urlscan.io logo urlscan.io
SecurityTrails logo

www.heicard.com Open in urlscan Pro
119.23.160.78  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.heicard.com/en/
Submission: On March 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 38 HTTP transactions. The main IP is 119.23.160.78, located in China and belongs to CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is www.heicard.com.
This is the only time www.heicard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 119.23.160.78 37963 (CNNIC-ALI...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
38 7
25    119.23.160.78 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
www.heicard.com
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
25 www.heicard.com www.heicard.com
5 pagead2.googlesyndication.com www.heicard.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
38 8

This site contains links to these domains. Also see Links.

Domain
code.heicard.com
beian.miit.gov.cn
www.chinasnow.net
www.dhgate.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://www.heicard.com/en/
Frame ID: 8E53F379D0D45545A32591169DA8CA5A
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html
Frame ID: 5ABBD4FC8D6F0C6B1B10006BF7E5F41D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6868632756815113&output=html&adk=1812271804&adf=3025194257&lmt=1616652471&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.heicard.com%2Fen%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616652471303&bpp=11&bdt=749&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5828412225587&frm=20&pv=2&ga_vid=1708976168.1616652471&ga_sid=1616652471&ga_hid=158655976&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066429%2C44737458%2C44739387&oid=3&pvsid=3538286982665050&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=98
Frame ID: F76EFC002B604523645F09ECF266A2F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F792EC2DBC35638D4CD350B7E0CA3341
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

38
Requests

32 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

916 kB
Transfer

1217 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.heicard.com/en/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d3a59e9aed399fea39fc225b4b7e82dec145397e3c32e370d98693704bd484a9

Request headers

Host
www.heicard.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 25 Mar 2021 06:07:50 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
JSESSIONID=08C8043ABED1C8A8763065679C596B37; Path=/project_hc; HttpOnly
Content-Language
en-US
layui.css
www.heicard.com/source/layui/css/ 		68 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/layui/css/layui.css?_v=18121314
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
06bb8e3f3a62e11a594fd471f8ee8786c4a92daf8273cbfa97b202a957373a96

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:50 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-10f9b"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69531
heicard.css
www.heicard.com/source/css/ 		20 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/css/heicard.css?_v=18121314
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
fe500288aa4bfcd74bb49f3a9c64bed8d447c87cb2324b0b248b4c4ea2a6e9e1

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:50 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:30 GMT
Server
nginx
ETag
"5fc486be-4f5d"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20317
icomoon.css
www.heicard.com/source/css/ 		26 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/css/icomoon.css?_v=18121314
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
08958dbdd8ce1eb1465344c1ae73eeddf6de11e61c803238e0f3ed36675a3013

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:50 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:30 GMT
Server
nginx
ETag
"5fc486be-6754"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26452
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9acc39648034c271183fcc522663eaacd49fc368734d99da2f6305ed615b3e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 25 Mar 2021 06:07:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13546206454834339654
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
49676
X-XSS-Protection
0
Expires
Thu, 25 Mar 2021 06:07:51 GMT
logo.png
www.heicard.com/source/imgs/indeximg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heicard.com/source/imgs/indeximg/logo.png
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
fab8a40f19db3c0c3b780d2b545d1ca6cd68e89192a9287a248eb74ffc71bd1a

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-cf5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3317
pro11301.png
www.heicard.com/source/imgs/indeximg/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heicard.com/source/imgs/indeximg/pro11301.png
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
01a95a1f071ba2b1045b35fd2702f1459f47f0e238e5eb0d8aae815096cc282b

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-9687"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38535
sologin.png
www.heicard.com/source/imgs/indeximg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heicard.com/source/imgs/indeximg/sologin.png
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e899ac6b9247b268d90f0398bafd91c2f1566e0b894e0c3cd49ecdbd7071785c

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-e88"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3720
layui.js
www.heicard.com/source/layui/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/layui/layui.js?v=2.3.0
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
2273fb45d13a752a557e2564f435c1cb3e02cdb3eabf7adfa85994a51598af75

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-1a70"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6768
banner.jpg
www.heicard.com/source/imgs/indeximg/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heicard.com/source/imgs/indeximg/banner.jpg
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c02f8b80d21918770462b4baef25d621329c933dcfc5d22f00eab5bc5efbcbf4

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-18905"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100613
engine.png
www.heicard.com/source/imgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heicard.com/source/imgs/engine.png
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8674f393f6281fbf11c604b8cc2314ff004f6e1886bd96e569fbd37e18ed32b4

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:52 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-7d3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2003
lock.png
www.heicard.com/source/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heicard.com/source/imgs/lock.png
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
357f23965fddd6021f2c2d81bb67cd3adc68c76d5970eb03894c58899215badb

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-494"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1172
clock.png
www.heicard.com/source/imgs/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heicard.com/source/imgs/clock.png
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/en/
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
fa670be0c205396a32673e037d917df56307013978b4d038278a3e6341be793a

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-58c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1420
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/ 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6868632756815113&plah=www.heicard.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 06:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86619
x-xss-protection
0
server
cafe
etag
10759459106970592627
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 25 Mar 2021 06:07:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/ Frame 5ABB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210322/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.heicard.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.heicard.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 25 Mar 2021 02:55:27 GMT
expires
Thu, 08 Apr 2021 02:55:27 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
11544
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		201 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.heicard.com&callback=_gfp_s_&client=ca-pub-6868632756815113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6868632756815113&plah=www.heicard.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
817d9f239175e4026c35e6cbd0834dea8c7c3c69b293e19b183ff8ffe26d90ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 06:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.heicard.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6868632756815113&plah=www.heicard.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Mar 2021 06:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heicard.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6868632756815113&plah=www.heicard.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Mar 2021 06:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F76E 		603 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6868632756815113&output=html&adk=1812271804&adf=3025194257&lmt=1616652471&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.heicard.com%2Fen%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616652471303&bpp=11&bdt=749&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5828412225587&frm=20&pv=2&ga_vid=1708976168.1616652471&ga_sid=1616652471&ga_hid=158655976&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066429%2C44737458%2C44739387&oid=3&pvsid=3538286982665050&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6868632756815113&plah=www.heicard.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6868632756815113&output=html&adk=1812271804&adf=3025194257&lmt=1616652471&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.heicard.com%2Fen%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616652471303&bpp=11&bdt=749&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5828412225587&frm=20&pv=2&ga_vid=1708976168.1616652471&ga_sid=1616652471&ga_hid=158655976&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066429%2C44737458%2C44739387&oid=3&pvsid=3538286982665050&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=98
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.heicard.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.heicard.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 25 Mar 2021 06:07:51 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 25-Mar-2021 06:22:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6868632756815113&plah=www.heicard.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cac02e231c61068da6a4e6c177f2ccd14a5360aa3509af3be992bfbbad0c127b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 06:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616585787019197"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28245
x-xss-protection
0
expires
Thu, 25 Mar 2021 06:07:51 GMT
element.js
www.heicard.com/source/layui/lay/modules/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/layui/lay/modules/element.js?v=18071918
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
55f4536fe95dc858e40da1ea2c6774d6f2fbedd0ec7fbdaebf6146f04bbb4178

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-1c60"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7264
jquery.js
www.heicard.com/source/layui/lay/modules/ 		95 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/layui/lay/modules/jquery.js?v=18071918
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d007eed6e7631571d7f9e40a0f4fdd8ac04a5c07e0f61295ae36233f0ac250b0

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:51 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-17d70"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97648
notice.js
www.heicard.com/source/js/hc/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/js/hc/notice.js?v=18071918
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8650cbca7a919651871b81ebdb794fe5ffa743103ea1289a84596952f24bfd1e

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:52 GMT
Last-Modified
Tue, 01 Dec 2020 11:36:54 GMT
Server
nginx
ETag
"5fc62ad6-1083"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4227
layer.js
www.heicard.com/source/layui/lay/modules/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/layui/lay/modules/layer.js?v=18071918
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
780f4938477be8cbcd17374076aef55e6ab274dd02ad0635798636ea5c3523c4

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:52 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-5619"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22041
layer.css
www.heicard.com/source/layui/css/modules/layer/default/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/layui/css/modules/layer/default/layer.css?v=3.1.1
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
026df08cc6e20084931bfa2967a2dc15e7159ec69c2e681157d3ecc5a089d9ad

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:53 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-3859"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14425
util.js
www.heicard.com/source/layui/lay/modules/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/layui/lay/modules/util.js?v=18071918
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
f6815153291c660c1848411a3a7922ecc26b25be33fabd762189c4a18f4eca6f

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:52 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-d82"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3458
usapi.js
www.heicard.com/source/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/js/usapi.js?v=18071918
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
9710e4b1fcc0a1d4f1b778756553e0bf0e426dd464a909975f164e0d44fc95aa

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:53 GMT
Last-Modified
Tue, 01 Dec 2020 11:35:20 GMT
Server
nginx
ETag
"5fc62a78-736"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1846
crypto-js.js
www.heicard.com/source/js/ 		51 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/js/crypto-js.js?v=18071918
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c75a57a74587eb8ce2ecbf4242cb14aa84c7a48d32feff09b9c10f202116c0b8

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:53 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-cd3f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52543
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210322&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6868632756815113&plah=www.heicard.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab73f8a45dc9d0363f0a5d23fce044d6489f794ff99ab1b6a34158bed73022d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Mar 2021 06:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6621
x-xss-protection
0
amazeui.js
www.heicard.com/source/js/ 		202 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/js/amazeui.js?v=18071918
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/layui.js?v=2.3.0
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
be32a68da300422225b25111fe45363fafa45ed878e5c3edd65c81427fab6495

Request headers

Referer
http://www.heicard.com/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:54 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-3289f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207007
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6868632756815113&plah=www.heicard.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 06:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 25 Mar 2021 06:07:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F792 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.heicard.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.heicard.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 24 Mar 2021 18:36:14 GMT
expires
Thu, 24 Mar 2022 18:36:14 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
41500
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
pagead2.googlesyndication.com/bg/ Frame F792 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Mar 2021 13:30:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
59832
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5697
x-xss-protection
0
expires
Thu, 24 Mar 2022 13:30:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210322&jk=3538286982665050&bg=!cHOlczfNAAbUo7L91KM7ACkAdvg8WnBBvOcXF4d0E1x6TsCKCV1nowgACwH43ExTgi3NSzy66rhd1AIAAABNUgAAAAloAQcKAFqINdTF-_HxfOBe2w2A2iwoi7rW7OYLJHvZkn4RbjScMeY24mS7lwlYbCehJ_bRMHXrDR46CTjZFg4_r4Qa-BO4DlLnk03fF-KU3eFrcZ3NAjXiNfZiONtvry-ZActAC4ru_AGw1_OGjTm95CvoGLwSp3W9cym8TrkWx7JtRWkiw7emHn6-Zr7AmVYht-brNb4CY-gOXlVhOsLDQgH9PSCXrwXkwq_Qfye8Gb5cLgjC8JIpYfbGD-PPxPThk2jRdCnWgaEXRFootIam_LEnERya5ldsKIzYCLejkgQQ0g-bDp_9vQsr6mQi33z6W034KS0cSEmdrBwFJIw3qtNtFACJNVbV66q6uSDH_wTLRZCSsd88VcrP1FSZgBkxkmuDPwnR2jvy310woUsWmLWga8G7Vgm1FqgtEUd5fM-07JkF-OZl0uP2iE7MmXpED6XcEcv9vJ-7CeqNLaXxrkBsQAVZA6NheTtCXMkWTZNktp_hYp2WbNcMDkFSGuq-M1PQkwd11jfmg3_oJ3nPQo7QTZYGJWxibvWSOeTK-x6xWKXP-1UW6FaTxCXNHV_FZSZYlzU9h38kspVNM4kYFDYGucSzNUL44P64-Q6UPwsHlU4usZfbb7WWoIWkRxc0xrTEkhDjfUiNlKy8dZsq49gtk25YGak3OB29Erdo-ejqQmSAkUqELmAm0EouzpyERve3riaAElMVMKsN-jpoGKKxgg93_TsV5slKZa8
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.heicard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Mar 2021 06:07:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon.png
www.heicard.com/source/layui/css/modules/layer/default/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heicard.com/source/layui/css/modules/layer/default/icon.png
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/css/modules/layer/default/layer.css?v=3.1.1
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
99942159547fc45a02ddeb5af9570b6c870b18c36f83fd53ccb7c0644d346c89

Request headers

Referer
http://www.heicard.com/source/layui/css/modules/layer/default/layer.css?v=3.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:54 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-2ce5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11493
iconfont.woff
www.heicard.com/source/layui/font/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/source/layui/font/iconfont.woff?v=240
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/css/layui.css?_v=18121314
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
6e9dac35a993a17830b37c400415142906634d2b0a7af0b2418a92ed959ae201

Request headers

Origin
http://www.heicard.com
Referer
http://www.heicard.com/source/layui/css/layui.css?_v=18121314
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:54 GMT
Last-Modified
Mon, 30 Nov 2020 05:44:31 GMT
Server
nginx
ETag
"5fc486bf-6878"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26744
getTime.do
www.heicard.com/fetch/usapi/ 		13 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/fetch/usapi/getTime.do
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/lay/modules/jquery.js?v=18071918
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
abd1eb5fbe693127228a4807d9babfc4fa2814de74709b363c049c7c8a0ffc6a

Request headers

Accept
*/*
Referer
http://www.heicard.com/en/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 06:07:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
getIccid
www.heicard.com/fetch/usapi/ 		138 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.heicard.com/fetch/usapi/getIccid?key=3
Requested by
Host: www.heicard.com
URL: http://www.heicard.com/source/layui/lay/modules/jquery.js?v=18071918
Protocol
HTTP/1.1
Server
119.23.160.78 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b3392b2ecc47d93dc0b490dbf8c51c0f5d45d4e9ad5f48d57465a31809ef15ea

Request headers

Accept
*/*
Referer
http://www.heicard.com/en/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
token
dGllY1lUcnJKbnB5UFZPNjgrQkVIUW52eGRTMDEwMHFodFVCREJXNk04SlhVMVRFYXlhdFM5OUFVUGRBcFg0TTsyOzE2MTY2NTI0NzQ4NTE=

Response headers

Date
Thu, 25 Mar 2021 06:07:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| layui object| jQuery112309361073006203138 object| layer object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.googletagservices.com
www.heicard.com
119.23.160.78
142.250.186.162
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01a95a1f071ba2b1045b35fd2702f1459f47f0e238e5eb0d8aae815096cc282b
026df08cc6e20084931bfa2967a2dc15e7159ec69c2e681157d3ecc5a089d9ad
06bb8e3f3a62e11a594fd471f8ee8786c4a92daf8273cbfa97b202a957373a96
08958dbdd8ce1eb1465344c1ae73eeddf6de11e61c803238e0f3ed36675a3013
2273fb45d13a752a557e2564f435c1cb3e02cdb3eabf7adfa85994a51598af75
357f23965fddd6021f2c2d81bb67cd3adc68c76d5970eb03894c58899215badb
55f4536fe95dc858e40da1ea2c6774d6f2fbedd0ec7fbdaebf6146f04bbb4178
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6e9dac35a993a17830b37c400415142906634d2b0a7af0b2418a92ed959ae201
780f4938477be8cbcd17374076aef55e6ab274dd02ad0635798636ea5c3523c4
817d9f239175e4026c35e6cbd0834dea8c7c3c69b293e19b183ff8ffe26d90ab
8650cbca7a919651871b81ebdb794fe5ffa743103ea1289a84596952f24bfd1e
8674f393f6281fbf11c604b8cc2314ff004f6e1886bd96e569fbd37e18ed32b4
8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1
9710e4b1fcc0a1d4f1b778756553e0bf0e426dd464a909975f164e0d44fc95aa
99942159547fc45a02ddeb5af9570b6c870b18c36f83fd53ccb7c0644d346c89
9acc39648034c271183fcc522663eaacd49fc368734d99da2f6305ed615b3e5e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab73f8a45dc9d0363f0a5d23fce044d6489f794ff99ab1b6a34158bed73022d8
abd1eb5fbe693127228a4807d9babfc4fa2814de74709b363c049c7c8a0ffc6a
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
b3392b2ecc47d93dc0b490dbf8c51c0f5d45d4e9ad5f48d57465a31809ef15ea
be32a68da300422225b25111fe45363fafa45ed878e5c3edd65c81427fab6495
c02f8b80d21918770462b4baef25d621329c933dcfc5d22f00eab5bc5efbcbf4
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c75a57a74587eb8ce2ecbf4242cb14aa84c7a48d32feff09b9c10f202116c0b8
cac02e231c61068da6a4e6c177f2ccd14a5360aa3509af3be992bfbbad0c127b
d007eed6e7631571d7f9e40a0f4fdd8ac04a5c07e0f61295ae36233f0ac250b0
d3a59e9aed399fea39fc225b4b7e82dec145397e3c32e370d98693704bd484a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e899ac6b9247b268d90f0398bafd91c2f1566e0b894e0c3cd49ecdbd7071785c
f6815153291c660c1848411a3a7922ecc26b25be33fabd762189c4a18f4eca6f
fa670be0c205396a32673e037d917df56307013978b4d038278a3e6341be793a
fab8a40f19db3c0c3b780d2b545d1ca6cd68e89192a9287a248eb74ffc71bd1a
fe500288aa4bfcd74bb49f3a9c64bed8d447c87cb2324b0b248b4c4ea2a6e9e1