urlscan.io logo urlscan.io
SecurityTrails logo

qingflow.com Open in urlscan Pro
47.102.225.181  Public Scan

Go To Rescan Add Verdict Report
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJ...
Submission: On April 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 38 HTTP transactions. The main IP is 47.102.225.181, located in Shanghai, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is qingflow.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on June 3rd 2020. Valid for: 2 years.
This is the only time qingflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 47.102.225.181 37963 (ALIBABA-C...)
7 8.45.176.211 24429 (TAOBAO Zh...)
2 203.205.137.235 132203 (TENCENT-N...)
1 43.154.240.235 132203 (TENCENT-N...)
2 8.45.176.210 24429 (TAOBAO Zh...)
2 47.89.75.200 45102 (ALIBABA-C...)
5 180.163.251.76 4812 (CHINANET-...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 171.8.167.94 4134 (CHINANET-...)
1 36.99.171.172 4134 (CHINANET-...)
1 47.246.110.95 45102 (ALIBABA-C...)
7 180.163.247.134 4812 (CHINANET-...)
2 2 142.250.185.98 15169 (GOOGLE)
1 1 59.82.31.142 37963 (ALIBABA-C...)
1 1 110.242.68.135 4837 (CHINA169-...)
1 1 2408:4001:f00... 37963 (ALIBABA-C...)
1 1 140.207.202.69 17621 (CNCGROUP-...)
1 104.192.108.23 55992 (QIHOO Bei...)
1 2 163.177.151.160 136958 (UNICOM-GU...)
1 185.10.104.115 55967 (BAIDU Bei...)
38 16
2    47.102.225.181 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
qingflow.com
7    8.45.176.211 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
cdn.qingflow.com
2    203.205.137.235 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
res.wx.qq.com
wwcdn.weixin.qq.com
1    43.154.240.235 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
open.work.weixin.qq.com
2    8.45.176.210 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
file.qingflow.com
2    47.89.75.200 (Singapore, Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
webapi.amap.com
5    180.163.251.76 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)
s.union.360.cn
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    171.8.167.94 (Zhengzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: 8.171.broad.ha.dynamic.163data.com.cn
360fenxi.mediav.com
1    36.99.171.172 (Xuhui, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
e.so.com
1    47.246.110.95 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
restapi.amap.com
7    180.163.247.134 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)
ckmap.mediav.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    59.82.31.142 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cms.tanx.com
1    110.242.68.135 (Beijing, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
cm.pos.baidu.com
1    2408:4001:f00::1af (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cm.miaozhen.atm.youku.com
1    140.207.202.69 (China)

ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN)
max.dmp.360.cn
1    104.192.108.23 (United States)

ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN)
3m.mediav.com
2    163.177.151.160 (China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)
ada.baidu.com
1    185.10.104.115 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
fe-resource.cdn.bcebos.com
Apex Domain
Subdomains		 Transfer
11 qingflow.com
qingflow.com
cdn.qingflow.com
file.qingflow.com
2 MB
9 mediav.com
360fenxi.mediav.com — Cisco Umbrella Rank: 231854
ckmap.mediav.com — Cisco Umbrella Rank: 316728
3m.mediav.com — Cisco Umbrella Rank: 438688
5 KB
6 360.cn
s.union.360.cn — Cisco Umbrella Rank: 137940
max.dmp.360.cn — Cisco Umbrella Rank: 442185
13 KB
5 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 7944
cm.pos.baidu.com — Cisco Umbrella Rank: 192136
ada.baidu.com — Cisco Umbrella Rank: 37473
18 KB
3 amap.com
webapi.amap.com — Cisco Umbrella Rank: 48645
restapi.amap.com — Cisco Umbrella Rank: 17715
151 KB
3 qq.com
res.wx.qq.com — Cisco Umbrella Rank: 12739
open.work.weixin.qq.com — Cisco Umbrella Rank: 124492
wwcdn.weixin.qq.com — Cisco Umbrella Rank: 82358
12 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
1021 B
1 bcebos.com
fe-resource.cdn.bcebos.com — Cisco Umbrella Rank: 151847
29 KB
1 youku.com
cm.miaozhen.atm.youku.com — Cisco Umbrella Rank: 453370
375 B
1 tanx.com
cms.tanx.com — Cisco Umbrella Rank: 152242
339 B
1 so.com
e.so.com — Cisco Umbrella Rank: 92918
224 B
38 11
Domain Requested by
7 ckmap.mediav.com 360fenxi.mediav.com
ckmap.mediav.com
3m.mediav.com
7 cdn.qingflow.com qingflow.com
5 s.union.360.cn qingflow.com
s.union.360.cn
2 ada.baidu.com 1 redirects hm.baidu.com
2 cm.g.doubleclick.net 2 redirects
2 hm.baidu.com qingflow.com
2 webapi.amap.com qingflow.com
webapi.amap.com
2 file.qingflow.com qingflow.com
2 qingflow.com qingflow.com
1 fe-resource.cdn.bcebos.com qingflow.com
1 3m.mediav.com ckmap.mediav.com
1 max.dmp.360.cn 1 redirects
1 cm.miaozhen.atm.youku.com 1 redirects
1 cm.pos.baidu.com 1 redirects
1 cms.tanx.com 1 redirects
1 restapi.amap.com webapi.amap.com
1 e.so.com s.union.360.cn
1 360fenxi.mediav.com s.union.360.cn
1 wwcdn.weixin.qq.com qingflow.com
1 open.work.weixin.qq.com qingflow.com
1 res.wx.qq.com qingflow.com
38 21

This site contains no links.

Subject Issuer Validity Valid
*.qingflow.com
RapidSSL RSA CA 2018		 2020-06-03 -
2022-08-02		 2 years crt.sh
weixin.qq.com
DigiCert Secure Site CN CA G3		 2021-08-16 -
2022-09-16		 a year crt.sh
work.weixin.qq.com
DigiCert Secure Site CN CA G3		 2021-12-30 -
2022-06-21		 6 months crt.sh
*.alibabacorp.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-04-05 -
2022-05-07		 a year crt.sh
*.union.360.cn
WoTrus OV SSL CA		 2020-02-12 -
2022-05-12		 2 years crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-02-21 -
2022-08-02		 5 months crt.sh
*.mediav.com
WoTrus OV SSL CA		 2020-02-12 -
2022-05-12		 2 years crt.sh
tf.360.cn
WoTrus OV SSL CA		 2020-02-19 -
2022-05-19		 2 years crt.sh
*.amap.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-03-25 -
2022-04-26		 a year crt.sh

This page contains 5 frames:

Primary Page: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Frame ID: 7CDF3E62EC4FE591B4A27B69D97F4CD4
Requests: 28 HTTP requests in this frame

Frame: https://360fenxi.mediav.com/mediav1130.html
Frame ID: F9218BF91BBDBED0F26DDBEB60039A86
Requests: 1 HTTP requests in this frame

Frame: https://s.union.360.cn/proxy.html
Frame ID: 8670174CD9183998E7670A747AFE4D9C
Requests: 1 HTTP requests in this frame

Frame: https://ckmap.mediav.com/b?type=10
Frame ID: FD28B4368A4258DA8B9E1471C449298D
Requests: 6 HTTP requests in this frame

Frame: https://3m.mediav.com/ckmap.htm
Frame ID: DCC3463D4C029F232D7E4AED3D6C7E57
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

轻流

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

38
Requests

79 %
HTTPS

5 %
IPv6

11
Domains

21
Subdomains

16
IPs

4
Countries

1895 kB
Transfer

10117 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc&google_cm&tid=3&from_mv=1&google_ula=2121606 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc= HTTP 302
  • https://ckmap.mediav.com/m?tid=3&from_mv=1&google_gid=CAESEDcyBF1awr5nbimGqQ-JKGA&google_cver=1&google_ula=2121606,0
Request Chain 27
  • https://cms.tanx.com/t.gif?tanx_nid=29628860&tanx_cm&mediav_tid=15&from_mv=1 HTTP 302
  • https://ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
Request Chain 28
  • https://cm.pos.baidu.com/pixel?dspid=6455766&ext_data=1 HTTP 302
  • https://ckmap.mediav.com/m?tid=5PURL&baidu_error=1&timestamp=1649175070
Request Chain 29
  • https://cm.miaozhen.atm.youku.com/cm.gif?dspid=11115 HTTP 302
  • https://ckmap.mediav.com/m?tid=7&mzid=16491750697277EH
Request Chain 30
  • https://max.dmp.360.cn/?pid=dmp_1000 HTTP 302
  • https://ckmap.mediav.com/m?tid=627&tck=b04b102fd6d39d714792fdd600a141da
Request Chain 34
  • https://ada.baidu.com/phone-tracker/getjs_bdtj?sid=10738263 HTTP 302
  • https://fe-resource.cdn.bcebos.com/phoneTracker/phone-tracker_h5.js

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 61eed78e
qingflow.com/f/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.102.225.181 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
657550698fa8fe6d67596b34552c4b58963284f818f118fc893bfedffe7932ac

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 05 Apr 2022 16:10:58 GMT
ETag
W/"624829c7-1c45"
Last-Modified
Sat, 02 Apr 2022 10:47:35 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
environment.js
cdn.qingflow.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qingflow.com/environment.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.176.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6887d9db6044389e8f0f077b92f3502928653d77dad2fa024d2fa280ee88a9ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 01:31:15 GMT
content-encoding
gzip
age
52785
x-cache
HIT TCP_MEM_HIT dirn:11:41236495
x-swift-cachetime
592049
x-swift-savetime
Tue, 05 Apr 2022 05:03:46 GMT
content-length
999
access-control-allow-origin
*
last-modified
Sat, 02 Apr 2022 10:47:35 GMT
server
Tengine
etag
W/"624829c7-79c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
cache1.l2de2[0,0,200-0,H], cache23.l2de2[1,0], cache6.us15[0,0,200-0,H], cache1.us15[2,0]
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
eagleid
082db09516491750609493089e
ali-swift-global-savetime
1649122275
jweixin-1.2.0.js
res.wx.qq.com/open/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.wx.qq.com/open/js/jweixin-1.2.0.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.235 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:11:01 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Mon, 04 Apr 2022 07:40:00 GMT
server
NWS_UGC_HY
vary
Origin
content-type
application/x-javascript
access-control-allow-origin
http://open.weixin.qq.com
cache-control
must-revalidate, max-age=31536000
x-nws-log-uuid
8b247ee9-818f-41b1-b9cd-54e59af84ae8
content-length
3818
expires
Wed, 05 Apr 2023 16:11:00 GMT
jwxwork-1.0.0.js
open.work.weixin.qq.com/wwopen/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.work.weixin.qq.com/wwopen/js/jwxwork-1.0.0.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.154.240.235 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
c9c1fdd6885204d062bf6dc224d617ada7d519b70f4d0ed44c7c32b206027480

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:11:01 GMT
content-encoding
gzip
server
nginx
etag
W/"5440-o8KqcQTuberQCv7kiyi/AztouU0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
exif.min.js
file.qingflow.com/assets/scripts/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://file.qingflow.com/assets/scripts/exif.min.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.45.176.210 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7619bd478a6018074496dfd9f019ca93d7ec684b6a4b3d75bb4f85c022171f2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:29:19 GMT
via
cache34.l2ot7-1[653,653,304-0,M], cache27.l2ot7-1[655,0], cache2.us15[0,0,200-0,H], cache2.us15[1,0]
etag
"48814126E2CD29AC30E68E012934C6D8"
x-oss-request-id
624C604F3587915F9728C4BE
content-md5
SIFBJuLNKaww5o4BKTTG2A==
age
2503
x-cache
HIT TCP_MEM_HIT dirn:11:458089207
x-oss-extend-log-field
,,
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 05 Apr 2022 15:29:19 GMT
content-length
14804
x-oss-object-type
Normal
last-modified
Mon, 21 Jan 2019 11:44:18 GMT
server
Tengine
x-oss-version-id
null
ali-swift-global-savetime
1649172559
content-type
text/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
17582106878270901844
eagleid
082db09616491750621122242e
x-oss-server-time
2
wxLogin.js
file.qingflow.com/assets/scripts/ 		567 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://file.qingflow.com/assets/scripts/wxLogin.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.45.176.210 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1504b7b535791471cf6e9abfbffc3f7515cf77e4735da87e8143b6cdc1a49e48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:06:14 GMT
via
cache5.l2ot7-1[0,0,304-0,H], cache13.l2ot7-1[1,0], cache3.us15[0,0,200-0,H], cache2.us15[2,0]
etag
"5A676B71D687D7C323DF7E7980EECD55"
x-oss-request-id
624C5AE6A33E782C8946BE27
content-md5
WmdrcdaH18Mj3355gO7NVQ==
age
3888
x-cache
HIT TCP_MEM_HIT dirn:10:291744955
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 05 Apr 2022 15:29:18 GMT
content-length
567
x-oss-object-type
Normal
last-modified
Mon, 21 Jan 2019 11:44:19 GMT
server
Tengine
x-oss-version-id
null
ali-swift-global-savetime
1649171174
content-type
text/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
9444599445480414871
eagleid
082db09616491750621122245e
x-oss-server-time
2
maps
webapi.amap.com/ 		337 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webapi.amap.com/maps?v=1.4.11&key=07e9c9b0fa99868f7e90dfc7ae12e96c
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
47.89.75.200 Singapore, Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
8b052cf5a5818acaa8d21467d02778d0e6c55aa4d15f15e79bda4de5dce0740e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:11:03 GMT
content-encoding
gzip
server
Tengine/Aserver
etag
W/7d1486fa9e502ad43629dfda238e717f
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-readtime
3
cache-control
max-age=0
strict-transport-security
max-age=0
timing-allow-origin
*
access-control-allow-headers
*
eagleeye-traceid
0b114d9d16491750637375875ea84f
x-server-id
72446e765a0ee479614554419edfe3ecf8e28af5064da114940c013c7160f143730a6faa850f76d4
runtime.4929e33d055434bed5d1.js
cdn.qingflow.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qingflow.com/runtime.4929e33d055434bed5d1.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.176.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
0f638cd464a1512ffabc8a2cfc1685473eb34784001d5e11c220e164dc610a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 10:48:24 GMT
content-encoding
gzip
age
278557
x-cache
HIT TCP_MEM_HIT dirn:10:140797992
x-swift-cachetime
604398
x-swift-savetime
Sat, 02 Apr 2022 10:55:06 GMT
content-length
3970
access-control-allow-origin
*
last-modified
Sat, 02 Apr 2022 10:47:35 GMT
server
Tengine
etag
W/"624829c7-2678"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
cache14.l2hk71[0,0,200-0,H], cache11.l2hk71[1,0], cache5.us15[0,0,200-0,H], cache1.us15[4,0]
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
eagleid
082db09516491750612713993e
ali-swift-global-savetime
1648896504
polyfills.aa5a38d45fde72870729.js
cdn.qingflow.com/ 		96 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qingflow.com/polyfills.aa5a38d45fde72870729.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.176.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
19d69e77eac42cdea89b4d82a15dc756f624cfc01c61cb2d7173bbc537ee4aac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 13:38:20 GMT
content-encoding
gzip
age
441161
x-cache
HIT TCP_MEM_HIT dirn:11:246201828
x-swift-cachetime
604614
x-swift-savetime
Thu, 31 Mar 2022 13:41:26 GMT
content-length
35317
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:46:46 GMT
server
Tengine
etag
W/"62445136-18026"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
cache22.l2hk71[0,0,200-0,H], cache9.l2hk71[1,0], cache2.us15[0,0,200-0,H], cache1.us15[3,0]
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
eagleid
082db09516491750612723994e
ali-swift-global-savetime
1648733900
scripts.0e992dfafc60a260576c.js
cdn.qingflow.com/ 		708 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qingflow.com/scripts.0e992dfafc60a260576c.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.176.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
87fcf947de5a385c97a07066d8d4fa34a978ca5d1b472262275ec58d832ebd9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 13:38:20 GMT
content-encoding
gzip
age
441161
x-cache
HIT TCP_MEM_HIT dirn:10:254425110
x-swift-cachetime
604614
x-swift-savetime
Thu, 31 Mar 2022 13:41:26 GMT
content-length
190216
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:46:46 GMT
server
Tengine
etag
W/"62445136-b1005"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
cache9.l2hk71[0,0,200-0,H], cache18.l2hk71[1,0], cache2.us15[0,0,200-0,H], cache1.us15[3,0]
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
eagleid
082db09516491750612723997e
ali-swift-global-savetime
1648733900
vendor.3281f6c2952be3be9873.js
cdn.qingflow.com/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qingflow.com/vendor.3281f6c2952be3be9873.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.176.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ed2abb6c29ec97196fb4f136b7395a70d24de72e73956bd522923aaf03d5e5b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 16:34:51 GMT
content-encoding
gzip
age
430570
x-cache
HIT TCP_MEM_HIT dirn:10:451630062
x-swift-cachetime
600293
x-swift-savetime
Thu, 31 Mar 2022 17:49:58 GMT
content-length
1347943
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 16:19:37 GMT
server
Tengine
etag
W/"6245d499-4d4ecb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
cache26.l2de2[0,0,200-0,H], cache4.l2de2[1,0], cache3.us15[0,0,200-0,H], cache1.us15[3,0]
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
eagleid
082db09516491750612724002e
ali-swift-global-savetime
1648744491
main.aafc1618db26fbb5816c.js
cdn.qingflow.com/ 		2 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qingflow.com/main.aafc1618db26fbb5816c.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.176.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 10:48:24 GMT
content-encoding
gzip
age
278557
x-cache
HIT TCP_MEM_HIT dirn:11:181012107
x-swift-cachetime
604397
x-swift-savetime
Sat, 02 Apr 2022 10:55:07 GMT
content-length
462293
access-control-allow-origin
*
last-modified
Sat, 02 Apr 2022 10:47:35 GMT
server
Tengine
etag
W/"624829c7-1dfc16"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
cache2.l2hk71[0,0,200-0,H], cache7.l2hk71[1,0], cache4.us15[0,0,200-0,H], cache1.us15[3,0]
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
eagleid
082db09516491750612724004e
ali-swift-global-savetime
1648896504
374225.js
s.union.360.cn/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.union.360.cn/374225.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.251.76 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.9.15.1 /
Resource Hash
db5bf26f7b489fc0d8048938446dfff29f27cb8431601ab74cca9968463482ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 16:11:03 GMT
Content-Encoding
gzip
Server
openresty/1.9.15.1
Etag
W/"7ec2831cc459b963e9c04af35fda2a59"
Vary
Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
close
Content-Type
text/plain
styles.ec886082fd49ef95d88c.css
cdn.qingflow.com/ 		747 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.qingflow.com/styles.ec886082fd49ef95d88c.css
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.176.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
04dca859cd032694a28e55f9de0be9e5dd23c93609e728978c91d58804c35d9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 16:34:47 GMT
content-encoding
gzip
age
430574
x-cache
HIT TCP_HIT dirn:9:114329315
x-swift-cachetime
600289
x-swift-savetime
Thu, 31 Mar 2022 17:49:58 GMT
content-length
105772
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 16:19:37 GMT
server
Tengine
etag
W/"6245d499-bab72"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
cache3.l2de2[0,0,200-0,H], cache2.l2de2[1,0], cache3.us15[0,1,200-0,H], cache1.us15[6,0]
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
eagleid
082db09516491750612724009e
ali-swift-global-savetime
1648744487
1x1-00000000.91e42db1c6.png
wwcdn.weixin.qq.com/node/wework/images/ 		68 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwcdn.weixin.qq.com/node/wework/images/1x1-00000000.91e42db1c6.png
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.235 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:11:03 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Fri, 10 Jan 2020 03:27:45 GMT
server
NWS_UGC_HY
content-type
image/png
cache-control
max-age=315360000
x-nws-log-uuid
6647e6bd-eba1-4578-bddc-7b44ff35ab1f
content-length
68
expires
Fri, 02 Apr 2032 16:11:02 GMT
%E6%80%9D%E6%BA%90%E9%BB%91%E4%BD%93SourceHanSansCN-Regular.be37d606385ec5a4ff63.otf
qingflow.com/ 		1 MB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://qingflow.com/%E6%80%9D%E6%BA%90%E9%BB%91%E4%BD%93SourceHanSansCN-Regular.be37d606385ec5a4ff63.otf
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.102.225.181 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Origin
https://qingflow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 16:11:01 GMT
Last-Modified
Sat, 02 Apr 2022 10:47:35 GMT
ETag
"624829c7-7fa328"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
8364840
hm.js
hm.baidu.com/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?176844363a372d74c235e5cb2aaf387c
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
ab2226e3181f525d892d82c4a126102b9d4118e25bf312ac2c38d1e41864ff89
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 16:11:04 GMT
Content-Encoding
gzip
Server
apache
Etag
e111c673f473b37edb5530484468d7dd
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
15299
mediav1130.html
360fenxi.mediav.com/ Frame F921 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://360fenxi.mediav.com/mediav1130.html
Requested by
Host: s.union.360.cn
URL: https://s.union.360.cn/374225.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.8.167.94 Zhengzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
8.171.broad.ha.dynamic.163data.com.cn
Software
openresty/1.9.15.1 /
Resource Hash
2ccf4bf52269e8872e012440ee64499afc65c85f11206ff7651ebebce6fd4563

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 05 Apr 2022 16:11:06 GMT
ETag
W/"6220226d-6d1"
Last-Modified
Thu, 03 Mar 2022 02:05:33 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
openresty/1.9.15.1
Transfer-Encoding
chunked
proxy.html
s.union.360.cn/ Frame 8670 		707 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.union.360.cn/proxy.html
Requested by
Host: s.union.360.cn
URL: https://s.union.360.cn/374225.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.251.76 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.9.15.1 /
Resource Hash
b5b7a3acc57528c1de8659da46c03ffa5142c4207fe721866df18e39c9a5e3da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 05 Apr 2022 16:11:04 GMT
ETag
W/"6220226d-2c3"
Last-Modified
Thu, 03 Mar 2022 02:05:33 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
openresty/1.9.15.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
c.js
e.so.com/search/ 		0
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://e.so.com/search/c.js?u=3270422860&_=1649175063749
Requested by
Host: s.union.360.cn
URL: https://s.union.360.cn/374225.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
36.99.171.172 Xuhui, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 16:11:06 GMT
Server
nginx
X-Trace
"rt":0
Transfer-Encoding
chunked
X-Cache
MISS
Content-Type
text/javascript;charset=utf-8
Cache-Control
private
Connection
close
s.gif
s.union.360.cn/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.union.360.cn/s.gif?lts=1&et=100&si=374225&ldt=1&vis=visible&prv=0&guid=129587285.1871833191531899904.1649175063000.7249&huid=11qXYxrHNa7eBAqCnijmuQqXO3ayYh6XmfcH3Z1Sxo2%252BA%253D&t=1649175063741&v=3.2.0&_mtd=im
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.251.76 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.9.15.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Apr 2022 16:11:04 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty/1.9.15.1
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Connection
close
Content-Length
43
Expires
Fri, 01 Jan 1980 00:00:00 GMT
s.gif
s.union.360.cn/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.union.360.cn/s.gif?lts=1&et=0&ck=0&tit=%E8%BD%BB%E6%B5%81&adb=0&cl=24&ds=1600x1200&ln=en-US&url=https%3A%2F%2Fqingflow.com%2Ff%2F61eed78e%3Fqfchannel%3Djordan__%3B!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR%24&si=374225&su=&flt=1649175063&lt=1649175063&pt=166836198501682880&guid=129587285.1871833191531899904.1649175063000.7249&huid=11qXYxrHNa7eBAqCnijmuQqXO3ayYh6XmfcH3Z1Sxo2%252BA%253D&v=3.2.0&t=1649175064250&qhclickid=&_mtd=im
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.251.76 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.9.15.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Apr 2022 16:11:05 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty/1.9.15.1
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Connection
close
Content-Length
43
Expires
Fri, 01 Jan 1980 00:00:00 GMT
modules
webapi.amap.com/maps/ 		115 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webapi.amap.com/maps/modules?v=1.4.18&key=07e9c9b0fa99868f7e90dfc7ae12e96c&vrs=1638773898470&m=mouse,vectorlayer,overlay,wgl,sync
Requested by
Host: webapi.amap.com
URL: https://webapi.amap.com/maps?v=1.4.11&key=07e9c9b0fa99868f7e90dfc7ae12e96c
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
47.89.75.200 Singapore, Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
da646d2eaeb5ae4c0ead0cb0620867290230f7d1651adc4c07df4e5f89b3becd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:11:04 GMT
content-encoding
gzip
x-readtime
2
content-length
41606
server
Tengine/Aserver
etag
W/818bfacbdf9908eddb115325d2b95d79
strict-transport-security
max-age=0
access-control-allow-methods
*
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-server-id
72446e765a0ee479614554419edfe3ecf8e28af5064da11427a88dc4117388bc730a6faa850f76d4
cache-control
max-age=0
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
eagleeye-traceid
0b114d9d16491750647695909ea84f
init
restapi.amap.com/v3/log/ 		78 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restapi.amap.com/v3/log/init?s=rsv3&product=JsInit&key=07e9c9b0fa99868f7e90dfc7ae12e96c&t=1649175065284&resolution=1600*1200&mob=0&vt=1&dpr=1&scale=1&detect=false&callback=jsonp_293156_&platform=JS&logversion=2.0&appname=https%3A%2F%2Fqingflow.com%2Ff%2F61eed78e&csid=996F754C-BE9F-4F14-9A6B-5B0445339329&sdkversion=1.4.18
Requested by
Host: webapi.amap.com
URL: https://webapi.amap.com/maps?v=1.4.11&key=07e9c9b0fa99868f7e90dfc7ae12e96c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
47.246.110.95 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
a01b6f048a62d287308f367a052aefce5ba04195ec10b569f6dd87bcf9f2e7ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Tue, 05 Apr 2022 16:11:07 GMT
Content-Encoding
gzip
sc
0.000
Server
Tengine
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
close
gsid
033001098154164917506705100013660696509, 033001098154164917506705100013660696509
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,key,x-biz,x-info,platinfo,encr,enginever,gzipped,poiid
d74480a7-da04-4990-917e-a89ae7efe768
https://qingflow.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://qingflow.com/d74480a7-da04-4990-917e-a89ae7efe768
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
335d7093fb2ec1bba9166a623b9d4266b77ae317a2ce855d8ef952a036228d9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length
7095
Content-Type
text/javascript; charset=utf-8
579e7618-3a45-4cc6-b89f-c28e46eea902
https://qingflow.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://qingflow.com/579e7618-3a45-4cc6-b89f-c28e46eea902
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3561d904b5fe128bc7d0cc9f623c24d9014db849825af98013b37e03a727fa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length
7095
Content-Type
text/javascript; charset=utf-8
b
ckmap.mediav.com/ Frame FD28 		588 B
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ckmap.mediav.com/b?type=10
Requested by
Host: 360fenxi.mediav.com
URL: https://360fenxi.mediav.com/mediav1130.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
72d690f743fafb4de5ccac1e69d2dc7a95088925e8581c145ba299a5c17444ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://360fenxi.mediav.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Apr 2022 16:11:07 GMT
expires
-1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
openresty/1.15.8.2
vary
Accept-Encoding
m
ckmap.mediav.com/ Frame FD28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc&google_cm&tid=3&from_mv=1&google_ula=2121606
  • https://cm.g.doubleclick.net/pixel?google_nid=MEV&google_sc=&google_cm=&tid=3&from_mv=1&google_ula=2121606&google_tc=
  • https://ckmap.mediav.com/m?tid=3&from_mv=1&google_gid=CAESEDcyBF1awr5nbimGqQ-JKGA&google_cver=1&google_ula=2121606,0
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ckmap.mediav.com/m?tid=3&from_mv=1&google_gid=CAESEDcyBF1awr5nbimGqQ-JKGA&google_cver=1&google_ula=2121606,0
Requested by
Host: ckmap.mediav.com
URL: https://ckmap.mediav.com/b?type=10
Protocol
H2
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ckmap.mediav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 16:11:08 GMT
server
openresty/1.15.8.2
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 05 Apr 2022 16:11:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ckmap.mediav.com/m?tid=3&from_mv=1&google_gid=CAESEDcyBF1awr5nbimGqQ-JKGA&google_cver=1&google_ula=2121606,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
ckmap.mediav.com/ Frame FD28
Redirect Chain
  • https://cms.tanx.com/t.gif?tanx_nid=29628860&tanx_cm&mediav_tid=15&from_mv=1
  • https://ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
Requested by
Host: ckmap.mediav.com
URL: https://ckmap.mediav.com/b?type=10
Protocol
H2
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ckmap.mediav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 16:11:11 GMT
server
openresty/1.15.8.2
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
-1

Redirect headers

date
Tue, 05 Apr 2022 16:11:10 GMT
content-type
image/gif
server
Tengine
strict-transport-security
max-age=0
p3p
CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
location
https://ckmap.mediav.com/m?tanx_err=1&tanx_ver=1&mediav_tid=15&from_mv=1
timing-allow-origin
*
content-length
49
eagleeye-traceid
2104690316491750704006698e8454
m
ckmap.mediav.com/ Frame FD28
Redirect Chain
  • https://cm.pos.baidu.com/pixel?dspid=6455766&ext_data=1
  • https://ckmap.mediav.com/m?tid=5PURL&baidu_error=1&timestamp=1649175070
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ckmap.mediav.com/m?tid=5PURL&baidu_error=1&timestamp=1649175070
Requested by
Host: ckmap.mediav.com
URL: https://ckmap.mediav.com/b?type=10
Protocol
H2
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ckmap.mediav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 16:11:11 GMT
server
openresty/1.15.8.2
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
-1

Redirect headers

Location
https://ckmap.mediav.com/m?tid=5PURL&baidu_error=1&timestamp=1649175070
Date
Tue, 05 Apr 2022 16:11:10 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/html
Content-Length
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
m
ckmap.mediav.com/ Frame FD28
Redirect Chain
  • https://cm.miaozhen.atm.youku.com/cm.gif?dspid=11115
  • https://ckmap.mediav.com/m?tid=7&mzid=16491750697277EH
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ckmap.mediav.com/m?tid=7&mzid=16491750697277EH
Requested by
Host: ckmap.mediav.com
URL: https://ckmap.mediav.com/b?type=10
Protocol
H2
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ckmap.mediav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 16:11:09 GMT
server
openresty/1.15.8.2
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 05 Apr 2022 16:11:09 GMT
content-type
text/html
server
Tengine/Aserver
strict-transport-security
max-age=0
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
location
https://ckmap.mediav.com/m?tid=7&mzid=16491750697277EH
cache-control
no-cache
timing-allow-origin
*
s-rt
1
content-length
154
eagleeye-traceid
213e6d3c16491750697268054ea291, 213e6d3c16491750697268054ea291
expires
Tue, 05 Apr 2022 16:11:08 GMT
m
ckmap.mediav.com/ Frame FD28
Redirect Chain
  • https://max.dmp.360.cn/?pid=dmp_1000
  • https://ckmap.mediav.com/m?tid=627&tck=b04b102fd6d39d714792fdd600a141da
43 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ckmap.mediav.com/m?tid=627&tck=b04b102fd6d39d714792fdd600a141da
Requested by
Host: ckmap.mediav.com
URL: https://ckmap.mediav.com/b?type=10
Protocol
H2
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ckmap.mediav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 16:11:09 GMT
server
openresty/1.15.8.2
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
-1

Redirect headers

Location
https://ckmap.mediav.com/m?tid=627&tck=b04b102fd6d39d714792fdd600a141da
Date
Tue, 05 Apr 2022 16:11:09 GMT
Server
openresty/1.13.6.1
Connection
close
Content-Length
167
Content-Type
text/html
ckmap.htm
3m.mediav.com/ Frame DCC3 		263 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://3m.mediav.com/ckmap.htm
Requested by
Host: ckmap.mediav.com
URL: https://ckmap.mediav.com/b?type=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.192.108.23 , United States, ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN),
Reverse DNS
Software
/
Resource Hash
3dc1a5a618f706dbcb47b29ce259dda5ea5e3718a2716271e32aff29576ae672

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ckmap.mediav.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=1296000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Apr 2022 16:11:12 GMT
expires
Wed, 20 Apr 2022 16:11:12 GMT
kcs-via
HIT from w-fc02.lato;MISS from w-sc01.lato
last-modified
Thu, 19 Jul 2012 03:19:29 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
insert_bdtj
ada.baidu.com/phone-tracker/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ada.baidu.com/phone-tracker/insert_bdtj?sid=10738263
Requested by
Host: hm.baidu.com
URL: https://hm.baidu.com/hm.js?176844363a372d74c235e5cb2aaf387c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.177.151.160 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
/
Resource Hash
f30634d531679e4986e2c2b367e92c9046b22912c9c5362de5d4332266be0aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Response-Time
2.560ms
Date
Tue, 05 Apr 2022 16:11:10 GMT
Content-Encoding
gzip
Etag
W/"a36-NXhKL9/DqV2lqzNoEtswMQ"
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;includeSubDomains
X-Accel-Buffering
no
hm.gif
hm.baidu.com/ 		43 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=827703002&si=176844363a372d74c235e5cb2aaf387c&v=1.2.91&lv=1&sn=52329&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fqingflow.com%2Ff%2F61eed78e%3Fqfchannel%3Djordan__%3B!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR%24&tt=%E8%BD%BB%E6%B5%81
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Apr 2022 16:11:08 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43
phone-tracker_h5.js
fe-resource.cdn.bcebos.com/phoneTracker/
Redirect Chain
  • https://ada.baidu.com/phone-tracker/getjs_bdtj?sid=10738263
  • https://fe-resource.cdn.bcebos.com/phoneTracker/phone-tracker_h5.js
90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fe-resource.cdn.bcebos.com/phoneTracker/phone-tracker_h5.js
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
H2
Server
185.10.104.115 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
4b8dbfc83e8b2d057c67037e5110b73e7000da95411367b84f872939e946f476

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

ohc-file-size
91958
date
Tue, 05 Apr 2022 16:11:14 GMT
content-encoding
br
content-md5
Fi1kZGtsKWPoRAtXGv3ZgQ==
age
115678
x-bce-storage-class
STANDARD
ohc-cache-hit
fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache69 [1], xaix69 [4]
last-modified
Thu, 02 Dec 2021 08:01:43 GMT
server
JSP3/2.0.14
etag
"162d64646b6c2963e8440b571afdd981"
x-bce-request-id
0560488e-182a-44d7-b97f-afebb92d7ff0
content-type
text/javascript
x-bce-debug-id
2KMhaue2kpJ0IO364WCgN18Yn3UTN2qNeUYX0wfw3TJAUcYjPWRv2ESIoAA7byhzieaWP42X0wFzzTQoeTG9CA==
accept-ranges
bytes
timing-allow-origin
*
x-bce-content-crc32
3750959151
expires
Thu, 07 Apr 2022 08:03:12 GMT

Redirect headers

X-Response-Time
1.662ms
Date
Tue, 05 Apr 2022 16:11:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Location
https://fe-resource.cdn.bcebos.com/phoneTracker/phone-tracker_h5.js
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;includeSubDomains
m
ckmap.mediav.com/ Frame DCC3 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ckmap.mediav.com/m?thirdparty_id=1&thirdparty_cookie_id=qndsd0s0k1jdve6mi3gc573p14
Requested by
Host: 3m.mediav.com
URL: https://3m.mediav.com/ckmap.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3m.mediav.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 16:11:12 GMT
server
openresty/1.15.8.2
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
-1
s.gif
s.union.360.cn/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.union.360.cn/s.gif?lts=1&et=20&mvosr=&eid=1008006&ep=&vid=%3C%5E6BlXTCd09%5E3%3Ay%3CF%24H-&ctn=&vvid=%3C%5E6BlXTCd09%5E3%3Ay%3CF%24H-&_mvnf=1&_mvctn=0&_mvck=1&_refnf=1&url=https%3A%2F%2Fqingflow.com%2Ff%2F61eed78e%3Fqfchannel%3Djordan__%3B!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR%24&si=374225&su=&flt=1649175063&lt=1649175063&pt=166836198501682880&guid=129587285.1871833191531899904.1649175063000.7249&huid=11qXYxrHNa7eBAqCnijmuQqXO3ayYh6XmfcH3Z1Sxo2%252BA%253D&v=3.2.0&t=1649175072586&_mtd=im
Requested by
Host: qingflow.com
URL: https://qingflow.com/f/61eed78e?qfchannel=jordan__;!!Hd8rfk_wYxoe!dxxwalrLr0jQobqWkHGwfpRHCOcbxt2aMJMzeSxeKMnRFN3CMoJhZVW8cOeShlm_llYR$
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.251.76 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
openresty/1.9.15.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qingflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Apr 2022 16:11:12 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty/1.9.15.1
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Connection
close
Content-Length
43
Expires
Fri, 01 Jan 1980 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| environment function| systemPrint object| _hmt function| _qha object| jWeixin object| wx object| WWOpenData object| global object| webpackChunkqf_fe object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononpointerrawupdatepatched object| process function| WxLogin function| EXIF object| _qha_data number| _qha_ldt_ object| qha_log_6u8yix object| __zone_symbol__unloadfalse object| __zone_symbol__messagefalse object| qha_log_dekg2i function| CodeMirror object| __zone_symbol__testfalse object| __zone_symbol__ON_PROPERTYtest function| Viewer function| Quill object| bodymovin object| lottie object| AMap function| _jsload_ function| _cssload_ object| jsonp_293156_ object| __zone_symbol__loadfalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__pageshowfalse object| __zone_symbol__pagehidefalse object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse boolean| _bdhm_loaded_176844363a372d74c235e5cb2aaf387c object| mini_tangram_log_kisgvh object| bdDataLayer object| qha_log_joecn0 undefined| BdVirtualNum function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

11 Cookies

Domain/Path Name / Value
qingflow.com/f Name: mediav
Value: %7B%22eid%22%3A%221008006%22%2C%22ep%22%3A%22%22%2C%22vid%22%3A%22%3C%5E6BlXTCd09%5E3%3Ay%3CF%24H-%22%2C%22ctn%22%3A%22%22%2C%22vvid%22%3A%22%3C%5E6BlXTCd09%5E3%3Ay%3CF%24H-%22%2C%22_mvnf%22%3A1%2C%22_mvctn%22%3A0%2C%22_mvck%22%3A1%2C%22_refnf%22%3A1%7D
qingflow.com/ Name: acw_tc
Value: 2f624a2816491750585353832e1b454b1bf35daf4f03e76c4de666689a1116
qingflow.com/ Name: SERVERID
Value: 74d3bf41c9b5fc72a96cb5db2b86ebf5|1649175061|1649175058
.qingflow.com/ Name: Qs_lvt_374225
Value: 1649175063
.qingflow.com/ Name: Qs_pv_374225
Value: 166836198501682880
.doubleclick.net/ Name: IDE
Value: AHWqTUlxZ9e1VCq_fR9rAxbj5FeZRkdN0jDjwPb0CUPOhaBcIX4bOZf-GG0jh2U4Upo
.mediav.com/ Name: v1
Value: <^6BlXTCd09^3:y<F$H-
.qingflow.com/ Name: Hm_lvt_176844363a372d74c235e5cb2aaf387c
Value: 1649175069
.qingflow.com/ Name: Hm_lpvt_176844363a372d74c235e5cb2aaf387c
Value: 1649175069
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: D894C3F8EEF9396D
.mediav.com/ Name: huid1
Value: b04b102fd6d39d714792fdd600a141da

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

360fenxi.mediav.com
3m.mediav.com
ada.baidu.com
cdn.qingflow.com
ckmap.mediav.com
cm.g.doubleclick.net
cm.miaozhen.atm.youku.com
cm.pos.baidu.com
cms.tanx.com
e.so.com
fe-resource.cdn.bcebos.com
file.qingflow.com
hm.baidu.com
max.dmp.360.cn
open.work.weixin.qq.com
qingflow.com
res.wx.qq.com
restapi.amap.com
s.union.360.cn
webapi.amap.com
wwcdn.weixin.qq.com
103.235.46.191
104.192.108.23
110.242.68.135
140.207.202.69
142.250.185.98
163.177.151.160
171.8.167.94
180.163.247.134
180.163.251.76
185.10.104.115
203.205.137.235
2408:4001:f00::1af
36.99.171.172
43.154.240.235
47.102.225.181
47.246.110.95
47.89.75.200
59.82.31.142
8.45.176.210
8.45.176.211
04dca859cd032694a28e55f9de0be9e5dd23c93609e728978c91d58804c35d9e
0f638cd464a1512ffabc8a2cfc1685473eb34784001d5e11c220e164dc610a8a
1504b7b535791471cf6e9abfbffc3f7515cf77e4735da87e8143b6cdc1a49e48
19d69e77eac42cdea89b4d82a15dc756f624cfc01c61cb2d7173bbc537ee4aac
2ccf4bf52269e8872e012440ee64499afc65c85f11206ff7651ebebce6fd4563
335d7093fb2ec1bba9166a623b9d4266b77ae317a2ce855d8ef952a036228d9d
3dc1a5a618f706dbcb47b29ce259dda5ea5e3718a2716271e32aff29576ae672
4b8dbfc83e8b2d057c67037e5110b73e7000da95411367b84f872939e946f476
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
657550698fa8fe6d67596b34552c4b58963284f818f118fc893bfedffe7932ac
6887d9db6044389e8f0f077b92f3502928653d77dad2fa024d2fa280ee88a9ca
72d690f743fafb4de5ccac1e69d2dc7a95088925e8581c145ba299a5c17444ab
7619bd478a6018074496dfd9f019ca93d7ec684b6a4b3d75bb4f85c022171f2e
87fcf947de5a385c97a07066d8d4fa34a978ca5d1b472262275ec58d832ebd9c
8b052cf5a5818acaa8d21467d02778d0e6c55aa4d15f15e79bda4de5dce0740e
a01b6f048a62d287308f367a052aefce5ba04195ec10b569f6dd87bcf9f2e7ef
ab2226e3181f525d892d82c4a126102b9d4118e25bf312ac2c38d1e41864ff89
b5b7a3acc57528c1de8659da46c03ffa5142c4207fe721866df18e39c9a5e3da
c9c1fdd6885204d062bf6dc224d617ada7d519b70f4d0ed44c7c32b206027480
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3561d904b5fe128bc7d0cc9f623c24d9014db849825af98013b37e03a727fa2
da646d2eaeb5ae4c0ead0cb0620867290230f7d1651adc4c07df4e5f89b3becd
db5bf26f7b489fc0d8048938446dfff29f27cb8431601ab74cca9968463482ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2abb6c29ec97196fb4f136b7395a70d24de72e73956bd522923aaf03d5e5b9
f30634d531679e4986e2c2b367e92c9046b22912c9c5362de5d4332266be0aa6
f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f