origSize=209123, status=webp_bigger
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
69d3ab327be3697f-FRA
Content-Length
176034
Cf-Bgj
imgq:85,h2pri
dmm14573.jpg
fmlb.netlbtu.com/images/2021/10/6/
149 KB
149 KB
Image
General
Full URL
http://fmlb.netlbtu.com/images/2021/10/6/dmm14573.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
104.22.44.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d4265169425196e855acaa22fd1053306f2c756391a5fea17b731c54c96ee1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
CF-Cache-Status
HIT
Age
291
Cf-Polished
qual=85, origFmt=jpeg, origSize=178251
Content-Disposition
inline; filename="dmm14573.webp"
Connection
keep-alive
Content-Length
152414
Last-Modified
Mon, 04 Oct 2021 12:54:18 GMT
Server
cloudflare
ETag
"5967ecf11eb9d71:0"
Vary
Accept
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
69d3ab326de56904-FRA
Cf-Bgj
imgq:85,h2pri
dmm14572.jpg
fmlb.netlbtu.com/images/2021/10/6/
130 KB
130 KB
Image
General
Full URL
http://fmlb.netlbtu.com/images/2021/10/6/dmm14572.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
104.22.44.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daf94497d786ee53152b325e7cb60ca369df2799f7539b1895abecd4ae8f3077

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
CF-Cache-Status
REVALIDATED
Cf-Bgj
imgq:85,h2pri
Server
cloudflare
ETag
"fd4eaf11eb9d71:0"
Vary
Accept
Content-Type
image/webp
Cache-Control
max-age=31536000
Cf-Polished
qual=85, origFmt=jpeg, origSize=183056
Last-Modified
Mon, 04 Oct 2021 12:54:18 GMT
Content-Disposition
inline; filename="dmm14572.webp"
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
69d3ab32ae5f6904-FRA
Content-Length
132628
dmm14570.jpg
fmlb.netlbtu.com/images/2021/10/6/
159 KB
160 KB
Image
General
Full URL
http://fmlb.netlbtu.com/images/2021/10/6/dmm14570.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
104.22.44.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dc704c6a9faaab6b002b9e35fcb9fb2fba6a850ffe9d5485fa090964244083

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
CF-Cache-Status
HIT
Age
7028
Cf-Polished
qual=85, origFmt=jpeg, origSize=221305
Content-Disposition
inline; filename="dmm14570.webp"
Connection
keep-alive
Content-Length
163024
Last-Modified
Mon, 04 Oct 2021 12:54:18 GMT
Server
cloudflare
ETag
"11b7dbf11eb9d71:0"
Vary
Accept
Content-Type
image/webp
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
69d3ab346ef63237-FRA
Cf-Bgj
imgq:85,h2pri
ed6e0022d3bab1af8904ec042968ce91.jpg
ljcdn.comtucdncom.com/upload/vod/20211011-1/
186 KB
187 KB
Image
General
Full URL
https://ljcdn.comtucdncom.com/upload/vod/20211011-1/ed6e0022d3bab1af8904ec042968ce91.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070208cf6c27e1bdeb854be6a8007400df828d4dc0c6d036d1edb0a57e36f373

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:16 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Oct 2021 01:03:18 GMT
server
cloudflare
age
162064
etag
"61638d56-2e8dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 10 Nov 2021 01:07:39 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab328b224303-FRA
content-length
190685
cf-bgj
h2pri
4e80660ddbcbf018f3f10f1021dbef1a.jpg
ljcdn.comtucdncom.com/upload/vod/20211011-1/
163 KB
164 KB
Image
General
Full URL
https://ljcdn.comtucdncom.com/upload/vod/20211011-1/4e80660ddbcbf018f3f10f1021dbef1a.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f553d1586da9197f56a9934f4016bcd0ff941a1778c044703baba15c81553268

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:16 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Oct 2021 01:03:19 GMT
server
cloudflare
age
162064
etag
"61638d57-28dfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 10 Nov 2021 01:07:39 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab328b234303-FRA
content-length
167422
cf-bgj
h2pri
eca17d528d2d2b35556e3810d39ecc5d.jpg
ljcdn.comtucdncom.com/upload/vod/20211011-1/
167 KB
168 KB
Image
General
Full URL
https://ljcdn.comtucdncom.com/upload/vod/20211011-1/eca17d528d2d2b35556e3810d39ecc5d.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ce73bcfab9bb1856d09bae6750af8d2661f2ed54ee39558f329217b1df5b25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:16 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Oct 2021 01:03:21 GMT
server
cloudflare
age
162064
etag
"61638d59-29c7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 10 Nov 2021 01:07:39 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab328b244303-FRA
content-length
171130
cf-bgj
h2pri
2e74846af148fadb34527de9ca53bd5f.jpg
ljcdn.comtucdncom.com/upload/vod/20211011-1/
170 KB
170 KB
Image
General
Full URL
https://ljcdn.comtucdncom.com/upload/vod/20211011-1/2e74846af148fadb34527de9ca53bd5f.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af4c0f15033084f3f228b6ea9827bd894583e0b680e3dab6e25a60a1a0fae78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:16 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Oct 2021 01:03:22 GMT
server
cloudflare
age
162064
etag
"61638d5a-2a658"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 10 Nov 2021 01:07:39 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab32bb7d4303-FRA
content-length
173656
cf-bgj
h2pri
811ec3e8ffee1b7ddec8c5af840cbc35.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/
164 KB
164 KB
Image
General
Full URL
https://ljcdn.comtucdncom.com/upload/vod/20211010-1/811ec3e8ffee1b7ddec8c5af840cbc35.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f270af47b2eafb2355f4a3016db6302ed936d890deeba887ccbba79f69fa3cb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:16 GMT
cf-cache-status
HIT
last-modified
Sun, 10 Oct 2021 01:09:01 GMT
server
cloudflare
age
247109
etag
"61623d2d-28f58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 09 Nov 2021 01:30:17 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab32bb7f4303-FRA
content-length
167768
cf-bgj
h2pri
efcafd8ea90690a8e5b9ec26998fd783.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/
203 KB
204 KB
Image
General
Full URL
https://ljcdn.comtucdncom.com/upload/vod/20211010-1/efcafd8ea90690a8e5b9ec26998fd783.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbcde5a7922c92f410e73c931e3d9ba18dc95790d793607303b7ccb357529820

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:16 GMT
cf-cache-status
HIT
last-modified
Sun, 10 Oct 2021 01:09:03 GMT
server
cloudflare
age
247105
etag
"61623d2f-32c8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 09 Nov 2021 01:30:21 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab32bb804303-FRA
content-length
208011
cf-bgj
h2pri
3620f4ae03dfb68583ba236b8a1acdad.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/
155 KB
155 KB
Image
General
Full URL
https://ljcdn.comtucdncom.com/upload/vod/20211010-1/3620f4ae03dfb68583ba236b8a1acdad.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac5ff23c9679e56dfc763e9a7c9870c8ff01cb306442f12e553832c81bee52e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:16 GMT
cf-cache-status
HIT
last-modified
Sun, 10 Oct 2021 01:09:04 GMT
server
cloudflare
age
247101
etag
"61623d30-26adb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 09 Nov 2021 01:30:25 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab32bb824303-FRA
content-length
158427
cf-bgj
h2pri
482fa7f980b2f9f013ce31db9ae88855.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/
178 KB
178 KB
Image
General
Full URL
https://ljcdn.comtucdncom.com/upload/vod/20211010-1/482fa7f980b2f9f013ce31db9ae88855.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.1.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
458700fe9550f150829233db1f66dcc11cf2cc153df2fb2c677bc162c8a17a00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:16 GMT
cf-cache-status
HIT
last-modified
Sun, 10 Oct 2021 01:09:05 GMT
server
cloudflare
age
247097
etag
"61623d31-2c798"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 09 Nov 2021 01:30:29 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab32bb844303-FRA
content-length
182168
cf-bgj
h2pri
3.js
www.bws68.xyz/js/
0
0
Script
General
Full URL
http://www.bws68.xyz/js/3.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
107.164.146.157 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bws68.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.bws68.xyz/222/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/222/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Server
Microsoft-IIS/8.5
Content-Length
1163
Content-Type
text/html
4.js
www.bws68.xyz/js/
0
0
Script
General
Full URL
http://www.bws68.xyz/js/4.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
107.164.146.157 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bws68.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.bws68.xyz/222/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/222/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Server
Microsoft-IIS/8.5
Content-Length
1163
Content-Type
text/html
4.js
136.0.56.195/
2 KB
1 KB
Script
General
Full URL
http://136.0.56.195/4.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
df127c4cfda1e8a3dc5b73b69a7d50007b91994b69b1cf3c97a4cdc72dad5a32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 10:38:27 GMT
Server
Microsoft-IIS/8.5
ETag
"1bf2c24de7b5d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
807
duilian.js
136.0.56.195/
0
0
Script
General
Full URL
http://136.0.56.195/duilian.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

tj.js
136.0.56.195/
218 B
508 B
Script
General
Full URL
http://136.0.56.195/tj.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
ad20ba3b36c39b5cb4e2342323beefecd4ab885fd63b9ffc1c5f94eb6ed728b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 07:08:38 GMT
Server
Microsoft-IIS/8.5
ETag
"7057db613688d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
224
xuanfu.js
136.0.56.195/
1 KB
926 B
Script
General
Full URL
http://136.0.56.195/xuanfu.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
2e68040d1f0b1e2ce790b679a807f6d41eeb02760f0263754e54634837d7845a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Oct 2021 09:04:19 GMT
Server
Microsoft-IIS/8.5
ETag
"2ad4342448bfd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
642
726cdc7aba474f6cb3fee5a8069fd85a.gif
78z65m.com/
914 KB
915 KB
Image
General
Full URL
https://78z65m.com/726cdc7aba474f6cb3fee5a8069fd85a.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.84.27 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.84.27.vultr.com
Software
nginx /
Resource Hash
f99a7864e2bc32097733fce9eb80ac701acc62274001919bbeca4e6afe9c5594

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 05:23:23 GMT
last-modified
Wed, 15 Sep 2021 14:09:47 GMT
server
nginx
etag
"6141feab-e47d9"
x-cache
HIT from vultr-la6-g01-yd11-02-0013
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
935897
eFsJ.gif
go.imgbaba.xyz/2021/09/18/
313 KB
314 KB
Image
General
Full URL
https://go.imgbaba.xyz/2021/09/18/eFsJ.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.147.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69862bf61a1b6fce20c1b0bde252805f3290e1e3a862c5184feded72f8d7f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:17 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
320216
last-modified
Sat, 18 Sep 2021 11:25:31 GMT
server
cloudflare
etag
"6145ccab-4e2d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYFp53H29eOQcDjqJoWUq5IdgtQ7Aj1KBmdx0KehV48GozCysV1AVcebrOF1yYa9qrffMsSngfZSk821C2OS6YxDXhTZof4KDI9OogaCATDajojA7Raq%2Fp3kwYEfi3zi%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab368b30277c-PRG
expires
Thu, 11 Nov 2021 22:12:17 GMT
0391s120008pcq75x5CF5.gif
dimg04.c-ctrip.com/images/
760 KB
762 KB
Image
General
Full URL
https://dimg04.c-ctrip.com/images/0391s120008pcq75x5CF5.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.145.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-145-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e7d7123fddb1a3abdef8fe3117d2b8e5e4650a87e3c8b752dec007001ad8a2b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:17 GMT
last-modified
Tue, 01 Jun 2021 06:13:20 GMT
access-control-allow-methods
GET,POST,PUT,OPTIONS,HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=4005238
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept
content-length
778206
expires
Sun, 28 Nov 2021 06:46:15 GMT
0395v120008pcpgou6007.gif
dimg04.c-ctrip.com/images/
738 KB
740 KB
Image
General
Full URL
https://dimg04.c-ctrip.com/images/0395v120008pcpgou6007.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.145.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-145-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1725ab4fcfb53f814e0e8cd04a9f34647cf2d0d5e54232c9887a153400c7c128

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:17 GMT
last-modified
Tue, 01 Jun 2021 06:10:28 GMT
access-control-allow-methods
GET,POST,PUT,OPTIONS,HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=4003239
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept
content-length
755649
expires
Sun, 28 Nov 2021 06:12:56 GMT
oEW.gif
go.imgdudu.xyz/2021/09/14/
433 KB
434 KB
Image
General
Full URL
https://go.imgdudu.xyz/2021/09/14/oEW.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eced968075b04e632d135e49313b5b10cabb07c95a0a34af7fc12d0ebd25391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71008
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
443053
last-modified
Tue, 14 Sep 2021 15:29:58 GMT
server
cloudflare
etag
"6140bff6-6c2ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWuAVRuKfmOY8%2BH%2BbR6r5qkZUYssU2oiySB9k%2B8j1ktKWTLaROlrw%2FYFQbI7zp8XkmlSuVLr6npfq1NC%2FGG3TSMAZ%2BqJ1amxBq3jkjicM%2BpCl%2BQFxFR597IENu2Q3RjCEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab368999410d-PRG
expires
Thu, 11 Nov 2021 02:28:48 GMT
0
p.qlogo.cn/qqmail_head/PiajxSqBRaEJV1qNadEsBvC3o1y2gGSRVDpV8eUlfFVXQ3KqTKSBj3UqOPXqhezp5jogkTQ2eIdc/
304 KB
304 KB
Image
General
Full URL
https://p.qlogo.cn/qqmail_head/PiajxSqBRaEJV1qNadEsBvC3o1y2gGSRVDpV8eUlfFVXQ3KqTKSBj3UqOPXqhezp5jogkTQ2eIdc/0
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.239.16 , China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Qnginx/1.4.4 /
Resource Hash
709612cb4c7024584503ce76b41f8fdc36337ecd11eea23b7ba7ae5a1cb7e381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-datasrc
2
date
Tue, 12 Oct 2021 22:11:39 GMT
size
310785
content-length
310785
x-info
real data
x-reqgue
0
user-returncode
0
fid
0
last-modified
Tue, 27 Jul 2021 14:49:47 GMT
server
Qnginx/1.4.4
x-cpt
filename=0
vary
Accept,Origin
chid
0
x-delay
25506 us
cache-control
max-age=2592000
x-bcheck
0_1
x-nws-log-uuid
1b8e888e-3e51-489c-b695-474801bf8ea7
content-type
image/gif
ky_960_120.gif
tttppp.oss-cn-guangzhou.aliyuncs.com/img/
237 KB
237 KB
Image
General
Full URL
https://tttppp.oss-cn-guangzhou.aliyuncs.com/img/ky_960_120.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.134.16.137 Guangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b418b06b1639e24d8d0885f9fe7860fdfa914aefa3d1df5f69743a37db188c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Tue, 12 Oct 2021 22:12:17 GMT
x-oss-request-id
61660841A7C6F73837D6B090
Last-Modified
Mon, 07 Jun 2021 06:01:07 GMT
Server
AliyunOSS
Content-MD5
1IBSFuZZ4C6lwBjN4bTmZg==
ETag
"D4805216E659E02EA5C018CDE1B4E666"
Content-Type
image/gif
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
2335921041100246570
Content-Length
242405
x-oss-server-time
0
aVM7uI.gif
kanjiantu.com/images/2021/09/13/
0
0

980.8.gif
aq720.com/1/
63 KB
63 KB
Image
General
Full URL
http://aq720.com/1/980.8.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
119.8.19.147 , Hong Kong, ASN135026 (THINKDREAM-AS-AP ThinkDream Technology Limited, HK),
Reverse DNS
ecs-119-8-19-147.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
0b1a5f25d9c720f2bb03c81ac0d5829d98607b3a0b0e4d33c047789e3accd725

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:11:48 GMT
Last-Modified
Tue, 05 Oct 2021 04:18:19 GMT
Server
nginx
ETag
"615bd20b-fabc"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64188
Expires
Thu, 11 Nov 2021 22:11:48 GMT
U205e9ea4d7d94579a8945f36e147767fs.jpg
sc04.alicdn.com/kf/U205e9ea4d7d94579a8945f36e147767fs/7006108197/
547 KB
549 KB
Image
General
Full URL
https://sc04.alicdn.com/kf/U205e9ea4d7d94579a8945f36e147767fs/7006108197/U205e9ea4d7d94579a8945f36e147767fs.jpg
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.192 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-192.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
9bcaf9c6116d418343d057524e58ffacc68138db407cc75f395934ebb4f75902
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=0
x-swift-cachetime
86400001
x-swift-savetime
Tue, 28 Sep 2021 03:21:35 GMT
content-length
560311
access-control-allow-origin
*
last-modified
Tue, 28 Sep 2021 03:18:25 GMT
server
Tengine
date
Tue, 12 Oct 2021 22:12:17 GMT
ali-swift-global-savetime
1632799296
content-type
image/jpeg
traceid
2ff6149816327992958463377e
cache-control
max-age=85122609
served-from
23.62.98.63
timing-allow-origin
*, *, *
network_info
DE_FRANKFURT_33438
eagleid
2ff6149816327992958463377e
eagleeye-traceid
2ff6149816327992958463377e
expires
Mon, 24 Jun 2024 03:22:26 GMT
VET7x.gif
go.imgtata.xyz/2021/09/02/
382 KB
383 KB
Image
General
Full URL
https://go.imgtata.xyz/2021/09/02/VET7x.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.161.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40aa943a34bddff097ac8c3923562ca5e7d312c6da4a94f11cf8de98be3b7d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:17 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
391505
last-modified
Thu, 02 Sep 2021 08:05:21 GMT
server
cloudflare
etag
"613085c1-5f951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCCyN9kdpEJUNyeF%2FMsKRcd5bDxDENq7PtX260rdswD6HVPoTzAV%2F%2FliuNZnt%2BnwRKyUFjh8GsKOHz7%2BYov5W6R72TPh29vKABlpDSyNa9IR3mVmnk8uWE%2FSAnGpRBjwaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69d3ab36bcd4411a-PRG
expires
Thu, 11 Nov 2021 22:12:17 GMT
ky_960_60.gif
tttppp.oss-cn-guangzhou.aliyuncs.com/img/
170 KB
170 KB
Image
General
Full URL
https://tttppp.oss-cn-guangzhou.aliyuncs.com/img/ky_960_60.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.134.16.137 Guangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d33ce62c203e646ae72e379370df770446f8687788ab23116ca1bea162059672

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Tue, 12 Oct 2021 22:12:17 GMT
x-oss-request-id
61660841A7C6F73737DCB090
Last-Modified
Mon, 07 Jun 2021 06:01:06 GMT
Server
AliyunOSS
Content-MD5
rB/uSqzPSD01X1DvimBSMA==
ETag
"AC1FEE4AACCF483D355F50EF8A605230"
Content-Type
image/gif
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
2774213355202589588
Content-Length
173866
x-oss-server-time
0
960-85.gif
img.123456img.com/
395 KB
395 KB
Image
General
Full URL
https://img.123456img.com:3366/960-85.gif
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.224.92.250 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
e8b2cdbb1a97710814af9d2e0b69c9c7527215eecb67ae2b5893fda518930f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:17 GMT
Last-Modified
Fri, 03 Sep 2021 15:21:36 GMT
Server
Tengine
ETag
"61323d80-62b5b"
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Cache
hit
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
404315
video-play.png
www.bws68.xyz/222/template/99uuuu/images/
2 KB
2 KB
Image
General
Full URL
http://www.bws68.xyz/222/template/99uuuu/images/video-play.png
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/template/99uuuu/css/zui.css
Protocol
HTTP/1.1
Server
107.164.146.157 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bws68.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.bws68.xyz/222/template/99uuuu/css/zui.css
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/222/template/99uuuu/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
Last-Modified
Sun, 24 Jan 2021 07:28:46 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"4081698d22f2d61:0"
Content-Length
1567
Content-Type
image/png
3.js
www.bws68.xyz/js/
0
0
Script
General
Full URL
http://www.bws68.xyz/js/3.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
107.164.146.157 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bws68.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.bws68.xyz/222/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/222/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
Server
Microsoft-IIS/8.5
Content-Length
1163
Content-Type
text/html
4.js
www.bws68.xyz/js/
0
0
Script
General
Full URL
http://www.bws68.xyz/js/4.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
107.164.146.157 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.bws68.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.bws68.xyz/222/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/222/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:16 GMT
Server
Microsoft-IIS/8.5
Content-Length
1163
Content-Type
text/html
duilian.js
136.0.56.195/
0
0
Script
General
Full URL
http://136.0.56.195/duilian.js
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
136.0.56.195 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

20488409.js
js.users.51.la/
5 KB
6 KB
Script
General
Full URL
https://js.users.51.la/20488409.js
Requested by
Host: 136.0.56.195
URL: http://136.0.56.195/tj.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
218.12.76.151 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
eb156803055e7b7cfff2118cd6ab244defaf1bcce88117c5454f6694cd54b84c

Request headers

Referer
http://www.bws68.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

nginx-hit
1
Date
Tue, 12 Oct 2021 22:12:18 GMT
via
CHN-HEshijiazhuang-AREACUCC1-CACHE27[3],CHN-HEshijiazhuang-AREACUCC1-CACHE50[0,TCP_HIT,2],CHN-SH-GLOBAL1-CACHE31[3],CHN-SH-GLOBAL1-CACHE112[0,TCP_HIT,1]
X-CCDN-CacheTTL
86400
Age
1571578
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
request-id
00000179D0F6A47A90560DC1A66625CE
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length
4898
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSxRklUdQ2G6yTdLML0t5xYmGqBohZCx
Last-Modified
Mon Nov 18 10:34:02 CST 2019
Server
openresty
ETag
"e20aab5fd3e7bac07613d0927863b554"
Content-Type
application/javascript;charset=UTF-8
version-id
G001116E7C5C1ED3FFFF905109B7CE04
Accept-Ranges
bytes
x-hcs-proxy-type
1
20424283.js
js.users.51.la/
5 KB
6 KB
Script
General
Full URL
https://js.users.51.la/20424283.js
Requested by
Host: 136.0.56.195
URL: http://136.0.56.195/tj.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
218.12.76.151 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
bd04d2a99b213edd9254ea5adc5d7cd63e386c3efacd4c08bdb0c5f0496967d6

Request headers

Referer
http://www.bws68.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

nginx-hit
1
Date
Tue, 12 Oct 2021 22:12:18 GMT
via
CHN-HEshijiazhuang-AREACUCC1-CACHE1[3],CHN-HEshijiazhuang-AREACUCC1-CACHE44[0,TCP_HIT,2],CHN-SH-GLOBAL1-CACHE111[108],CHN-SH-GLOBAL1-CACHE166[101,TCP_MISS,106]
X-CCDN-CacheTTL
86400
Age
11368244
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
request-id
00000179D0F6A1B494173AC6A903AE15
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length
4898
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS+mn5tqVRTleY/f8PvWztPgKKtJyOGW
Last-Modified
Mon Oct 21 14:18:35 CST 2019
Server
openresty
ETag
"62fd5753baa1ae55fa8bb22015ebbb78"
Content-Type
application/javascript;charset=UTF-8
version-id
G001116DECF7A5D5FFFF90511E602603
Accept-Ranges
bytes
x-hcs-proxy-type
1
go1
ia.51.la/
0
215 B
Image
General
Full URL
http://ia.51.la/go1?id=20488409&rt=1634076738531&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=www.bws99.xyz&ing=1&ekc=&sid=1634076738531&tt=&kw=&cu=http%253A%252F%252Fwww.bws68.xyz%252F222%252F&pu=http%253A%252F%252Fwww.snmm58.com%252F
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:19 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
go1
ia.51.la/
0
215 B
Image
General
Full URL
http://ia.51.la/go1?id=20424283&rt=1634076738818&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=www.bws99.xyz&ing=2&ekc=&sid=1634076738818&tt=&kw=&cu=http%253A%252F%252Fwww.bws68.xyz%252F222%252F&pu=http%253A%252F%252Fwww.snmm58.com%252F
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Server
183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:19 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
hm.js
hm.baidu.com/
39 KB
14 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.237.176.160 Beijing, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
35409c688537167874f9f1cc99ee8d400256ce7228220ceb011a9555950efc47
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 22:12:19 GMT
Content-Encoding
gzip
Server
apache
Etag
afc8392322884c75fa1b1e346079069c
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13947
x-495-34.js
www.govhechi.cn/ty/
26 B
354 B
Script
General
Full URL
https://www.govhechi.cn:4443/ty/x-495-34.js
Requested by
Host: 136.0.56.195
URL: http://136.0.56.195/xuanfu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.189.8.69 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
tengine /
Resource Hash
bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.bws68.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 12 Oct 2021 22:12:19 GMT
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 22:12:19 GMT
server
tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900
strict-transport-security
max-age=31536000
expires
Tue, 12 Oct 2021 22:27:19 GMT
6340829812892
run.fintechpi.com/
23 B
296 B
Script
General
Full URL
https://run.fintechpi.com/6340829812892
Requested by
Host: 136.0.56.195
URL: http://136.0.56.195/xuanfu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
aef5ce735b8439bec2297e2c97050f2ce05950d4cfa24a037777933fcb97486d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:19 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=31536000
content-type
text/html; charset=UTF-8
x-ws-request-id
61660843_PSdgflkfFRA1dm9_17263-58435
x-via
1.1 PS-000-01cZq86:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:1 (Cdn Cache Server V2.0)
18C20609-5EE2-4406-B9E3-A786BBA80BDC.yx
fv.u1n6ok.cn/m/
10 KB
10 KB
Script
General
Full URL
https://fv.u1n6ok.cn/m/18C20609-5EE2-4406-B9E3-A786BBA80BDC.yx
Requested by
Host: 136.0.56.195
URL: http://136.0.56.195/xuanfu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.179 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a422ad07b70b08fd56be4049a03387f07d7ab184bb325335a45805b35615161e

Request headers

Referer
http://www.bws68.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 12 Oct 2021 22:12:09 GMT
via
cache16.l2de2[506,507,200-0,M], cache22.l2de2[508,0], cache22.l2de2[508,0], cache6.de2[760,788,200-0,M], cache11.de2[789,0]
server
Tengine
x-swift-cachetime
600
access-control-allow-methods
*
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-cache
MISS TCP_REFRESH_MISS dirn:9:33494195
x-swift-savetime
Tue, 12 Oct 2021 22:12:19 GMT
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
9873
eagleid
2ff62b9f16340767391415210e
ali-swift-global-savetime
1634076739
dp.php
yd.yuanqitu.com/DNEW/
13 KB
6 KB
Script
General
Full URL
http://yd.yuanqitu.com/DNEW/dp.php?uid=6965
Requested by
Host: 136.0.56.195
URL: http://136.0.56.195/xuanfu.js
Protocol
HTTP/1.1
Server
101.33.10.45 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
9b30d8d13405ee5fc9a59a981ee3373afa71f6aabff23be6f8ff22acf7b0e12d

Request headers

Referer
http://www.bws68.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 12 Oct 2021 22:12:19 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Upstream, Hit From Inner Cluster
Last-Modified
Tue, 12 Oct 2021 22:10:00 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
X-Daa-Tunnel
hop_count=2
X-NWS-LOG-UUID
ad0b550b-eef5-46ec-addd-b64f87eb16eb b46a4f383e9dda53e9cd48bf17656cdf
Connection
keep-alive
18C20609-5EE2-4406-B9E3-A786BBA80BDC
5c.tepusi888.cn/Report/
0
157 B
Fetch
General
Full URL
https://5c.tepusi888.cn/Report/18C20609-5EE2-4406-B9E3-A786BBA80BDC
Requested by
Host: fv.u1n6ok.cn
URL: https://fv.u1n6ok.cn/m/18C20609-5EE2-4406-B9E3-A786BBA80BDC.yx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:12:23 GMT
server
JSP3/2.0.14
access-control-allow-methods
*
dsa-misc
81
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
0
comd.php
yd.gxdianhua.com/DNEW/
2 KB
2 KB
Fetch
General
Full URL
https://yd.gxdianhua.com/DNEW/comd.php?uid=6965&yd=1
Requested by
Host: yd.yuanqitu.com
URL: http://yd.yuanqitu.com/DNEW/dp.php?uid=6965
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.205.224.13 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
d16884d0c57bf355c258ff44d581ff526cb91de4d1da0457f34065c1ecba7cb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Oct 2021 22:12:20 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Upstream, Hit From Inner Cluster
Last-Modified
Tue, 12 Oct 2021 22:10:00 GMT
Server
NWSs
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-Daa-Tunnel
hop_count=2
X-NWS-LOG-UUID
8face761-a5d5-41c6-97b0-f0643dfb5f56
Connection
keep-alive
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1594968355&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.snmm58.com%2F&v=1.2.85&lv=1&sn=27050&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.bws68.xyz%2F222%2F
Requested by
Host: www.bws68.xyz
URL: http://www.bws68.xyz/222/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.237.176.160 Beijing, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Oct 2021 22:12:20 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
2140.gif
pc.yttycd.com/images/
56 KB
56 KB
Image
General
Full URL
https://pc.yttycd.com/images/2140.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.218.208.15 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine / ASP.NET
Resource Hash
2a52f42bb507e8b41a593cf83a5761bafebdbf83b9df95f21d58a49db0a96180

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 21:00:57 GMT
via
cache80.l2cn3036[0,0,304-0,H], cache75.l2cn3036[1,0], kunlun10.cn192[0,0,200-0,H], kunlun1.cn192[1,0]
age
4273
x-powered-by
ASP.NET
x-cache
HIT TCP_MEM_HIT dirn:0:183226414
x-swift-cachetime
3600
x-swift-savetime
Tue, 12 Oct 2021 22:00:57 GMT
content-length
57049
last-modified
Fri, 21 Aug 2020 09:28:48 GMT
server
Tengine
etag
"db314f799d77d61:0"
ali-swift-global-savetime
1634072468
content-type
image/gif
accept-ranges
bytes
timing-allow-origin
*
eagleid
3adad03316340767417352486e
2140.gif
pc.yttycd.com/images/
56 KB
56 KB
Image
General
Full URL
https://pc.yttycd.com/images/2140.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.218.208.15 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine / ASP.NET
Resource Hash
2a52f42bb507e8b41a593cf83a5761bafebdbf83b9df95f21d58a49db0a96180

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 21:00:57 GMT
via
cache80.l2cn3036[0,0,304-0,H], cache75.l2cn3036[1,0], kunlun10.cn192[0,0,200-0,H], kunlun1.cn192[0,0]
age
4274
x-powered-by
ASP.NET
x-cache
HIT TCP_MEM_HIT dirn:0:183226414
x-swift-cachetime
3600
x-swift-savetime
Tue, 12 Oct 2021 22:00:57 GMT
content-length
57049
last-modified
Fri, 21 Aug 2020 09:28:48 GMT
server
Tengine
etag
"db314f799d77d61:0"
ali-swift-global-savetime
1634072468
content-type
image/gif
accept-ranges
bytes
timing-allow-origin
*
eagleid
3adad03316340767425153629e
close99.png
pc.yttycd.com/images/
594 B
886 B
Image
General
Full URL
https://pc.yttycd.com/images/close99.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.218.208.15 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine / ASP.NET
Resource Hash
1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.bws68.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 21:59:57 GMT
via
cache38.l2cn3036[290,289,304-0,M], cache41.l2cn3036[291,0], kunlun6.cn192[0,0,200-0,H], kunlun1.cn192[1,0]
age
734
x-powered-by
ASP.NET
x-cache
HIT TCP_MEM_HIT dirn:10:136335247
x-swift-cachetime
3600
x-swift-savetime
Tue, 12 Oct 2021 22:00:08 GMT
content-length
594
last-modified
Thu, 02 Aug 2018 03:13:29 GMT
server
Tengine
etag
"f7ab3ac9e2ad41:0"
ali-swift-global-savetime
1634076008
content-type
image/png
accept-ranges
bytes
timing-allow-origin
*
eagleid
3adad03316340767425153630e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kanjiantu.com
URL
https://kanjiantu.com/images/2021/09/13/aVM7uI.gif

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| _hmt number| m number| n string| bin number| PT_B_TS number| PT_B_KEY function| setCookie function| getCookie object| parameterArray number| PT_T_KEY1 boolean| _bdhm_loaded_3df8be917891033aa229f40ad4fd25e3 object| mini_tangram_log_qfx8xo

8 Cookies

Domain/Path Name / Value
www.bws68.xyz/222 Name: ifwq_num1
Value: 2
www.bws68.xyz/ Name: __tins__20488409
Value: %7B%22sid%22%3A%201634076738531%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201634078538531%7D
www.bws68.xyz/ Name: __51cke__
Value:
www.bws68.xyz/ Name: __tins__20424283
Value: %7B%22sid%22%3A%201634076738818%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201634078538818%7D
www.bws68.xyz/ Name: __51laig__
Value: 2
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 497965B897789EA2
.www.bws68.xyz/ Name: Hm_lvt_3df8be917891033aa229f40ad4fd25e3
Value: 1634076740
.www.bws68.xyz/ Name: Hm_lpvt_3df8be917891033aa229f40ad4fd25e3
Value: 1634076740

14 Console Messages

Source Level URL
Text
network error URL: http://www.bws68.xyz/js/4.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.bws68.xyz/js/3.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://136.0.56.195/duilian.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://kanjiantu.com/images/2021/09/13/aVM7uI.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.bws68.xyz/js/3.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.bws68.xyz/js/4.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://136.0.56.195/duilian.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://136.0.56.195/tj.js(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/20488409.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://136.0.56.195/tj.js(Line 2)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/20488409.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://136.0.56.195/tj.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/20424283.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://136.0.56.195/xuanfu.js(Line 12)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.govhechi.cn:4443/ty/x-495-34.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://136.0.56.195/xuanfu.js(Line 12)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.govhechi.cn:4443/ty/x-495-34.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://136.0.56.195/xuanfu.js(Line 33)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fv.u1n6ok.cn/m/18C20609-5EE2-4406-B9E3-A786BBA80BDC.yx, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://136.0.56.195/xuanfu.js(Line 35)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://yd.yuanqitu.com/DNEW/dp.php?uid=6965, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

028de.com
5c.tepusi888.cn
78z65m.com
aq720.com
dimg04.c-ctrip.com
fmlb.netlbtu.com
fv.u1n6ok.cn
go.imgbaba.xyz
go.imgdudu.xyz
go.imgtata.xyz
hm.baidu.com
ia.51.la
img.123456img.com
js.users.51.la
kanjiantu.com
ljcdn.comtucdncom.com
p.qlogo.cn
pc.yttycd.com
run.fintechpi.com
sc04.alicdn.com
tttppp.oss-cn-guangzhou.aliyuncs.com
www.028de.com
www.bws68.xyz
www.govhechi.cn
www.snmm58.com
yd.gxdianhua.com
yd.yuanqitu.com
kanjiantu.com
101.33.10.45
104.22.1.86
104.22.44.113
107.164.146.157
107.164.146.87
119.8.19.147
124.237.176.160
136.0.56.195
163.171.128.148
172.67.147.153
172.67.161.228
172.67.172.77
183.131.207.66
2.16.186.192
202.189.8.69
203.205.224.13
203.205.239.16
218.12.76.151
221.5.75.35
23.224.92.250
23.79.145.185
45.32.84.27
45.38.149.99
47.246.43.179
58.218.208.15
8.134.16.137
070208cf6c27e1bdeb854be6a8007400df828d4dc0c6d036d1edb0a57e36f373
0b1a5f25d9c720f2bb03c81ac0d5829d98607b3a0b0e4d33c047789e3accd725
0bd31cae43ca1e37750f87de2e4a4d76a49fb733693db1cb08aa193e0bffc1a4
1324509e73e33647fef09dea54cb0d72fe382a6c455148e26f7fb36fce10ff94
1725ab4fcfb53f814e0e8cd04a9f34647cf2d0d5e54232c9887a153400c7c128
1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b
2a52f42bb507e8b41a593cf83a5761bafebdbf83b9df95f21d58a49db0a96180
2e68040d1f0b1e2ce790b679a807f6d41eeb02760f0263754e54634837d7845a
3060d4b082f1d15e158f81fcfd7d59ee2b476bbfe31f11e7d983d118b238cbb7
327ba1de5bff58a1420779d4ef70da72ebdeb59bb6d55382a7e65c27970ea64a
35409c688537167874f9f1cc99ee8d400256ce7228220ceb011a9555950efc47
42745aa766ef6269ebb366f21cd265d64009a86f8f27aba32dca6baecad18171
458700fe9550f150829233db1f66dcc11cf2cc153df2fb2c677bc162c8a17a00
50a792bdb2e0350d24020afa052f437c802111200b6cacd5b9a3ea57d5c02cca
6f27883cf686354b9ac8b8f286bd88e331a07ee09163d19500f4b45fb56f8f62
709612cb4c7024584503ce76b41f8fdc36337ecd11eea23b7ba7ae5a1cb7e381
7eced968075b04e632d135e49313b5b10cabb07c95a0a34af7fc12d0ebd25391
92d4265169425196e855acaa22fd1053306f2c756391a5fea17b731c54c96ee1
9af4c0f15033084f3f228b6ea9827bd894583e0b680e3dab6e25a60a1a0fae78
9b30d8d13405ee5fc9a59a981ee3373afa71f6aabff23be6f8ff22acf7b0e12d
9bcaf9c6116d418343d057524e58ffacc68138db407cc75f395934ebb4f75902
a40aa943a34bddff097ac8c3923562ca5e7d312c6da4a94f11cf8de98be3b7d8
a422ad07b70b08fd56be4049a03387f07d7ab184bb325335a45805b35615161e
ac5ff23c9679e56dfc763e9a7c9870c8ff01cb306442f12e553832c81bee52e3
ad20ba3b36c39b5cb4e2342323beefecd4ab885fd63b9ffc1c5f94eb6ed728b1
aef5ce735b8439bec2297e2c97050f2ce05950d4cfa24a037777933fcb97486d
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b418b06b1639e24d8d0885f9fe7860fdfa914aefa3d1df5f69743a37db188c65
b926f363c5b185aea65cbc1ff94035f54dd4a51ff95829cc105d34c9feb4ec9d
b9dc704c6a9faaab6b002b9e35fcb9fb2fba6a850ffe9d5485fa090964244083
bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a
bd04d2a99b213edd9254ea5adc5d7cd63e386c3efacd4c08bdb0c5f0496967d6
c7928a01936039ba697426b65b30bdfdd43ee6d817d777a02b45a8cf1eb9e038
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16884d0c57bf355c258ff44d581ff526cb91de4d1da0457f34065c1ecba7cb8
d33ce62c203e646ae72e379370df770446f8687788ab23116ca1bea162059672
daf94497d786ee53152b325e7cb60ca369df2799f7539b1895abecd4ae8f3077
df127c4cfda1e8a3dc5b73b69a7d50007b91994b69b1cf3c97a4cdc72dad5a32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ce73bcfab9bb1856d09bae6750af8d2661f2ed54ee39558f329217b1df5b25
e70d84d27622cbd8c6bd473c3ba136d3404fdfe9ab5b3c5c051bf2352a9af173
e7d7123fddb1a3abdef8fe3117d2b8e5e4650a87e3c8b752dec007001ad8a2b9
e8b2cdbb1a97710814af9d2e0b69c9c7527215eecb67ae2b5893fda518930f98
eb156803055e7b7cfff2118cd6ab244defaf1bcce88117c5454f6694cd54b84c
ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47
f270af47b2eafb2355f4a3016db6302ed936d890deeba887ccbba79f69fa3cb3
f553d1586da9197f56a9934f4016bcd0ff941a1778c044703baba15c81553268
f69862bf61a1b6fce20c1b0bde252805f3290e1e3a862c5184feded72f8d7f6b
f99a7864e2bc32097733fce9eb80ac701acc62274001919bbeca4e6afe9c5594
fbcde5a7922c92f410e73c931e3d9ba18dc95790d793607303b7ccb357529820
fbe44263690766131dea5a37fe025a1e9f1ea25f0073e45a566a35c00c4f7553