urlscan.io logo urlscan.io
SecurityTrails logo

npiza.com Open in urlscan Pro
154.23.154.213  Public Scan

Go To Rescan Add Verdict Report
URL: http://npiza.com/
Submission: On January 11 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 41 domains to perform 61 HTTP transactions. The main IP is 154.23.154.213, located in United States and belongs to SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG. The main domain is npiza.com.
This is the only time npiza.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    154.23.154.213 (United States)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)
npiza.com
8    198.16.37.83 (United States)

ASN40065 (CNSERVERS, US)
hjha2.com
2    103.170.15.101 (None, )

ASN- ()
99996aaa.com
362728tdg.com
1    103.170.15.96 (None, )

ASN- ()
375772rug.com
2    45.61.212.49 (None, )

ASN- ()
832793jse.com
88668aaa.com
1    103.170.15.111 (None, )

ASN- ()
223969ufy.com
1    194.13.80.102 (None, )

ASN- ()
s3.bmp.ovh
1    23.225.237.36 (None, )

ASN- ()
8499163.com
1    38.54.37.233 (None, )

ASN- ()
img.1163555.com
1    2001:da8:20d:40da:3::3f3 (None, )

ASN- ()
p3.douyinpic.com
1    20.239.187.174 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tu.sljttpkj.net
1    103.170.15.106 (None, )

ASN- ()
66668aaa.com
1    185.10.104.115 (None, )

ASN- ()
pic.rmb.bdstatic.com
1    2600:9000:200a:8400:10:6ea1:f8c0:93a1 (None, )

ASN- ()
kzeii.com
1    2606:4700:3038::6815:ebb6 (None, )

ASN- ()
www.linkpicture.com
3    2606:4700::6810:5914 (None, )

ASN- ()
cdn.jsdelivr.net
1    45.61.212.121 (None, )

ASN- ()
573569djd.com
1    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    113.1.0.71 (None, )

ASN- ()
kg.awyyzx.com
Apex Domain
Subdomains		 Transfer
8 hjha2.com
hjha2.com
144 KB
3 jsdelivr.net
cdn.jsdelivr.net
831 KB
2 npiza.com
npiza.com
2 KB
1 awyyzx.com
kg.awyyzx.com
11 KB
1 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 6569
12 KB
1 573569djd.com
573569djd.com
21 KB
1 linkpicture.com
www.linkpicture.com
195 KB
1 kzeii.com
kzeii.com
553 KB
1 bdstatic.com
pic.rmb.bdstatic.com
1 MB
1 66668aaa.com
66668aaa.com
708 KB
1 sljttpkj.net
tu.sljttpkj.net — Cisco Umbrella Rank: 596692
575 KB
1 1163555.com
img.1163555.com
120 B
1 douyinpic.com
p3.douyinpic.com Failed
1 8499163.com
8499163.com
434 KB
1 bmp.ovh
s3.bmp.ovh
11 KB
1 88668aaa.com
88668aaa.com
1 MB
1 223969ufy.com
223969ufy.com
567 KB
1 832793jse.com
832793jse.com
703 KB
1 362728tdg.com
362728tdg.com
662 KB
1 375772rug.com
375772rug.com
1 MB
1 99996aaa.com
99996aaa.com
564 KB
0 fls003.com Failed
fls003.com Failed
0 aliyuncs.com Failed
yaoji666.oss-cn-hongkong.aliyuncs.com Failed
0 tsmgsoce.com Failed
tgqd.tsmgsoce.com Failed
0 papatv.cloud Failed
papatv.cloud Failed
0 ibb.co Failed
i.ibb.co Failed
0 7652a.com Failed
img.7652a.com Failed
0 99887aaa.com Failed
99887aaa.com Failed
0 253669vqx.com Failed
253669vqx.com Failed
0 n5267.com Failed
n5267.com Failed
0 kveii.com Failed
kveii.com Failed
0 9366qq.com Failed
9366qq.com Failed
0 1153555.com Failed
img.1153555.com Failed
0 66663aaa.com Failed
66663aaa.com Failed
0 sky4k.top Failed
skyimg.sky4k.top Failed
0 8499165.com Failed
8499165.com Failed
0 toutiaoimg.com Failed
p9.toutiaoimg.com Failed
0 3p8801.co Failed
3p8801.co Failed
0 ezfxpuo.cn Failed
qp.ezfxpuo.cn Failed
0 595tuchuang.com Failed
595tuchuang.com Failed
0 360buyimg.com Failed
kjimg10.360buyimg.com Failed
61 41
Domain Requested by
8 hjha2.com npiza.com
hjha2.com
3 cdn.jsdelivr.net hjha2.com
2 npiza.com npiza.com
1 kg.awyyzx.com npiza.com
1 hm.baidu.com hjha2.com
1 573569djd.com hjha2.com
1 www.linkpicture.com hjha2.com
1 kzeii.com hjha2.com
1 pic.rmb.bdstatic.com hjha2.com
1 66668aaa.com hjha2.com
1 tu.sljttpkj.net hjha2.com
1 img.1163555.com 1 redirects
1 p3.douyinpic.com hjha2.com
1 8499163.com hjha2.com
1 s3.bmp.ovh hjha2.com
1 88668aaa.com hjha2.com
1 223969ufy.com hjha2.com
1 832793jse.com hjha2.com
1 362728tdg.com hjha2.com
1 375772rug.com hjha2.com
1 99996aaa.com hjha2.com
0 fls003.com Failed hjha2.com
0 yaoji666.oss-cn-hongkong.aliyuncs.com Failed hjha2.com
0 tgqd.tsmgsoce.com Failed hjha2.com
0 papatv.cloud Failed hjha2.com
0 i.ibb.co Failed hjha2.com
0 img.7652a.com Failed hjha2.com
0 99887aaa.com Failed hjha2.com
0 253669vqx.com Failed hjha2.com
0 n5267.com Failed hjha2.com
0 kveii.com Failed hjha2.com
0 9366qq.com Failed hjha2.com
0 img.1153555.com Failed hjha2.com
0 66663aaa.com Failed hjha2.com
0 skyimg.sky4k.top Failed hjha2.com
0 8499165.com Failed hjha2.com
0 p9.toutiaoimg.com Failed hjha2.com
0 3p8801.co Failed hjha2.com
0 qp.ezfxpuo.cn Failed hjha2.com
0 595tuchuang.com Failed hjha2.com
0 kjimg10.360buyimg.com Failed hjha2.com
61 41

This site contains no links.

Subject Issuer Validity Valid
hjha2.com
R3		 2022-11-06 -
2023-02-04		 3 months crt.sh
99996aaa.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-20 -
2023-11-20		 a year crt.sh
375772rug.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-26 -
2023-10-26		 a year crt.sh
362728tdg.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-26 -
2023-10-26		 a year crt.sh
832793jse.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-26 -
2023-10-26		 a year crt.sh
223969ufy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-26 -
2023-10-26		 a year crt.sh
88668aaa.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-20 -
2023-11-20		 a year crt.sh
s3.bmp.ovh
TrustAsia RSA DV TLS CA G2		 2022-03-29 -
2023-03-29		 a year crt.sh
8499163.com
ZeroSSL RSA Domain Secure Site CA		 2022-12-28 -
2023-03-28		 3 months crt.sh
tu.sljttpkj.net
R3		 2022-12-19 -
2023-03-19		 3 months crt.sh
66668aaa.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-20 -
2023-11-20		 a year crt.sh
pic.rmb.bdstatic.com
TrustAsia TLS RSA CA		 2022-01-21 -
2023-02-21		 a year crt.sh
kzeii.com
Amazon RSA 2048 M01		 2022-12-19 -
2024-01-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-17		 a year crt.sh
573569djd.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-26 -
2023-10-26		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
kg.awyyzx.com
CerSign DV SSL CA		 2023-01-09 -
2023-04-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://npiza.com/
Frame ID: 3257EB116A3BF48A887B830814D66E54
Requests: 3 HTTP requests in this frame

Frame: https://hjha2.com:8443/
Frame ID: 768558E72950A9A3EB96F6ED29401E28
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

三温区培养箱-低温冷光源光照箱-宁波科晟实验仪器有限公司

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

44 %
HTTPS

21 %
IPv6

41
Domains

41
Subdomains

19
IPs

2
Countries

9778 kB
Transfer

10066 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://img.2971a.com/images/63a05688d9e6cc95320e0949.gif HTTP 302
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/05d5a719cd634136913ab0d8ff47c1fa
Request Chain 18
  • https://img.1163555.com/images/63a3f5e8ed713b93977c71cc.gif HTTP 302
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/49dac90644c340f592fd293b1984c9a6

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
npiza.com/ 		595 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
http://npiza.com/
Protocol
HTTP/1.1
Server
154.23.154.213 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
e222c8e1ed8c2db3c2c03671691c30a5755610e36b05c5772dc173bbe531b8ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 11 Jan 2023 09:40:01 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding
tiaozhuan.js
npiza.com/ 		1 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
http://npiza.com/tiaozhuan.js
Requested by
Host: npiza.com
URL: http://npiza.com/
Protocol
HTTP/1.1
Server
154.23.154.213 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
8afb1e13ddcb4becf8c4723f6c8e7ce07df67db20ca3de839f18e0d886fdf419

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://npiza.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 09:40:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 06 Nov 2022 07:29:33 GMT
Server
openresty
ETag
W/"6367625d-579"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=180
Connection
close
Expires
Wed, 11 Jan 2023 09:43:02 GMT
tongji.js
npiza.com/ 		0
0
/
hjha2.com/ Frame 7685 		96 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hjha2.com:8443/
Requested by
Host: npiza.com
URL: http://npiza.com/tiaozhuan.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
f112d25e36afdd5b3c15a587d6d61ea28c58e2b6d1360fd62767efdc6b2062ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://npiza.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 11 Jan 2023 09:40:03 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
jquery.min.js
hjha2.com/template/kuli04/js/ Frame 7685 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hjha2.com:8443/template/kuli04/js/jquery.min.js
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 14 May 2022 13:14:00 GMT
server
nginx
etag
W/"627fab18-17b8b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 11 Jan 2023 21:40:04 GMT
swiper.min.js
hjha2.com/template/kuli04/js/ Frame 7685 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hjha2.com:8443/template/kuli04/js/swiper.min.js
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 14 May 2022 13:14:02 GMT
server
nginx
etag
W/"627fab1a-178a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 11 Jan 2023 21:40:04 GMT
bootstrap.min.js
hjha2.com/template/kuli04/js/ Frame 7685 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hjha2.com:8443/template/kuli04/js/bootstrap.min.js
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 14 May 2022 13:13:58 GMT
server
nginx
etag
W/"627fab16-9b00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 11 Jan 2023 21:40:04 GMT
jquery.lazyload.min.js
hjha2.com/template/kuli04/js/ Frame 7685 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hjha2.com:8443/template/kuli04/js/jquery.lazyload.min.js
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 14 May 2022 13:14:00 GMT
server
nginx
etag
W/"627fab18-d35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 11 Jan 2023 21:40:04 GMT
style.css
hjha2.com/template/kuli04/css/ Frame 7685 		32 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hjha2.com:8443/template/kuli04/css/style.css?v=5
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 31 Jul 2022 11:38:05 GMT
server
nginx
etag
W/"62e6699d-7ef3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Wed, 11 Jan 2023 21:40:04 GMT
logo.jpg
hjha2.com/template/kuli04/images/ Frame 7685 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hjha2.com:8443/template/kuli04/images/logo.jpg
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:04 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 15 May 2022 05:53:44 GMT
server
nginx
etag
"62809568-89f0"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
35312
expires
Fri, 10 Feb 2023 09:40:04 GMT
2ffa649e5259458c8a91a61f7fb59951.gif
99996aaa.com/ Frame 7685 		564 KB
564 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://99996aaa.com/2ffa649e5259458c8a91a61f7fb59951.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.101 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0b374b57ebcf263193d88c13eddb10aecc4e3e9ce6b0bba17fc9cb0b053bf438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 31 Dec 2022 08:37:57 GMT
Last-Modified
Fri, 23 Dec 2022 06:29:53 GMT
Server
nginx
ETag
"63a54ae1-8cf85"
X-Cache
HIT from yd11_13-cdn-g01-la2-31
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
577413
2955f1d87c77457da4e7362ec1f4451f.gif
375772rug.com/ Frame 7685 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://375772rug.com/2955f1d87c77457da4e7362ec1f4451f.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.96 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 07:02:25 GMT
Last-Modified
Fri, 30 Dec 2022 07:01:59 GMT
Server
nginx
ETag
"63ae8ce7-104685"
X-Cache
HIT from yd11_13-cdn-g01-la2-26
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1066629
85494c07f7f4492eb9a9034529342f06.gif
362728tdg.com/ Frame 7685 		662 KB
662 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://362728tdg.com/85494c07f7f4492eb9a9034529342f06.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.101 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
7fd5a884a941ec7debff6bf4eadd3bb579a6b83f9361eb5a6dcd978e9199d3d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 07 Jan 2023 08:48:01 GMT
Last-Modified
Sat, 07 Jan 2023 08:32:15 GMT
Server
nginx
ETag
"63b92e0f-a582e"
X-Cache
HIT from yd11_13-cdn-g01-la2-31
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
677934
623201c2748b46fcbfa7f024cb3e1338.gif
832793jse.com/ Frame 7685 		703 KB
703 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://832793jse.com/623201c2748b46fcbfa7f024cb3e1338.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 17:39:43 GMT
Last-Modified
Fri, 28 Oct 2022 11:57:57 GMT
Server
nginx
ETag
"635bc3c5-afb81"
X-Cache
HIT from cloud-us1-cdnb-19
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
719745
d8b3075b7c4f4280a5a682a16cdae177..gif
223969ufy.com/ Frame 7685 		567 KB
567 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://223969ufy.com/d8b3075b7c4f4280a5a682a16cdae177..gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.111 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5083c6eec3b0beac9b5b0f287a69e8169efbb469c19b9083c12b2ed239936e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 18 Dec 2022 20:32:54 GMT
Last-Modified
Mon, 07 Nov 2022 09:08:29 GMT
Server
nginx
ETag
"6368cb0d-8db38"
X-Cache
HIT from yd11_13-cdn-g01-la2-41
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
580408
041cbfb6973f4daaa4d3335116899cde.gif
88668aaa.com/ Frame 7685 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://88668aaa.com/041cbfb6973f4daaa4d3335116899cde.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5b39dca97f810d0e15de04210c6b7526befaa3dde3bb2e55177ca44006b28a04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 19:17:44 GMT
Last-Modified
Fri, 09 Dec 2022 06:51:07 GMT
Server
nginx
ETag
"6392dadb-17021c"
X-Cache
HIT from cloud-us1-cdnb-19
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1507868
96141da8a6abd7d5.gif
s3.bmp.ovh/imgs/2023/01/08/ Frame 7685 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.bmp.ovh/imgs/2023/01/08/96141da8a6abd7d5.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.13.80.102 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8d7488ccf2b369926af3345ce4a5f94f273cbc768ac0fbc10739d3d4b717c32f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:06 GMT
server
nginx
etag
"6288bdc7-2a91"
content-length
10897
content-type
image/png
960x160.gif
8499163.com/8499/ Frame 7685 		434 KB
434 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8499163.com/8499/960x160.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.237.36 -, , ASN (),
Reverse DNS
Software
qq.com /
Resource Hash
e27ce8615a286f31afae3a6f5580deb2e30d2e9c0a4248a3b7e2d165a89f2cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:07 GMT
last-modified
Sat, 24 Dec 2022 13:20:16 GMT
server
qq.com
etag
"6c674-5f092c350014a"
x-cache-status
HIT
content-type
image/gif
accept-ranges
bytes
content-length
444020
05d5a719cd634136913ab0d8ff47c1fa
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 7685
Redirect Chain
  • https://img.2971a.com/images/63a05688d9e6cc95320e0949.gif
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/05d5a719cd634136913ab0d8ff47c1fa
0
0
49dac90644c340f592fd293b1984c9a6
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 7685
Redirect Chain
  • https://img.1163555.com/images/63a3f5e8ed713b93977c71cc.gif
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/49dac90644c340f592fd293b1984c9a6
30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.douyinpic.com/obj/tos-cn-i-dy/49dac90644c340f592fd293b1984c9a6
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Server
2001:da8:20d:40da:3::3f3 -, , ASN (),
Reverse DNS
Software
Tengine / ImageX
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 11:03:02 GMT
via
n204-098-051, cache62.l2cn1837[0,0,206-0,H], cache77.l2cn1837[0,0], cache77.l2cn1837[2,0], cache1.cn17[0,0,200-0,H], cache3.cn17[4,0]
x-response-lb
image
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
age
2155027
nw-session-id
2022121719004801013516002323962051twstf03dy
x-powered-by
ImageX
x-swift-cachetime
31521612
x-cache
HIT TCP_MEM_HIT dirn:10:430000680
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache;desc=HIT,edge;dur=4
x-swift-savetime
Sat, 17 Dec 2022 15:02:50 GMT
x-length
517096
content-length
517096
last-modified
Sat, 17 Dec 2022 11:00:48 GMT
server
Tengine
x-tt-logid
2022121719004801013516002323962051
x-response-date
Sat, 17 Dec 2022 19:00:48 GMT
ali-swift-global-savetime
1671274982
content-type
image/gif
access-control-allow-origin
*
nw-session-trace
2022-12-17T19:00:48.951640063+08:00 34
cache-control
max-age=31536000
x-request-ip
fdbd:dc01:26:265::25
x-response-cinfo
2001:1b60:2:240:3247::2
imagex-fmt
gif2gif
x-response-cache
edge_hit
timing-allow-origin
*, *
x-tt-trace-host
0156955fc470bb953a0b1147c1aa60a6133df6808e33a076dc55c5d4e6ddc1f088e6baed07b208d10b5227276bb154cfa546dcd881210b7b461600e379f91b53b0aad521c81e727ea44b9c8730f92557c177891df9d9507f8dd1d15af7154d7cbd6213cab4c8ed01a9baa0af3e836dbe60
eagleid
79c2079716734300090244881e

Redirect headers

location
https://p3.douyinpic.com/obj/tos-cn-i-dy/49dac90644c340f592fd293b1984c9a6
cache-control
max-age=3600
referrer-policy
no-referrer
960-80.png
tu.sljttpkj.net/3569tu/ Frame 7685 		574 KB
575 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tu.sljttpkj.net/3569tu/960-80.png
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.239.187.174 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
0b2450e440026a2abc0c6637dab790a67468754eaa0e0a3d5a90c00c3811abe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:05 GMT
last-modified
Tue, 20 Jan 1970 12:56:49 GMT
server
WAF/2.4-12.1
etag
"19c291-8f9b0"
x-cache-status
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
588208
expires
Fri, 10 Feb 2023 04:11:28 GMT
761b92b8d7ce4182ab054a1f89b6063f.gif
66668aaa.com/ Frame 7685 		708 KB
708 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://66668aaa.com/761b92b8d7ce4182ab054a1f89b6063f.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 07:09:12 GMT
Last-Modified
Tue, 15 Nov 2022 04:33:24 GMT
Server
nginx
ETag
"63731694-b0f85"
X-Cache
HIT from yd11_13-cdn-g01-la2-36
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
724869
5f356028e5e94176f56a75568e49ae20.gif
pic.rmb.bdstatic.com/bjh/ Frame 7685 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.10.104.115 -, , ASN (),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
1296026
date
Wed, 11 Jan 2023 09:40:08 GMT
content-md5
XzVgKOXpQXb1anVWjkmuIA==
age
436767
x-cache-status
HIT
x-bce-storage-class
STANDARD
content-length
1296026
ohc-cache-hit
fra01-sys-jomo6.fra01.baidu.com [2], fra01-sys-jomo8.fra01.baidu.com [2], zhuzuncache62 [3], suzix207 [3]
last-modified
Sun, 01 May 2022 03:41:02 GMT
server
JSP3/2.0.14
etag
"5f356028e5e94176f56a75568e49ae20"
x-bce-request-id
f2b33ae6-db81-4f70-9150-c6452b74a3f4
content-type
image/gif
x-bce-debug-id
qoHJbuYLCrwt6BohAJHKhB1la/dLtPckbQZCDsLdCYj3ffbVUHMGsmUK6fqoM0iXz1HI2DGQutkKVrhCRx8zZA==
ohc-global-saved-time
Tue, 27 Dec 2022 03:44:37 GMT
accept-ranges
bytes
timing-allow-origin
*
x-bce-content-crc32
619664397
expires
Fri, 30 Dec 2022 03:44:37 GMT
810ef977e1cd11c0.gif
kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/ Frame 7685 		0
0
c45dd20fdac2727b.gif
kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/ Frame 7685 		0
0
960x80.gif
595tuchuang.com/ Frame 7685 		0
0
8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
kzeii.com/ Frame 7685 		552 KB
553 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:8400:10:6ea1:f8c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:27:40 GMT
via
1.1 8c73194b247676a80d86714cba2447a4.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 09:06:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
47549
etag
"6a2c609ad0c46bb1b8d9cd39eacde625"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
565615
x-amz-cf-id
y6-l8U8EAXxzXn5hJz7Vb99anttW0A-Bvbc3DEIP_B995g4i098gEg==
960X80.gif
qp.ezfxpuo.cn/ Frame 7685 		0
0
banner-960x80.gif
www.linkpicture.com/q/ Frame 7685 		194 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linkpicture.com/q/banner-960x80.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebb6 -, , ASN (),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f7d9bf6def0bd8ccc0a55718d7c9844b36cc519d2400e856908d024066c4bb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:08 GMT
cf-cache-status
HIT
last-modified
Sat, 12 Nov 2022 07:30:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
385
etag
"636f4ba5-30952"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0peMoLpJMUu9z77G4lYoK7ppkjFcCtCNdCt4OHMSZfFIZXKeGU2GinbsjLPuWbLbLTs%2Ba0JM8OOnSVw4rTUD8M%2BYSaHzS4vx%2FBE%2BgD%2FUxf9Y6j3F6kh92MioP4xA9lCy0%2BlIerbEmLcND99oE4ikKX%2FH"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
787cb06fefc89110-FRA
content-length
198994
10151.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 7685 		607 KB
608 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/10151.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15064
x-jsd-version
main
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
621536
x-served-by
cache-fra19127-FRA, cache-yyz4565-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"97be0-yyA4T82wjwMBSXVhjlvX3mBDGe8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ6Gk4Z0%2BlY%2BuEhgqiWzHSdvm4lUZK%2Bx5c9hjzRllT6rnuWHrSqZs3u8Er0NCsqKxemcjJWD8n0tCn1QRdr5gUlWz%2BgWJsS%2B0vtQ671SXNWZO19iJnZjA0h0i2TRhURLe9c1YXykZ3Tl64EPuGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
787cb06fec852be5-FRA
960-80.gif
3p8801.co/xx/ Frame 7685 		0
0
440e4613c87e49aaa978851137a2e2cb
p9.toutiaoimg.com/origin/pgc-image/ Frame 7685 		0
0
960x80-1.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 7685 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80-1.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15063
x-jsd-version
main
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44758
x-served-by
cache-fra19147-FRA, cache-iad-kiad7000022-IAD
x-jsd-version-type
branch
server
cloudflare
etag
W/"aed6-hF5K1ES+D5PhI177qGfqnIaQYP0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Feyk9LxC5RnsoydkuN8nLL5frrOAJcu1U13RP8USIR7ZP8Z6uWrpHfgx%2F4kJkL9TFzMwwwCBceBHHIX4s6E%2FO1jhbNu%2BwtOPxZ%2F6e61GAvm6x6XXQ%2F7wPkIIUIElRTyjy51nqvyt0J5UStSXGUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
787cb0709e0b2be5-FRA
960x80.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 7685 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15063
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
182413
x-served-by
cache-fra19140-FRA, cache-cdg20746-CDG
x-jsd-version-type
branch
server
cloudflare
etag
W/"2c88d-iHJwx6wJOEqfCDMhqtFnWhvAPto"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVqIZJgi5hBFsYSwaXSTl6wQL61yBjQcty1VlT3IcHoVzeVsN8PlPXFm35rxXya9fkpNyS2SYZWTjmDQB8DQwgUemfCgjN2R22X7Meol%2FsNIXjoS8SBd4X6C4Ej9Ytjrg1hVHQp7lDsHCQYnfwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
787cb0709e0e2be5-FRA
960x80.gif
8499165.com/8499/zzxx/ Frame 7685 		0
0
loading.svg
hjha2.com/template/kuli04/images/ Frame 7685 		506 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hjha2.com:8443/template/kuli04/images/loading.svg
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 09:40:04 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 08 Nov 2021 09:18:25 GMT
server
nginx
etag
"6188eb61-1fa"
content-type
image/svg+xml
accept-ranges
bytes
content-length
506
ef0924d4ebfa9547d665d.jpg
skyimg.sky4k.top//file/ Frame 7685 		0
0
06bc2769a3cc4268b5c43cf6eeb7ee95.gif
573569djd.com/ Frame 7685 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://573569djd.com/06bc2769a3cc4268b5c43cf6eeb7ee95.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.121 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5623987f3399652066ac075bbf5ff8e116e13c846219fdafd4fb8d48e2b643ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 09:40:07 GMT
Last-Modified
Fri, 23 Dec 2022 06:28:18 GMT
Server
nginx
ETag
"63a54a82-51df"
X-Cache
MISS from cloud-us2-cdnb-21
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
20959
c0ba90b97aaff0d0.gif
kjimg10.360buyimg.com/ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/ Frame 7685 		0
0
777d2af1e8a74ca3aa77500ba390d2b8.gif
66663aaa.com/ Frame 7685 		0
0
638dee7409ca91e0020145cf.giff
img.1153555.com/images/ Frame 7685 		0
0
18a826d2c1854a968a41d3ed4a8b3040.gif
9366qq.com/ Frame 7685 		0
0
f67b410855efed07dc1783436baaa5f7.gif
kveii.com/ Frame 7685 		0
0
app0921.jpg
cdn.jsdelivr.net/gh/kkkll22/img@main/index/ Frame 7685 		0
0
150x150.gif
8499165.com/8499/ Frame 7685 		0
0
bf42ce11ec6d463089ce9700d48fda78.gif
n5267.com/ Frame 7685 		0
0
aab3399958e94de783e501d0a88d0e64.png
253669vqx.com/ Frame 7685 		0
0
ea0205dd2b044b828f59e1e34d305c5e.gif
253669vqx.com/ Frame 7685 		0
0
ccc593dbd14e435090d641cfcfd54d7c.gif
99887aaa.com/ Frame 7685 		0
0
63a413e6ed713b93977c71e6.gif
img.7652a.com/images/ Frame 7685 		0
0
611b9ad45820b75f.gif
s3.bmp.ovh/imgs/2023/01/08/ Frame 7685 		0
0
300.gif
i.ibb.co/BzS1Fs3/ Frame 7685 		0
0
120X120.gif
qp.ezfxpuo.cn/ Frame 7685 		0
0
ptv300.gif
papatv.cloud/ Frame 7685 		0
0
hy.gif
tgqd.tsmgsoce.com/imgf/ Frame 7685 		0
0
666.gif
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/ Frame 7685 		0
0
9e035e37d26610003bfb7c743f35ffc2.jpg
fls003.com/upload/uploads-images/default/other/2022-08-10/ Frame 7685 		0
0
200-200.png
tu.sljttpkj.net/3569tu/ Frame 7685 		0
0
truncated
/ Frame 7685 		254 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
hm.js
hm.baidu.com/ Frame 7685 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?41537b718b08fa02fbaf62417f6eff43
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
e2fc137fe7e0f27841126b41c7786c8fe2bc21bfedf4b24e89807909648ddc32
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 09:40:05 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5e8bbb14e829f4a1a2891dcaf9a23c9c
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11254
2106
kg.awyyzx.com/sc/ Frame 7685 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kg.awyyzx.com/sc/2106?n=qtxjutzy
Requested by
Host: npiza.com
URL: http://npiza.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.1.0.71 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 / PHP/5.6.31
Resource Hash
d7b4644dd196ea0428f7274484a2df1a89dac64362f20013427023cf69442792

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
max-age=1800
Date
Tue, 10 Jan 2023 17:43:22 GMT
X-Cache-Lookup
Cache Hit
Server
nginx/1.18.0
Age
57127
X-Powered-By
PHP/5.6.31
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=1800
X-NWS-LOG-UUID
5165662080667896444
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10551
truncated
/ Frame 7685 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e

Request headers

Referer
Origin
https://hjha2.com:8443
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
hm.gif
hm.baidu.com/ Frame 7685 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
npiza.com
URL
http://npiza.com/tongji.js
Domain
p3.douyinpic.com
URL
https://p3.douyinpic.com/obj/tos-cn-i-dy/05d5a719cd634136913ab0d8ff47c1fa
Domain
kjimg10.360buyimg.com
URL
https://kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif
Domain
kjimg10.360buyimg.com
URL
https://kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif
Domain
595tuchuang.com
URL
https://595tuchuang.com/960x80.gif
Domain
qp.ezfxpuo.cn
URL
https://qp.ezfxpuo.cn/960X80.gif
Domain
3p8801.co
URL
https://3p8801.co/xx/960-80.gif
Domain
p9.toutiaoimg.com
URL
https://p9.toutiaoimg.com/origin/pgc-image/440e4613c87e49aaa978851137a2e2cb
Domain
8499165.com
URL
https://8499165.com/8499/zzxx/960x80.gif
Domain
skyimg.sky4k.top
URL
https://skyimg.sky4k.top//file/ef0924d4ebfa9547d665d.jpg
Domain
kjimg10.360buyimg.com
URL
https://kjimg10.360buyimg.com/ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/c0ba90b97aaff0d0.gif
Domain
66663aaa.com
URL
https://66663aaa.com/777d2af1e8a74ca3aa77500ba390d2b8.gif
Domain
img.1153555.com
URL
https://img.1153555.com/images/638dee7409ca91e0020145cf.giff
Domain
9366qq.com
URL
https://9366qq.com/18a826d2c1854a968a41d3ed4a8b3040.gif
Domain
kveii.com
URL
https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/kkkll22/img@main/index/app0921.jpg
Domain
8499165.com
URL
https://8499165.com/8499/150x150.gif
Domain
n5267.com
URL
https://n5267.com/bf42ce11ec6d463089ce9700d48fda78.gif
Domain
253669vqx.com
URL
https://253669vqx.com/aab3399958e94de783e501d0a88d0e64.png
Domain
253669vqx.com
URL
https://253669vqx.com/ea0205dd2b044b828f59e1e34d305c5e.gif
Domain
99887aaa.com
URL
https://99887aaa.com/ccc593dbd14e435090d641cfcfd54d7c.gif
Domain
img.7652a.com
URL
https://img.7652a.com/images/63a413e6ed713b93977c71e6.gif
Domain
s3.bmp.ovh
URL
https://s3.bmp.ovh/imgs/2023/01/08/611b9ad45820b75f.gif
Domain
i.ibb.co
URL
https://i.ibb.co/BzS1Fs3/300.gif
Domain
qp.ezfxpuo.cn
URL
https://qp.ezfxpuo.cn/120X120.gif
Domain
papatv.cloud
URL
https://papatv.cloud:1688/ptv300.gif
Domain
tgqd.tsmgsoce.com
URL
https://tgqd.tsmgsoce.com/imgf/hy.gif
Domain
yaoji666.oss-cn-hongkong.aliyuncs.com
URL
https://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/666.gif
Domain
fls003.com
URL
https://fls003.com/upload/uploads-images/default/other/2022-08-10/9e035e37d26610003bfb7c743f35ffc2.jpg?_v=20220701
Domain
tu.sljttpkj.net
URL
https://tu.sljttpkj.net/3569tu/200-200.png
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1745671318&si=41537b718b08fa02fbaf62417f6eff43&su=http%3A%2F%2Fnpiza.com%2F&v=1.3.0&lv=1&sn=59316&r=0&ww=1600&u=https%3A%2F%2Fhjha2.com%3A8443%2F&tt=%E9%BB%84%E9%87%91%E6%B5%B7%E5%B2%B8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: DCD501BC9CF7B700

6 Console Messages

Source Level URL
Text
network error URL: http://npiza.com/tongji.js
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
security warning URL: https://hjha2.com:8443/
Message:
Mixed Content: The page at 'https://hjha2.com:8443/' was loaded over HTTPS, but requested an insecure element 'http://595tuchuang.com/960x80.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hjha2.com:8443/
Message:
Mixed Content: The page at 'https://hjha2.com:8443/' was loaded over HTTPS, but requested an insecure element 'http://595tuchuang.com/960x80.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hjha2.com:8443/(Line 315)
Message:
Mixed Content: The page at 'https://hjha2.com:8443/' was loaded over HTTPS, but requested an insecure element 'http://595tuchuang.com/960x80.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hjha2.com:8443/(Line 315)
Message:
Mixed Content: The page at 'https://hjha2.com:8443/' was loaded over HTTPS, but requested an insecure element 'http://595tuchuang.com/960x80.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://s3.bmp.ovh/imgs/2023/01/08/96141da8a6abd7d5.gif
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

223969ufy.com
253669vqx.com
362728tdg.com
375772rug.com
3p8801.co
573569djd.com
595tuchuang.com
66663aaa.com
66668aaa.com
832793jse.com
8499163.com
8499165.com
88668aaa.com
9366qq.com
99887aaa.com
99996aaa.com
cdn.jsdelivr.net
fls003.com
hjha2.com
hm.baidu.com
i.ibb.co
img.1153555.com
img.1163555.com
img.7652a.com
kg.awyyzx.com
kjimg10.360buyimg.com
kveii.com
kzeii.com
n5267.com
npiza.com
p3.douyinpic.com
p9.toutiaoimg.com
papatv.cloud
pic.rmb.bdstatic.com
qp.ezfxpuo.cn
s3.bmp.ovh
skyimg.sky4k.top
tgqd.tsmgsoce.com
tu.sljttpkj.net
www.linkpicture.com
yaoji666.oss-cn-hongkong.aliyuncs.com
253669vqx.com
3p8801.co
595tuchuang.com
66663aaa.com
8499165.com
9366qq.com
99887aaa.com
cdn.jsdelivr.net
fls003.com
hm.baidu.com
i.ibb.co
img.1153555.com
img.7652a.com
kjimg10.360buyimg.com
kveii.com
n5267.com
npiza.com
p3.douyinpic.com
p9.toutiaoimg.com
papatv.cloud
qp.ezfxpuo.cn
s3.bmp.ovh
skyimg.sky4k.top
tgqd.tsmgsoce.com
tu.sljttpkj.net
yaoji666.oss-cn-hongkong.aliyuncs.com
103.170.15.101
103.170.15.106
103.170.15.111
103.170.15.96
103.235.46.191
113.1.0.71
154.23.154.213
185.10.104.115
194.13.80.102
198.16.37.83
20.239.187.174
2001:da8:20d:40da:3::3f3
23.225.237.36
2600:9000:200a:8400:10:6ea1:f8c0:93a1
2606:4700:3038::6815:ebb6
2606:4700::6810:5914
38.54.37.233
45.61.212.121
45.61.212.49
0b2450e440026a2abc0c6637dab790a67468754eaa0e0a3d5a90c00c3811abe5
0b374b57ebcf263193d88c13eddb10aecc4e3e9ce6b0bba17fc9cb0b053bf438
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
5083c6eec3b0beac9b5b0f287a69e8169efbb469c19b9083c12b2ed239936e6f
5623987f3399652066ac075bbf5ff8e116e13c846219fdafd4fb8d48e2b643ed
5b39dca97f810d0e15de04210c6b7526befaa3dde3bb2e55177ca44006b28a04
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f
7fd5a884a941ec7debff6bf4eadd3bb579a6b83f9361eb5a6dcd978e9199d3d6
8afb1e13ddcb4becf8c4723f6c8e7ce07df67db20ca3de839f18e0d886fdf419
8d7488ccf2b369926af3345ce4a5f94f273cbc768ac0fbc10739d3d4b717c32f
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad
b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7
c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
d7b4644dd196ea0428f7274484a2df1a89dac64362f20013427023cf69442792
e222c8e1ed8c2db3c2c03671691c30a5755610e36b05c5772dc173bbe531b8ef
e27ce8615a286f31afae3a6f5580deb2e30d2e9c0a4248a3b7e2d165a89f2cb5
e2fc137fe7e0f27841126b41c7786c8fe2bc21bfedf4b24e89807909648ddc32
f112d25e36afdd5b3c15a587d6d61ea28c58e2b6d1360fd62767efdc6b2062ab
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e
f7d9bf6def0bd8ccc0a55718d7c9844b36cc519d2400e856908d024066c4bb14
fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff