urlscan.io logo urlscan.io
SecurityTrails logo

lnrq.grovex.io Open in urlscan Pro
172.67.203.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lnrq.grovex.io/
Effective URL: https://lnrq.grovex.io/login.html
Submission: On March 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 38 HTTP transactions. The main IP is 172.67.203.13, located in United States and belongs to CLOUDFLARENET, US. The main domain is lnrq.grovex.io.
TLS certificate: Issued by GTS CA 1P5 on February 19th 2024. Valid for: 3 months.
This is the only time lnrq.grovex.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 172.67.203.13 13335 (CLOUDFLAR...)
2 2404:2280:1b2... 24429 (TAOBAO Zh...)
1 47.246.23.228 24429 (TAOBAO Zh...)
1 59.82.132.149 37963 (ALIBABA-C...)
2 2401:b180:700... 37963 (ALIBABA-C...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.35.164 15169 (GOOGLE)
4 203.107.54.59 37963 (ALIBABA-C...)
2 43.159.107.100 139341 (ACE-AS-AP...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 47.101.43.130 37963 (ALIBABA-C...)
1 47.246.23.230 24429 (TAOBAO Zh...)
38 13
20    172.67.203.13 (United States)

ASN13335 (CLOUDFLARENET, US)
lnrq.grovex.io
2    2404:2280:1b2:0:3::a (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
g.alicdn.com
1    47.246.23.228 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
assets-cli.s2.udesk.cn
1    59.82.132.149 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cf.aliyun.com
2    2401:b180:7003::2e (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
gm.mmstat.com
1    2607:f8b0:4002:c1b::9c (Atlanta, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.251.35.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f4.1e100.net
www.google.com
4    203.107.54.59 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
chainup.s2.udesk.cn
2    43.159.107.100 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
api.geetest.com
3    2606:4700::6811:6c1 (United States)

ASN13335 (CLOUDFLARENET, US)
static.geetest.com
1    47.101.43.130 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
basevistor.s2.udesk.cn
1    47.246.23.230 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
static-ud.udesk.cn
Apex Domain
Subdomains		 Transfer
20 grovex.io
lnrq.grovex.io
171 KB
7 udesk.cn
assets-cli.s2.udesk.cn
chainup.s2.udesk.cn
basevistor.s2.udesk.cn
static-ud.udesk.cn — Cisco Umbrella Rank: 189951
50 KB
5 geetest.com
api.geetest.com — Cisco Umbrella Rank: 65589
static.geetest.com — Cisco Umbrella Rank: 38042
93 KB
2 mmstat.com
gm.mmstat.com — Cisco Umbrella Rank: 17772
509 B
2 alicdn.com
g.alicdn.com — Cisco Umbrella Rank: 9125
60 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
245 B
1 aliyun.com
cf.aliyun.com — Cisco Umbrella Rank: 64343
276 B
38 8
Domain Requested by
20 lnrq.grovex.io 1 redirects lnrq.grovex.io
4 chainup.s2.udesk.cn assets-cli.s2.udesk.cn
3 static.geetest.com lnrq.grovex.io
static.geetest.com
2 api.geetest.com lnrq.grovex.io
static.geetest.com
2 gm.mmstat.com lnrq.grovex.io
2 g.alicdn.com lnrq.grovex.io
1 static-ud.udesk.cn lnrq.grovex.io
1 basevistor.s2.udesk.cn assets-cli.s2.udesk.cn
1 www.google.com lnrq.grovex.io
1 stats.g.doubleclick.net lnrq.grovex.io
1 cf.aliyun.com g.alicdn.com
1 assets-cli.s2.udesk.cn lnrq.grovex.io
38 12

This site contains links to these domains. Also see Links.

Domain
www.geetest.com
Subject Issuer Validity Valid
grovex.io
GTS CA 1P5		 2024-02-19 -
2024-05-19		 3 months crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-12-26 -
2024-07-30		 7 months crt.sh
*.s2.udesk.cn
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-10-31 -
2024-11-30		 a year crt.sh
cf.aliyun.com
GlobalSign RSA OV SSL CA 2018		 2023-10-12 -
2024-05-18		 7 months crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.geetest.com
GeoTrust TLS RSA CA G1		 2024-03-12 -
2025-03-11		 a year crt.sh
*.udesk.cn
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-11-01 -
2024-12-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lnrq.grovex.io/login.html
Frame ID: 43153855E2B7E87FFB4E6715FDD82C73
Requests: 38 HTTP requests in this frame

Frame: https://chainup.s2.udesk.cn/im_client/?web_plugin_id=8752&cur_title=Exchange%20backstage%20management%20system%20login&src_url=&cur_url=https%3A%2F%2Flnrq.grovex.io%2Flogin.html&pre_url=https%3A%2F%2Flnrq.grovex.io%2Flogin.html&currentMode=inner&free=noAgent&robot_enable_agent=true&robot_enable_robot=false&robot_reception_strategy=all_day&robot_scene_id=355&robot_udesk_robot_id=111&robot_show_robot_times=0
Frame ID: 6AFA30C81DCE2C8BF5E3BD78CAB334BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Exchange backstage management system login

Page URL History Show full URLs

  1. https://lnrq.grovex.io/ HTTP 302
    http://lnrq.grovex.io/login.html HTTP 307
    https://lnrq.grovex.io/login.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

12
Subdomains

13
IPs

3
Countries

375 kB
Transfer

1059 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lnrq.grovex.io/ HTTP 302
    http://lnrq.grovex.io/login.html HTTP 307
    https://lnrq.grovex.io/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
lnrq.grovex.io/
Redirect Chain
  • https://lnrq.grovex.io/
  • http://lnrq.grovex.io/login.html
  • https://lnrq.grovex.io/login.html
36 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51a71e4960b83975c8f27c92ec7957cc9303b61a841cb2834d163aef5c929655

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c0ba930fc88e02-MIA
content-encoding
br
content-language
en-US
content-type
text/html;charset=UTF-8
date
Fri, 29 Mar 2024 15:00:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toRy3oDST4KRlpAvA10eqsYVaKVN13O4u3mcoJrVlTdcdp1h9eixHbShaN72qAnUcnpUUdOdGgQl2VbgeDUoZuj8ZQ%2FE4hF%2B23N%2FkPcjPq%2BcofdAbUHS1EhxQd%2FB4vRCgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://lnrq.grovex.io/login.html
Non-Authoritative-Reason
HttpsUpgrades
backstage.css
lnrq.grovex.io/res/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/css/backstage.css
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbd2b54b1276a9ca888a55ed3c740a8c9c4e9b7a0254eb3ead1b718e76510f0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPBEXJnLilFEQfr9YhMr4asjhije8%2B1jhSe8UCAg16n1R0DVvV%2FkVIuhqNo%2Bi1kHTjd8PsFUEX4%2BGycDdGaOpJqllYurjsla8t6nnre6ZhuublKPLO2S5nCDNj02AgrZeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
86c0ba9c19d68e02-MIA
alt-svc
h3=":443"; ma=86400
nc.css
g.alicdn.com/sd/ncpc/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/sd/ncpc/nc.css?t=1507600041946
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
048608e8a0f96b8c02d49dc8b96579cb42ccc0027747cccf774fb3c8fc5de3ab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:23:42 GMT
content-encoding
gzip
via
cache16.l2us1[99,98,200-0,M], cache20.l2us1[100,0], cache20.l2us1[100,0], ens-cache15.us19[0,0,200-0,H], ens-cache6.us19[1,0]
x-oss-request-id
6606CEEED6CB749F19B0B3C8
content-md5
W6ueR/1LD7hdBy9TKg9Iaw==
age
2198
x-swift-cachetime
3600
x-cache
HIT TCP_MEM_HIT dirn:12:110728124
x-swift-savetime
Fri, 29 Mar 2024 14:23:42 GMT
content-length
3099
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1711722222
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
5636844986190581733
eagleid
082d349a17117244207897280e
x-oss-server-time
22
nc.js
g.alicdn.com/sd/ncpc/ 		216 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/sd/ncpc/nc.js?t=1507600041946
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:23:21 GMT
content-encoding
gzip
via
cache24.l2us1[187,187,200-0,M], cache1.l2us1[188,0], cache1.l2us1[189,0], ens-cache4.us19[0,0,200-0,H], ens-cache6.us19[0,0]
x-oss-request-id
6606CED9236B0A313478D527
content-md5
EZmEYdPXfd6efvcqZeCEKQ==
age
2219
x-swift-cachetime
3599
x-cache
HIT TCP_MEM_HIT dirn:10:846990234
x-swift-savetime
Fri, 29 Mar 2024 14:23:22 GMT
content-length
57378
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1711722201
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
1561788439659902122
eagleid
082d349a17117244207907282e
x-oss-server-time
2
jquery-1.10.2.min.js
lnrq.grovex.io/res/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/js/jquery-1.10.2.min.js
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1f030692803f149f888d6c6fe2f2da71feb30f7bfb92fc283c1059396411da

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DDIDl3zXcaoBSQHndPzrKupFG5XUfGAfGA0K%2F2Qj5Fy%2BBtv1dWWGJUxwAVBT1vIKEp72audTF%2FXW9Jfg8KXnYEi4kF2wAaRPKJ1iX7GBcEyJIg3a6%2B73tGrMJqXEnoDIyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86c0ba9c19dc8e02-MIA
alt-svc
h3=":443"; ma=86400
gt.js
lnrq.grovex.io/res/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/js/gt.js
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014ea43c07256144befa08fa7ca72f3d837ec1e1ef143b6de3ac93bed168b67e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3HzBvhYqL62g4HJ89fIUWqA0pr50jfO6ug6NpPLvF7ODXaQ3UlBx8uGc4%2FTykqhiUnvs%2Fs4wiDUbKdA2UpGmo4r1A%2F5RaRR1uw2VfPKuMN6PJDCY0wU90wBfFkuuvimBRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86c0ba9c19dd8e02-MIA
alt-svc
h3=":443"; ma=86400
login.js
lnrq.grovex.io/res/js/ 		952 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/js/login.js
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51bf0813b15b0b4d544e91fd58debac5756319c3beafeafc4ede9b84c441554a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hysHL5RJ3JqJwKVM%2B%2FqUO3FkRGrqp6PwVY9%2FAHgiY%2Bgtc0lMQC4mhYBr%2Bv6JCC8qjOheiYG%2FyfmiNq0n3iHELaVXkoMdnghrMy8%2BTc0xxitaZuX4Q1fYcUrt58uTcXmnTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86c0ba9c19df8e02-MIA
alt-svc
h3=":443"; ma=86400
cookie.js
lnrq.grovex.io/res/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/js/cookie.js
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd344a3c384c667ff8aa8b2c3ad8220bf54e8e1e8342ee37b5d748f78fa3b48

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9%2BIZh2Kq%2F2dsysWjatgYxRyYal82rDfB3RQcO8IYBkTVT32sPUoJBnuTuYwzvp13yDT8IM9vJKk7Pv4BoMilBnmKuhjHoTisNJgmiSD07qIGkU3UyaBzy%2F43T8i9jFRVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86c0ba9c19e08e02-MIA
alt-svc
h3=":443"; ma=86400
public.js
lnrq.grovex.io/res/js/ 		227 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/js/public.js?version=201801291648
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd33d77fadfb6c78c874335415d2268513a846b1d358268507a09d015cb9ffd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ye01%2BFI2pMr4urVIUZOxlior%2FZ9lWDa%2FQtIuYAI19ICN43tTGfHEP4m7LTyneh9MOLmlVTQa0Q%2BA436sCZDaL%2BpvZVKICaIkMXlgSgB4LLZpyXtT4IA3O9JuqzawceMQMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86c0ba9c19e18e02-MIA
alt-svc
h3=":443"; ma=86400
jwfp.js
lnrq.grovex.io/res/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/js/jwfp.js
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c902b42639737eed3eb6fb0799c702a514f8cae8d0c0c6bdbaa756960e85e230

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAFeWPqc0cOkH36%2FfdldF%2FS10xCJLmlGzgVHNEuqkIkVolU1Eh6twlJzSb%2Fp4rcH73pLjN7r%2Bryu%2FGJPCMc3rfYKPJsPMugwl9JJDQW2LCPXeswNkeqe%2BOCRQEpqb4RlrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86c0ba9c19e28e02-MIA
alt-svc
h3=":443"; ma=86400
layer.js
lnrq.grovex.io/res/h_ui_admin/lib/layer/2.4/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/h_ui_admin/lib/layer/2.4/layer.js
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
727301613d4e4aa793a0ef89dd8a3aa5e07f08544db7681b839244b5c565ecd7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqxmN9npWWQMxTf2K8QFM4EBUxmO0AI4OSygjYoe0XUANHtDdDwk9doxe5%2FjZkJdwB2tVfQJhDRXCpc2d9fi3%2FZUgn%2F%2FJ3FIadM90oj26ZtxtTGFlgWM%2FV67qwmave2WCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86c0ba9c19e48e02-MIA
alt-svc
h3=":443"; ma=86400
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
backstage-bg.jpg
lnrq.grovex.io/res/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lnrq.grovex.io/res/images/backstage-bg.jpg
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/css/backstage.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6a95f5926d2f50352ac56afeec409dce647807415613d1ec84bef9e70de1a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/res/css/backstage.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:22 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0U1FW%2FDyNofBMtwtSmM1IqjstYFCZ1U%2FFU8gzlLDMLZWoQBz4Pd97rDjVyPOW6EI3MKv%2FMbXzRpq9H%2FWs7d%2FwXEIbjZ2cLJkM3EQYJhyTXVxpkXr4L%2BDooiKdeHhrvNrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
86c0baa2f9e58e02-MIA
alt-svc
h3=":443"; ma=86400
backstage-login-bg.jpg
lnrq.grovex.io/res/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lnrq.grovex.io/res/images/backstage-login-bg.jpg
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/css/backstage.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198956fc4dfbc15c40bbf16b2a87582ae272edf2cb776c79726359a8d83a9c87

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/res/css/backstage.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:22 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsgz6RIw16X1wVYSltY1EhcOjUIAs918r03c1%2FsJd0LBFtRXkFYL%2F6zqrk%2F6ZJnCdPYiqZbp%2F235CK0gTTv%2Bb%2BjUsGWCxqRWySDybpERcANpwGMZII5fdWM4OVBfuLVF5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
86c0baa2f9e68e02-MIA
alt-svc
h3=":443"; ma=86400
t1.jpg
lnrq.grovex.io/res/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lnrq.grovex.io/res/images/t1.jpg
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/css/backstage.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c48789c24e0ae288b574acb83abdd1ccee8aa3694b49b83b466b8e1605cb2fa1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/res/css/backstage.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:22 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbKMoG3NQ4fk4ydIX1vVE8kqMm7PYjhd1KzmHql3GHq%2Br9sw4kJsFPiMkeFYrpyDc6kIvjIUzp18zAxpJhlBXnZoIO4CG8jiAe%2Fp6mpfvIo1GjhnQBJqWzPgR2n7LjiOGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
86c0baa2f9e88e02-MIA
alt-svc
h3=":443"; ma=86400
t2.jpg
lnrq.grovex.io/res/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lnrq.grovex.io/res/images/t2.jpg
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/css/backstage.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b652bdeb0ab76dceec30c1d40dd96fe6f94301e622eec57aa5478402e40b3f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/res/css/backstage.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:22 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfMIiJggb8Fv5BdrMqjRVod6HYTy8t6GzBz7TnDCGghhmzt3AqWZajexgfn9XYJd1WYZ1ixUgQZg%2FMKneDqQ22TAbFYelLqWTNBQJzfsQRDD3pKosKgRrNGfP5ER35oB5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
86c0baa2f9e98e02-MIA
alt-svc
h3=":443"; ma=86400
layer.css
lnrq.grovex.io/res/h_ui_admin/lib/layer/2.4/skin/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/res/h_ui_admin/lib/layer/2.4/skin/layer.css
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/h_ui_admin/lib/layer/2.4/layer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1187f5b6a4b92deadfd08d1b10e6518dbc12f19f85a62d178a971f8727e507c1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FE64fOlj48SG52skJD7Iwo6Sb6nxMwQPSjlT9MwMr0KF84dF64L%2FHrfLp3vLhCcqKSGMY8J8OZii7EZMFzTl91sei16dKhWJJ6YfSM%2BzLLNyg77nBS41WLsFxp4kyDskAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
86c0baa4fc438e02-MIA
alt-svc
h3=":443"; ma=86400
udeskApi.js
assets-cli.s2.udesk.cn/im_client/js/ 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-cli.s2.udesk.cn/im_client/js/udeskApi.js
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.228 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a16ab8dd45da8e95d686290e4cb583690e5ffba4eca4e484ce893b192269d3b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:37:23 GMT
via
gateway/1.4.2, cache21.l2us2[0,0,304-0,H], cache21.l2us2[0,0], ens-cache14.us22[0,0,200-0,H], ens-cache6.us22[0,0]
content-encoding
gzip
age
1379
x-swift-cachetime
6910
x-cache
HIT TCP_MEM_HIT dirn:12:298276870
x-swift-savetime
Fri, 29 Mar 2024 14:42:13 GMT
content-length
44978
last-modified
Tue, 26 Mar 2024 13:02:25 GMT
server
Tengine
x-gateway-proxy-latency
0
etag
W/"6602c761-2056b"
vary
Accept-Encoding, Accept-Encoding
ali-swift-global-savetime
1711723043
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=7776000
x-gateway-upstream-latency
4
timing-allow-origin
*
eagleid
2ff6179a17117244227033646e
expires
Thu, 27 Jun 2024 14:37:23 GMT
tartCaptcha.html
lnrq.grovex.io/ 		112 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/tartCaptcha.html?t=1711724421903
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/js/jquery-1.10.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c2bc214a13836c7343e545aaf10b34a02ad3234a5049a4bb38343fc0877e2b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
CSRFToken
null
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lnrq.grovex.io/login.html
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
No-cache
date
Fri, 29 Mar 2024 15:00:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sx2D8TpSWwf3JaE2LZfpn8pASjoPne2ec7yGahgGU%2FmVUaRZrEP1abCJoQMXpk50ScFmQMbVm1yU4U2QiEQpldIgxe%2Bm%2FjiI9C%2F81M1iEt8Bl%2BVI9R5TRkW9zpGgBDOHkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=UTF-8
cache-control
no-cache
cf-ray
86c0baa50c5d8e02-MIA
alt-svc
h3=":443"; ma=86400
expires
0
initialize.jsonp
cf.aliyun.com/nocaptcha/ 		94 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.aliyun.com/nocaptcha/initialize.jsonp?a=undefined&t=%3A1711724421906%3A0.4043005692340904&scene=nc_login&lang=cn&v=v1.2.21&href=https%3A%2F%2Flnrq.grovex.io%2Flogin.html&comm={}&callback=initializeJsonp_06780753914187363
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/sd/ncpc/nc.js?t=1507600041946
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.82.132.149 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
a3b12a358b9fc432e33a4f9f3a7b4e41ba34d074aedd217c691ca8ba16f46637

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
text/javascript;charset=UTF-8
Date
Fri, 29 Mar 2024 15:00:22 GMT
Server
Tengine
Connection
close
Content-Length
94
Content-Language
zh-CN
fsp.1.1
gm.mmstat.com/ 		43 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gm.mmstat.com/fsp.1.1?code=13&msg=init%20monitor%3B&pid=sufeiPunish&page=https%3A%2F%2Flnrq.grovex.io%2Flogin.html&query=&hash=&referrer=&title=Exchange%20backstage%20management%20system%20login&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&c1=%3A1711724421906%3A0.4043005692340904&c2=undefined
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::2e , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 15:00:22 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
pc_hash.json
lnrq.grovex.io/data/ 		81 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/data/pc_hash.json
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/js/jquery-1.10.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
523c832eaa081767b8d8470d8938718254b1c971ff8876e678039dbdc8f16dfc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
CSRFToken
null
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
*/*
Referer
https://lnrq.grovex.io/login.html
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYao1gkcnCPLj0i25k4W6kgoI4UhvVIOGK9kG6i69VPB1DxJfVdi5uZ42nGdEKDmWAOmXowKW%2FfEl%2FCT0eWWWyIzGX3bS%2FLPPxKvVUIJ12cGHx%2FSqoyFGDWxypQCdM6NyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
cf-ray
86c0baa51c728e02-MIA
alt-svc
h3=":443"; ma=86400
s.js
lnrq.grovex.io/cdn-cgi/zaraz/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyRXhjaGFuZ2UlMjBiYWNrc3RhZ2UlMjBtYW5hZ2VtZW50JTIwc3lzdGVtJTIwbG9naW4lMjIlMkMlMjJ4JTIyJTNBMC44Mzc2MjQ1NjMxMjM1NTI0JTJDJTIydyUyMiUzQTgwMCUyQyUyMmglMjIlM0E2MDAlMkMlMjJqJTIyJTNBMTExMyUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGbG5ycS5ncm92ZXguaW8lMkZsb2dpbi5odG1sJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0E2MDAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24bff03b4ca0f60d044aa247dcb0e3d5629cd624bbd3dd2eb7e447ad754f18b0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:21 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://lnrq.grovex.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYVkQKvETW7nMqrtTJ1F2HzwOLaZGUbswNN81VLOVhx3yY9BpAEEW2VRm%2FVtP5nKcT8RVr%2FO0RcLSiuxWunVUJSSIaJSm6R43oLP2lLcXz%2B%2FYJTYvm8QkRxVyExwPEJKpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-credentials
true
x-robots-tag
none
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400
cf-ray
86c0baa51c818e02-MIA
collect
stats.g.doubleclick.net/g/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-FLR64TQ737&cid=c553d408-7d23-486f-b76e-36a760ff09f6&_u=KGDAAEADQAAAAC%7E&z=11412963
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c1b::9c Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 15:00:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lnrq.grovex.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-FLR64TQ737&cid=c553d408-7d23-486f-b76e-36a760ff09f6&_u=KGDAAEADQAAAAC%7E&z=11412963&slf_rd=1
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyRXhjaGFuZ2UlMjBiYWNrc3RhZ2UlMjBtYW5hZ2VtZW50JTIwc3lzdGVtJTIwbG9naW4lMjIlMkMlMjJ4JTIyJTNBMC44Mzc2MjQ1NjMxMjM1NTI0JTJDJTIydyUyMiUzQTgwMCUyQyUyMmglMjIlM0E2MDAlMkMlMjJqJTIyJTNBMTExMyUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGbG5ycS5ncm92ZXguaW8lMkZsb2dpbi5odG1sJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0E2MDAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.164 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 15:00:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://lnrq.grovex.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
out_config
chainup.s2.udesk.cn/spa1/im_web_plugins/8752/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chainup.s2.udesk.cn/spa1/im_web_plugins/8752/out_config?company_code=7dhd8dd&language=&session_key=&callback=udesk_jsonp0
Requested by
Host: assets-cli.s2.udesk.cn
URL: https://assets-cli.s2.udesk.cn/im_client/js/udeskApi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.107.54.59 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
f2c627d7157361de70c88f250c8699ceb6c1d58b2713c0b453fc538e41a103da

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:24 GMT
access-control-request-method
*
content-encoding
gzip
via
gateway/1.4.2
x-udesk-ratelimit-url
GET_/spa1/im_web_plugins/*/out_config
x-udesk-ratelimit-default
false
access-flag
J
x-udesk-ratelimit-type
tenant
x-request-id
8b31c0d6c0910c9dc967cb15a4543d14
x-udesk-ratelimit-delay
0
x-udesk-ratelimit-by
rating
x-gateway-proxy-latency
0
vary
Accept-Encoding
access-control-allow-methods
POST, PUT, DELETE, GET, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-gateway-upstream-latency
37
access-control-allow-headers
X-CSRF-Token, X-Udesk-Tid, X-Udesk-Ifc, Origin, X-Requested-With, Content-Type, Accept, Authorization
x-udesk-ratelimit-rate
15000r/m
gettype.php
api.geetest.com/ 		465 B
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.geetest.com/gettype.php?gt=4c3b8d866887775b349c122eacdaadbc&callback=geetest_1711724427253
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/js/gt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
openresty /
Resource Hash
c103b3ac7f482f9292e449276a40b4549c8ad8fd138a2eead25894523f767d33

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 15:00:23 GMT
server
openresty
eo-cache-status
MISS
etag
"e58b550e452a1e53aaf41d53ed867262735ddd00"
content-type
text/javascript;charset=UTF-8
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
3301239812477401718
content-length
465
expires
0
jwfp.json
lnrq.grovex.io/data/ 		51 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/data/jwfp.json
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/js/jwfp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc8cd6dcb8b31f1110ac9067fb16fcc34787bdce5114f73501428a76738fbc5a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 29 Mar 2024 15:00:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ot7QLY9WVIGEhv%2Bth45mM16dvQ%2BypOY16WZ1K0S9mdPIUhKtFrJ0zPgBxJdP9SRIQff3jMvWRrUOxYPGQW56VudkMdWivgC2GoFojdU9na%2F6Ev%2Bi9LKFDw2vaaCd18%2BAXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
cf-ray
86c0baacfd788e02-MIA
alt-svc
h3=":443"; ma=86400
fullpage.9.1.9-r8k4eq.js
static.geetest.com/static/js/ 		300 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/res/js/gt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fed8c675558304245621695feb3d23ae0e7ad4693777e738c11c90ac4bc231b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:23 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1701849622
age
238553
x-guploader-uploadid
ABPtcPot5iVQaRp-BDzHJDNtGnRLQCGtEnol8cbWi6Av1QHJqqpuPNXviBHgzoTIVSNJcdXiUOUY3-5oSQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 07 Dec 2023 02:00:12 GMT
server
cloudflare
etag
W/"3d66dba858a7427381199b4baafa0553"
vary
Accept-Encoding
x-goog-generation
1701914412361551
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=n+ouVw==, md5=PWbbqFinQnOBGZtLqvoFUw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-meta-mtime
2023-12-06T08:00:22Z
x-goog-stored-content-length
306872
cf-ray
86c0bab17f6d127b-MIA
expires
Sat, 30 Mar 2024 15:00:23 GMT
fsp.1.1
gm.mmstat.com/ 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gm.mmstat.com/fsp.1.1?code=13&msg=Timeout_null%3B&pid=sufeiPunish&page=https%3A%2F%2Flnrq.grovex.io%2Flogin.html&query=&hash=&referrer=&title=Exchange%20backstage%20management%20system%20login&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&c1=%3A1711724421906%3A0.4043005692340904&c2=undefined
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::2e , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 15:00:24 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
get.php
api.geetest.com/ 		885 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.geetest.com/get.php?gt=4c3b8d866887775b349c122eacdaadbc&challenge=8f79ca1d570f3ef6b9285200fab0890b&lang=en&pt=0&client_type=web&w=7FVT2psM3Ak9PiA9OFV6cjFOlJ6jbhE0ZnPk10eIwpwEUzi(5kUWX6Eq6h)M2cQgIaDiMZGvbc3MCx87D4ku2i8b4RMdhDQmJYfJX)Vv5pv0hB(E)3ROW6ipIe8polKOQpU45FAiUVYncra4rK81iJ(Nmb98HhvEEgU9883Xh2btIQRfgjZInxfbHbBXXzsewqsxLmXXx9(fsm6pin8iGFLphBj7LFrS2Bci5(q5agt(xEHtApmG(leBX3FHK5Ou8y)h28dTdQP4KVKgy(lzFVcGAy28J9GnEWgTqd34xvVFRfm1ehT86WpYdTXnwH09bknb)PqLxk6m)JvgWnGpdPaoDq9g1ZD5Ss12MGwkq4vMUXN)Z5hSpDkJNTVuabwovtL8bTXNyS6pz1M1rJamUSoLOTOg1Mf2)ulYqB(rzM)Qc)hZhLZYOEINtpkAx76EeDBxF)nWMXtgGZKuCeryD(MxHXeI)6QXK(57ZC2(4AlDIr(bPf3eU54HdPrDiGgQa3QtBeBSJVgW6cB8t8ZeT1M)LdWIed(sGcnRXtOraxO2pBO74jJPT0g7iW(3QCOuqlMOu2jqwZLN8ENSIP1QDhbA629C7kB36Z)vM1svcw01b4knLynMjmcG(1UeARbmrrJlqyULK5s7D8(FwZMqKQGQLzh4GbJQ06eNnOCJ2b5FIBJtysAjMP5pGiFVSUViZ8gv)M5fKqj()iPeE21qXYLUMNSF0Bljpr)uq1ueNMy1X1cA5oWt0wyEbLqbB2H2VpaXulYl2DxAgStYGsKq5SiQLt00f6aTR4JETYGTiJ0gXFAlLpFsrrUX3hcMU)ebHm4aEgp5EkZ6o0YJfsVhu(DepzScV2gFLPzLJr3fIfXUqkE10LjvLY)RDUNNTRlkSduoaJrMecPxDUSx)ylaQCDSsqrkAmoTs1cslp0cbVnEkVobQmXkC8rxySTfdKtZiwgErRWGkXkZAVUzvLs1Na6)kcly85ij)CbIe4QsIPHYlVfDuTAllpy8cWDuoPKz4Ucv)Poc0PahU4Bip)2BPVoD0h6ArKlZFxP9eh9oBA9TWnjqvFI1JORk5Diake1XSfG31umxwa0MaSbxAX2fbJmPgBnDEIFl)E9ksd65XQCAXX8iOKbmrw7yPckWSPa86FMvA4dEsaLCS(k(eHUzCg..583eab6756bead783261acf0886f7c9d0633e56cdf5de389476b04998075dedef301f685f31f1462c1042eca7830fab0beacda8493649f8fc152c6a9fbca206f21454955e69422947860200a5179eb163e565ac4ffa8ae36adcd0d7c7e68cf9a98c0e73adf65fb38109810a94c9bdce5c4f4e836f7bfb1b2fa8ad441dd389cf3&callback=geetest_1711724431059
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
openresty /
Resource Hash
68c5df138a5476a8c84d4ab5395ec5ef3685b7fd852f516b07fb84c38bc641a5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 29 Mar 2024 15:00:24 GMT
server
openresty
eo-cache-status
MISS
etag
"e488ac6593892fa5ca9f2c08c73d32ce88fda9c1"
content-type
text/javascript;charset=UTF-8
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
14448288437207361872
content-length
885
expires
0
emotion.css
chainup.s2.udesk.cn/im_client/css/ui/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chainup.s2.udesk.cn/im_client/css/ui/emotion.css
Requested by
Host: assets-cli.s2.udesk.cn
URL: https://assets-cli.s2.udesk.cn/im_client/js/udeskApi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.107.54.59 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
73ddb9c21f696368b53d056fd0a4106af9737cadcdd98d4dc858a560b0fd6b4a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:24 GMT
content-encoding
gzip
via
gateway/1.4.2
last-modified
Tue, 26 Mar 2024 13:02:25 GMT
etag
W/"6602c761-2e1c"
x-gateway-proxy-latency
0
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7776000
x-gateway-upstream-latency
3
expires
Thu, 27 Jun 2024 15:00:24 GMT
key
basevistor.s2.udesk.cn/customerApi/ 		85 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://basevistor.s2.udesk.cn/customerApi/key?_=&is_invite=1&code=7dhd8dd&url=https%3A%2F%2Flnrq.grovex.io%2Flogin.html&referrer=&keyword=&title=Exchange%20backstage%20management%20system%20login&scaleScreen=800*600&callback=udesk_jsonp1
Requested by
Host: assets-cli.s2.udesk.cn
URL: https://assets-cli.s2.udesk.cn/im_client/js/udeskApi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.101.43.130 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e1d354f46945c735d0cc4c2ca7e90b757803f092bd8c1c2c8ec9c94643125f17

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 29 Mar 2024 15:00:26 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Headers
x-requested-with,content-type
Content-Length
85
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/javascript
style_https.1.5.8.css
static.geetest.com/static/wind/ 		40 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/static/wind/style_https.1.5.8.css
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.1.9-r8k4eq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:24 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1585034197
age
238565
x-guploader-uploadid
ABPtcPoyxZ2pGzD9WirGXSdGmyturW_H5ZhZb8IOu-SaxS2hBXumvoQqa5Wg6vu0tLYTOxsJN1M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 09 May 2023 09:41:49 GMT
server
cloudflare
etag
W/"3fb6aacfd5ae2d3894f2f00b0d5f3236"
vary
Accept-Encoding
x-goog-generation
1683625309389336
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=wyS03w==, md5=P7aqz9WuLTiU8vALDV8yNg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-meta-mtime
2020-03-24T07:16:37Z
x-goog-stored-content-length
40702
cf-ray
86c0bab51c3d127b-MIA
expires
Sat, 30 Mar 2024 15:00:24 GMT
sprite.1.5.8.png
static.geetest.com/static/wind/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.geetest.com/static/wind/sprite.1.5.8.png
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/static/wind/style_https.1.5.8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://static.geetest.com/static/wind/style_https.1.5.8.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:24 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1585034201
age
249127
x-guploader-uploadid
ABPtcPqJauj1BQSSNyaGM2do6fQuNi3fh_4pt4Iab4PI5PKC_djZoDr8gi4wBvsf_NwpnS6SHxs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
3429
last-modified
Tue, 09 May 2023 09:41:44 GMT
server
cloudflare
etag
"b83c4eaebfa43a5d1c71d8fa4ccc6539"
vary
Accept-Encoding
x-goog-generation
1683625304033907
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=DFG6fg==, md5=uDxOrr+kOl0ccdj6TMxlOQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-meta-mtime
2020-03-24T07:16:41Z
x-goog-stored-content-length
3429
accept-ranges
bytes
cf-ray
86c0bab5acb9127b-MIA
expires
Sat, 30 Mar 2024 15:00:24 GMT
free
chainup.s2.udesk.cn/agents/ 		33 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chainup.s2.udesk.cn/agents/free?im_web_plugin_id=8752&session_key=&callback=udesk_jsonp2
Requested by
Host: assets-cli.s2.udesk.cn
URL: https://assets-cli.s2.udesk.cn/im_client/js/udeskApi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.107.54.59 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
a1d30462bf8648ddb5e395a3c3c20ea8a34b8a422e8a269402dc34ec46e4d2f3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:26 GMT
access-control-request-method
*
via
gateway/1.4.2
x-udesk-ratelimit-url
GET_/agents/free
x-udesk-ratelimit-default
false
access-flag
J
x-udesk-ratelimit-type
tenant
content-length
33
x-request-id
09df91a1bf567edfa6e090024266617c
x-udesk-ratelimit-delay
0
x-udesk-ratelimit-by
rating
x-gateway-proxy-latency
1
access-control-allow-methods
POST, PUT, DELETE, GET, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-gateway-upstream-latency
48
access-control-allow-headers
X-CSRF-Token, X-Udesk-Tid, X-Udesk-Ifc, Origin, X-Requested-With, Content-Type, Accept, Authorization
x-udesk-ratelimit-rate
15000r/m
client-btn.png
static-ud.udesk.cn/img/ 		388 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-ud.udesk.cn/img/client-btn.png
Requested by
Host: lnrq.grovex.io
URL: https://lnrq.grovex.io/login.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.230 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e1e877dd31d9759f0bb05f7fb89c7f7ce366dd3cce16ae168ae2938722238882

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 14:09:14 GMT
via
cache34.l2us2[663,663,304-0,M], cache33.l2us2[665,0], ens-cache8.us22[0,0,200-0,H], ens-cache6.us22[0,0]
age
3073
x-swift-cachetime
7200
x-cache
HIT TCP_MEM_HIT dirn:12:449147141
x-swift-savetime
Fri, 29 Mar 2024 14:09:14 GMT
content-length
388
last-modified
Wed, 20 Mar 2024 09:10:16 GMT
server
Tengine
etag
"65faa7f8-184"
ali-swift-global-savetime
1711721354
content-type
image/png
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff6179a17117244277928692e
/
chainup.s2.udesk.cn/im_client/ Frame 6AFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chainup.s2.udesk.cn/im_client/?web_plugin_id=8752&cur_title=Exchange%20backstage%20management%20system%20login&src_url=&cur_url=https%3A%2F%2Flnrq.grovex.io%2Flogin.html&pre_url=https%3A%2F%2Flnrq.grovex.io%2Flogin.html&currentMode=inner&free=noAgent&robot_enable_agent=true&robot_enable_robot=false&robot_reception_strategy=all_day&robot_scene_id=355&robot_udesk_robot_id=111&robot_show_robot_times=0
Requested by
Host: assets-cli.s2.udesk.cn
URL: https://assets-cli.s2.udesk.cn/im_client/js/udeskApi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.107.54.59 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://lnrq.grovex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 29 Mar 2024 15:00:27 GMT
etag
W/"6602c761-c9a"
last-modified
Tue, 26 Mar 2024 13:02:25 GMT
vary
Accept-Encoding
via
gateway/1.4.2
x-gateway-proxy-latency
0
x-gateway-upstream-latency
4
favicon.ico
lnrq.grovex.io/ 		19 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lnrq.grovex.io/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570cf9dbd0ece40ca9923a456896bb996bbf7cfd76b46de32e37ecf6afbca33b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lnrq.grovex.io/login.html
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:00:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 06 Dec 2023 07:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sznvSFDxYxWnZJuSLkl82DeBkELlmKxSrdEaSuvEob6P7a%2BqKaUHiR3btVyTu48y%2FHHOeFGnqLdlL3xB%2BU6bnsqle0Abo0BXrM00WAu02gFX2yTze4hd%2FltxlEj8nlg6QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
86c0bad38b518e02-MIA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal number| _nc_initialized object| UA_Opt object| _sec_module object| outer_nc_list function| noCaptcha object| zarazData object| zaraz function| $ function| jQuery function| initGeetest function| changeLanguage function| verification function| setCookie function| getCookie function| delCookie function| clearCookie function| setCookieAndTime function| getsec object| token function| ajax_method function| jwfp object| layer string| UdeskApiObject function| ud string| sysConfValidate function| getSmsCode object| InterValObj boolean| submitFlag function| loginSub function| handler2 string| gtLang function| initGt function| clearUserNameTip function| clearPasswrdTip undefined| lang object| nc undefined| nc_appkey string| nc_scene string| nc_token object| nc_option function| googleAuth function| oninputx object| __nc function| initializeJsonp_06780753914187363 object| dataLayer object| x function| DOMPurify function| __udeskIo boolean| __udeskApiInit object| headEl function| udesk_jsonp0 function| yCtOu string| FAIL undefined| pure function| Geetest function| udesk_jsonp1 boolean| waitShow function| udesk_jsonp2

5 Cookies

Domain/Path Name / Value
lnrq.grovex.io/ Name: SESSION
Value: ZWMyNjAwNjgtMjg0ZS00ZTVlLThiYTItOTU5NjJlYWE3NGNh
lnrq.grovex.io/ Name: servicelanguage
Value: en-US
lnrq.grovex.io/ Name: _uab_collina
Value: 171172442156680066100227
.grovex.io/ Name: cfz_google-analytics_v4
Value: %7B%22PySP_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1743260421943%7D%2C%22PySP_engagementStart%22%3A%7B%22v%22%3A%221711724421943%22%2C%22e%22%3A1743260421943%7D%2C%22PySP_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1743260421943%7D%2C%22PySP_ga4sid%22%3A%7B%22v%22%3A%22652958256%22%2C%22e%22%3A1711726221943%7D%2C%22PySP_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1743260421943%7D%2C%22PySP_ga4%22%3A%7B%22v%22%3A%22c553d408-7d23-486f-b76e-36a760ff09f6%22%2C%22e%22%3A1743260421943%7D%2C%22PySP__z_ga_audiences%22%3A%7B%22v%22%3A%22c553d408-7d23-486f-b76e-36a760ff09f6%22%2C%22e%22%3A1743260421943%7D%2C%22PySP_let%22%3A%7B%22v%22%3A%221711724421943%22%2C%22e%22%3A1743260421943%7D%7D
.mmstat.com/ Name: sca
Value: 7ebd1e15

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://lnrq.grovex.io/login.html
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://lnrq.grovex.io/login.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.geetest.com
assets-cli.s2.udesk.cn
basevistor.s2.udesk.cn
cf.aliyun.com
chainup.s2.udesk.cn
g.alicdn.com
gm.mmstat.com
lnrq.grovex.io
static-ud.udesk.cn
static.geetest.com
stats.g.doubleclick.net
www.google.com
142.251.35.164
172.67.203.13
203.107.54.59
2401:b180:7003::2e
2404:2280:1b2:0:3::a
2606:4700::6811:6c1
2607:f8b0:4002:c1b::9c
43.159.107.100
47.101.43.130
47.246.23.228
47.246.23.230
59.82.132.149
014ea43c07256144befa08fa7ca72f3d837ec1e1ef143b6de3ac93bed168b67e
048608e8a0f96b8c02d49dc8b96579cb42ccc0027747cccf774fb3c8fc5de3ab
05b652bdeb0ab76dceec30c1d40dd96fe6f94301e622eec57aa5478402e40b3f
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93
1187f5b6a4b92deadfd08d1b10e6518dbc12f19f85a62d178a971f8727e507c1
198956fc4dfbc15c40bbf16b2a87582ae272edf2cb776c79726359a8d83a9c87
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
24bff03b4ca0f60d044aa247dcb0e3d5629cd624bbd3dd2eb7e447ad754f18b0
2f6a95f5926d2f50352ac56afeec409dce647807415613d1ec84bef9e70de1a0
51a71e4960b83975c8f27c92ec7957cc9303b61a841cb2834d163aef5c929655
51bf0813b15b0b4d544e91fd58debac5756319c3beafeafc4ede9b84c441554a
523c832eaa081767b8d8470d8938718254b1c971ff8876e678039dbdc8f16dfc
570cf9dbd0ece40ca9923a456896bb996bbf7cfd76b46de32e37ecf6afbca33b
68c5df138a5476a8c84d4ab5395ec5ef3685b7fd852f516b07fb84c38bc641a5
6fed8c675558304245621695feb3d23ae0e7ad4693777e738c11c90ac4bc231b
727301613d4e4aa793a0ef89dd8a3aa5e07f08544db7681b839244b5c565ecd7
73ddb9c21f696368b53d056fd0a4106af9737cadcdd98d4dc858a560b0fd6b4a
7dd344a3c384c667ff8aa8b2c3ad8220bf54e8e1e8342ee37b5d748f78fa3b48
8b1f030692803f149f888d6c6fe2f2da71feb30f7bfb92fc283c1059396411da
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a
a16ab8dd45da8e95d686290e4cb583690e5ffba4eca4e484ce893b192269d3b6
a1d30462bf8648ddb5e395a3c3c20ea8a34b8a422e8a269402dc34ec46e4d2f3
a3b12a358b9fc432e33a4f9f3a7b4e41ba34d074aedd217c691ca8ba16f46637
afd33d77fadfb6c78c874335415d2268513a846b1d358268507a09d015cb9ffd
c103b3ac7f482f9292e449276a40b4549c8ad8fd138a2eead25894523f767d33
c48789c24e0ae288b574acb83abdd1ccee8aa3694b49b83b466b8e1605cb2fa1
c902b42639737eed3eb6fb0799c702a514f8cae8d0c0c6bdbaa756960e85e230
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc8cd6dcb8b31f1110ac9067fb16fcc34787bdce5114f73501428a76738fbc5a
e1d354f46945c735d0cc4c2ca7e90b757803f092bd8c1c2c8ec9c94643125f17
e1e877dd31d9759f0bb05f7fb89c7f7ce366dd3cce16ae168ae2938722238882
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efbd2b54b1276a9ca888a55ed3c740a8c9c4e9b7a0254eb3ead1b718e76510f0
f0c2bc214a13836c7343e545aaf10b34a02ad3234a5049a4bb38343fc0877e2b
f2c627d7157361de70c88f250c8699ceb6c1d58b2713c0b453fc538e41a103da