urlscan.io logo urlscan.io
SecurityTrails logo

42xr.com Open in urlscan Pro
2606:4700:3032::6815:3229  Public Scan

Go To Rescan Add Verdict Report
URL: https://42xr.com/
Submission: On October 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3032::6815:3229, located in United States and belongs to CLOUDFLARENET, US. The main domain is 42xr.com.
TLS certificate: Issued by GTS CA 1P5 on September 18th 2023. Valid for: 3 months.
This is the only time 42xr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 134.122.135.51 64050 (BCPL-SG B...)
1 162.218.28.94 62587 (ANT-CLOUD)
6 9 118.107.45.21 64050 (BCPL-SG B...)
1 157.185.162.35 54994 (ML-1432-5...)
1 163.181.145.219 24429 (TAOBAO Zh...)
1 203.107.86.226 37963 (ALIBABA-C...)
34 11
2    2606:4700:3032::6815:3229 (United States)

ASN13335 (CLOUDFLARENET, US)
42xr.com
6    2606:4700:3037::6815:47b4 (United States)

ASN13335 (CLOUDFLARENET, US)
niubixxx.xyz
7    2606:4700:3032::ac43:d086 (United States)

ASN13335 (CLOUDFLARENET, US)
niubixxx.com
9    2606:4700:10::ac43:8ab (United States)

ASN13335 (CLOUDFLARENET, US)
feimian.slsltutu.com
1    134.122.135.51 (Hong Kong, Hong Kong)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)
c7575tp.com
1    162.218.28.94 (United States)

ASN62587 (ANT-CLOUD, US)
69688qp.com
9    118.107.45.21 (Singapore)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)
kki.kdfe8.com
1    157.185.162.35 (Canada)

ASN54994 (ML-1432-54994, CA)
static.qwahk.com
1    163.181.145.219 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
sdk.51.la
1    203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
collect-v6.51.la
Apex Domain
Subdomains		 Transfer
9 kdfe8.com
kki.kdfe8.com
615 KB
9 slsltutu.com
feimian.slsltutu.com — Cisco Umbrella Rank: 640364
82 KB
7 niubixxx.com
niubixxx.com
22 KB
6 niubixxx.xyz
niubixxx.xyz
411 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 63196
collect-v6.51.la — Cisco Umbrella Rank: 58204
14 KB
2 42xr.com
42xr.com
4 KB
1 qwahk.com
static.qwahk.com
183 KB
1 69688qp.com
69688qp.com
441 KB
1 c7575tp.com
c7575tp.com
622 KB
34 9
Domain Requested by
9 kki.kdfe8.com 6 redirects 42xr.com
9 feimian.slsltutu.com 42xr.com
7 niubixxx.com 42xr.com
niubixxx.com
6 niubixxx.xyz 42xr.com
niubixxx.xyz
2 42xr.com 42xr.com
1 collect-v6.51.la sdk.51.la
1 sdk.51.la 42xr.com
1 static.qwahk.com 42xr.com
1 69688qp.com 42xr.com
1 c7575tp.com 42xr.com
34 10
Subject Issuer Validity Valid
42xr.com
GTS CA 1P5		 2023-09-18 -
2023-12-17		 3 months crt.sh
niubixxx.xyz
E1		 2023-08-27 -
2023-11-25		 3 months crt.sh
niubixxx.com
E1		 2023-08-27 -
2023-11-25		 3 months crt.sh
slsltutu.com
GTS CA 1P5		 2023-08-24 -
2023-11-22		 3 months crt.sh
c7575tp.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
69688qp.com
R3		 2023-09-14 -
2023-12-13		 3 months crt.sh
static.qwahk.com
Buypass Class 2 CA 5		 2023-06-09 -
2023-12-05		 6 months crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-20 -
2024-05-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://42xr.com/
Frame ID: 6FA845A2764C4204638751A74C297C17
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

24小时日本MV在线视频-亚洲一区二区三区高清在线观看-狼群视频在线观看高清免费-黄沙视频在线观看免费直播

Page Statistics

34
Requests

85 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

5
Countries

2392 kB
Transfer

2652 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://kki.kdfe8.com/wg-2023440066/960-100.gif HTTP 302
  • https://kki.kdfe8.com/GE/CC/VALIDATOR?key=f1f2d2ec41c771e4003a01a3dd4baa29.b43673ae2fcee84ee6e4e43cd9519328.1696719662&url=https%3A%2F%2Fkki.kdfe8.com%2Fwg-2023440066%2F960-100.gif HTTP 302
  • https://kki.kdfe8.com/wg-2023440066/960-100.gif
Request Chain 25
  • https://kki.kdfe8.com/tu-2022290039/960-100.gif HTTP 302
  • https://kki.kdfe8.com/GE/CC/VALIDATOR?key=573a9da70907e571e1f985843b616263.b43673ae2fcee84ee6e4e43cd9519328.1696719662&url=https%3A%2F%2Fkki.kdfe8.com%2Ftu-2022290039%2F960-100.gif HTTP 302
  • https://kki.kdfe8.com/tu-2022290039/960-100.gif
Request Chain 26
  • https://kki.kdfe8.com/tu-pic/960-100.gif HTTP 302
  • https://kki.kdfe8.com/GE/CC/VALIDATOR?key=181abd6ee3a3c2d554b06244848ff56a.b43673ae2fcee84ee6e4e43cd9519328.1696719662&url=https%3A%2F%2Fkki.kdfe8.com%2Ftu-pic%2F960-100.gif HTTP 302
  • https://kki.kdfe8.com/tu-pic/960-100.gif

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
42xr.com/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e226f6d8ff0527d4c01411f618fc316c969d5c1c9e842519b538aa91bdf82f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8129c36aa8ee6dad-MIA
content-encoding
br
content-type
text/html
date
Sat, 07 Oct 2023 23:00:58 GMT
last-modified
Tue, 03 Oct 2023 18:33:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCv1sILawhFcNY6NDAjtz5S145EzN5Ft2OrPIVkhvJMoV%2F%2Bdz4PEzcA3B025Cmj1uc1ml1hRtALWLlk0AI4mNfsKouGpjE2gMuGJA3v2f4ikUY9dQU5sZZlDidF5fxb%2FVwk8gE1khw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
seajump.js
42xr.com/js/ 		0
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://42xr.com/js/seajump.js
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Aug 2022 00:38:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0934faa63a8d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FfTFPw45lIhu%2FzIeIpOWHqU0Eu97AuKvhQxSenLZqKNZlkJHNiVD%2FGCeyk6FR9X1Ciknid%2Bm0AgtVsVUkaFwZZXpm3yslZrMibjulS1z7NN0c2HbINLMdJlOtmd%2BlCJzWIP29tPXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8129c36beaba6dad-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
_pc_theme.css
niubixxx.xyz/static/css/ 		96 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://niubixxx.xyz/static/css/_pc_theme.css?1300081
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ab58189cc280969f6e69edbbf2b38f636226ce7a18db9f41730060ed0b320b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Aug 2022 15:09:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qh9x2aslhRDwF1Io6uMdT3RG4ECqBcrduM0o3uOJlHb%2FcI3S%2FvBtkwL%2BI3tTX6qoxV1fSkbqACO4jeCzgS%2FGMEEHDoQuuNvbumQGmsb9bCYbOm2L9T%2Bs9ztMTRn83GWXRi3%2Bn3Kkjh8%2BCkk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
8129c36c8d12daf1-MIA
alt-svc
h3=":443"; ma=86400
_swiper.css
niubixxx.xyz/static/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://niubixxx.xyz/static/css/_swiper.css?1300081
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b117ef60d65bdca025fefb996ec9aff7b0c32b1a419035ca4a607309217e4fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Aug 2022 11:35:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s927r3HiPxTQXR8mdfa06LW%2BW2nL3TYlJ7NHCUER1OUskiRrlG2Sn3tM6CvfUQu51JkrqOmaBXNEciyRorr0FKmFbuYMU4plsFo0Q4yhLkL5bxY%2BRAi%2BLGF5dm%2BcNTgeGITbCTyiWHSgAiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
8129c36c9d14daf1-MIA
alt-svc
h3=":443"; ma=86400
gg.js
niubixxx.com/seo/ 		2 KB
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://niubixxx.com/seo/gg.js
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
285cddb0c9a34482900d2a8f354a90ba175661402d8ca62f46c89a16bf3d4447

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Aug 2023 14:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpKukdUciSYGTW7LkgtC6cUvMl7zuCMcWbranRdbaI%2FepqcCVExfRV%2F7l1I8iVPt68dTvJWmay4Hei94pfb5ryYg6GoeiHTzZUAWQ2paKCch0IlxrCWIBdNjVhpbUFKpI6cHbKBqUXuPvCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8129c36cfe4f8dba-MIA
alt-svc
h3=":443"; ma=86400
tui.js
niubixxx.com/seo/ 		2 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://niubixxx.com/seo/tui.js
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2f912c75b39c7f29fd9899d3e2dc704f34933b614b52758d9d3d9d3721d24c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 24 Sep 2023 08:50:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSegkUY96FhY0lcdy6EIz%2FG5Xn68oOWxX8AaDvL1INYVfNwQ2huha9zTqAMHpX1indh2SWhtASbUx4ABgQC0k8wEGh4FnJagCr%2F9MwhNka2Ssu2FLwAuOO6qIMrcIhKv20ThjaWgrx7fa%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8129c36cfe538dba-MIA
alt-svc
h3=":443"; ma=86400
920841d3ae32c343c7cb52aab529c518.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/920841d3ae32c343c7cb52aab529c518.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc689aedda9e9d240c0dc937c8001fa8e0a237f291850b1fd94b877602846d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=17787
content-disposition
inline; filename="920841d3ae32c343c7cb52aab529c518.webp"
content-length
9332
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 06:15:38 GMT
server
cloudflare
etag
"651bb18a-457b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36e99d612a7-MIA
770344ca18a8fd2ab8f0e8d66c1dd101.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/770344ca18a8fd2ab8f0e8d66c1dd101.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06b338626686c8f35728c8fa91591a9d14e474b1fb05a9a0d05fd074568af667

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
MISS
last-modified
Tue, 03 Oct 2023 06:15:38 GMT
server
cloudflare
etag
"651bb18a-40c5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36e99d812a7-MIA
content-length
16581
d7a9f76a2cfc50f7423e26c6f40db54f.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/d7a9f76a2cfc50f7423e26c6f40db54f.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330703cbfe2925a97a476bdb3573ed44bf159c95f09099614909b047afae7008

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
MISS
last-modified
Tue, 03 Oct 2023 06:15:34 GMT
server
cloudflare
etag
"651bb186-2b14"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36e99d912a7-MIA
content-length
11028
afb17bd946e562630a243cc29bf6c81d.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/afb17bd946e562630a243cc29bf6c81d.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce640151939dce1adc93f0407481f1f843dad22624e78d5a9bcd8505c436098

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
MISS
last-modified
Tue, 03 Oct 2023 06:15:38 GMT
server
cloudflare
etag
"651bb18a-2674"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36e99da12a7-MIA
content-length
9844
a514c23d4accb45fbe43f40aabb01c21.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/a514c23d4accb45fbe43f40aabb01c21.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd755c56ccebd31ae8a164eb6ec2c8e27644b74dc2bbc2f738797d039c41d3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=8735
content-disposition
inline; filename="a514c23d4accb45fbe43f40aabb01c21.webp"
content-length
7292
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 06:15:22 GMT
server
cloudflare
etag
"651bb17a-221f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36e99db12a7-MIA
4731e198cd7357863979c761db2d1132.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/4731e198cd7357863979c761db2d1132.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a3dfeee1d42b3be1ddcca930782cf063b8d012c956ae1aca36be23c28c3e42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=9400
content-disposition
inline; filename="4731e198cd7357863979c761db2d1132.webp"
content-length
8824
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 06:15:22 GMT
server
cloudflare
etag
"651bb17a-24b8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36e99dc12a7-MIA
38c337eff294931d95c54bb22e94eb2d.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/38c337eff294931d95c54bb22e94eb2d.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70b2ebf84db18919e084b2e5bac792958fd77d8797c853a376a4128c3e07cd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=9613
content-disposition
inline; filename="38c337eff294931d95c54bb22e94eb2d.webp"
content-length
7366
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 06:15:18 GMT
server
cloudflare
etag
"651bb176-258d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36ea9f612a7-MIA
6dcca3d463ce8c82f48110672bcd47f4.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/6dcca3d463ce8c82f48110672bcd47f4.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d945793ff849772845bcb2013eef96c6005161b567b096268b893907adfa9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 06:15:22 GMT
server
cloudflare
cf-polished
origSize=8904, status=webp_bigger
etag
"651bb17a-22c8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36ea9f712a7-MIA
content-length
8515
2a1c6f0532fb709367b7baec9df0df58.jpg
feimian.slsltutu.com/upload/vod/20231003-1/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feimian.slsltutu.com/upload/vod/20231003-1/2a1c6f0532fb709367b7baec9df0df58.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d129c202b43748619f2237e1d68afea466a7d82433b78dccb16c48af61d6397

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=5347
content-disposition
inline; filename="2a1c6f0532fb709367b7baec9df0df58.webp"
content-length
3440
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 06:15:14 GMT
server
cloudflare
etag
"651bb172-14e3"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8129c36eb9fe12a7-MIA
_www.js
niubixxx.xyz/static/js/ 		210 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://niubixxx.xyz/static/js/_www.js?1300081
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb1a631ff45c1e696543c3e7b56016c412f0dcfb61a67981e02bf0d2d61a852

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Aug 2022 12:54:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fe6znuElXSlcMM3ZLX8E%2B8iL226Z%2FH8BdKgZ%2FQnARTcJ4QxUKBEysffhImI%2FE1XLh2QYn5kC17paEh4CxIhZBu7Rh%2FgUxwigdCwBu20pzEOPerzs2A56%2FiJ14N8ZxzPxCe4o%2Fp9NN%2FuPlvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8129c36d3e25daf1-MIA
alt-svc
h3=":443"; ma=86400
alltop.js
niubixxx.com/seo/ 		1 KB
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://niubixxx.com/seo/alltop.js
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec9a1e575af0098b889c6b3e6bed434bc1c1acc8b442c865768e4bdd3c6de6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Aug 2023 14:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LuqNoNhYj373CB%2Bj5vzb7zxLwEMmhZEMlN7Fwxsw39LI%2F3v9aYmDQWHa1aMG2Q%2Bl1K4hRsZA1bMaxG5aIPXQhPZX42InIQnt%2FQETW8EOqW8N2zrhFyGrnxT1dQtx8E%2BoPqmQIoXZDUNQkc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8129c36d3e9c8dba-MIA
alt-svc
h3=":443"; ma=86400
top.js
niubixxx.com/seo/ 		1 KB
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://niubixxx.com/seo/top.js
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c834fa8662c4e953fb2dd63b27c28dc25d2f245a5c9a2e3f606a9e68b6c8152

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Aug 2023 14:05:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2upJYWr4pfnDtCN91AoCkEEruQe2feN%2FxbO9RsLA7KNJDz3SiLCqSa%2F%2Fl%2FJm8zh1rKwHj812SGsscObfF%2FlgPLLYiHfTUrBJ5pQAx5JYgrbJ6zqSAEtcw%2F4pbN6KDJ6lhBddEExk8TUEGTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8129c36d3e9f8dba-MIA
alt-svc
h3=":443"; ma=86400
allbottom.js
niubixxx.com/seo/ 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://niubixxx.com/seo/allbottom.js
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9d3c39fa77e36343a63ce6d16e041fc09eaacbbb51d7f5798d93d8e911e8c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Aug 2023 14:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6LbfxMPmgja5aS1mDIU0UhBaKjrnyJvpD%2BCTBesWR0%2BjsFUsFT5w5DdeQGSSssAs4GKpW3g6Coz38jc5ayWs%2BjtN3Ys7gSbmgMeD0GRss4K1KJie2rpvSvcTnENcinLXb8kd3k6H0cZtpE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8129c36d3ea28dba-MIA
alt-svc
h3=":443"; ma=86400
iconfont.woff
niubixxx.xyz/static/css/ 		0
0
iconfont.ttf
niubixxx.xyz/static/css/ 		0
0
dz.jpg
niubixxx.com/seo/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niubixxx.com/seo/dz.jpg
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd7ee1b3d5a3a771c4b0fa2b31213e8c7e0b7fc9c143ad42be796f2b1e62608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 11 May 2022 06:52:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fblHrX6s3HSg3dV7UZ6BDWah%2FpiPA2U4EQrj5ndGdbBFGd4MV2gzTrB6XPmf8crYhaU87fLEbHSYmS5vMlHraAfO8re%2FHB%2FFTztoAAu5WN0HY1506lS45MqtVtpND8Z4EC2i0fUED%2B%2BRMSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
8129c36e485f8dba-MIA
alt-svc
h3=":443"; ma=86400
content-length
17693
tw.js
niubixxx.com/seo/ 		439 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://niubixxx.com/seo/tw.js
Requested by
Host: niubixxx.com
URL: https://niubixxx.com/seo/alltop.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0042660c442aac3834783a9282ebde9e8d57718ef264756216e3d93f81b1e0

Request headers

Referer
https://42xr.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 07 Oct 2023 23:00:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 24 Sep 2023 08:51:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aar7QkT%2BDfR%2FzWxHYdhdomw1lsY9JiCmtlY3LQgMHi1cMtPbC37tfqHwi3V4YRuFvOGgVEolitK6TSsuU1KPSj0Kfn%2FcmEaAWFeLOFLeBZHkFi4r2Xmn8RMwZmZl%2BYdd30Xz1Ql0C5Hz6A0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8129c36f6ef2da9b-MIA
alt-svc
h3=":443"; ma=86400
960x100.gif
c7575tp.com/setu/ 		622 KB
622 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c7575tp.com/setu/960x100.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.122.135.51 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty /
Resource Hash
2a984c9124e62651c923525f64e138e48053f4cabf2825d5340fb8c61184eef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Sat, 07 Oct 2023 23:01:02 GMT
Strict-Transport-Security
max-age=31536000
Via
ad08-a35
Last-Modified
Sun, 21 May 2023 08:35:54 GMT
Server
openresty
ETag
"6469d7ea-9b74c"
Content-Type
image/gif
CDN-Cache
HIT
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
636748
Expires
Tue, 31 Oct 2023 08:29:53 GMT
8884.gif
69688qp.com/tp/ 		441 KB
441 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://69688qp.com/tp/8884.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.218.28.94 , United States, ASN62587 (ANT-CLOUD, US),
Reverse DNS
Software
openresty /
Resource Hash
52044f75ed84767cda3d36b541150b25926b9e2ab0725309b4d71baf94ce03ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Sat, 07 Oct 2023 23:32:32 GMT
Via
162.218.28.90
Last-Modified
Wed, 11 May 2022 08:52:49 GMT
Server
openresty
ETag
"627b7961-6e35d"
Content-Type
image/gif
CDN-Cache
HIT
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
451421
Expires
Fri, 01 Sep 2023 05:53:52 GMT
960-100.gif
kki.kdfe8.com/wg-2023440066/
Redirect Chain
  • https://kki.kdfe8.com/wg-2023440066/960-100.gif
  • https://kki.kdfe8.com/GE/CC/VALIDATOR?key=f1f2d2ec41c771e4003a01a3dd4baa29.b43673ae2fcee84ee6e4e43cd9519328.1696719662&url=https%3A%2F%2Fkki.kdfe8.com%2Fwg-2023440066%2F960-100.gif
  • https://kki.kdfe8.com/wg-2023440066/960-100.gif
180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kki.kdfe8.com/wg-2023440066/960-100.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Server
118.107.45.21 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
eb8cb8c2a2604ea4f7401baa35c9c894a40d95c1ad7bea3bfa110345829e7c40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 18:37:28 GMT
content-encoding
br
last-modified
Sat, 07 Oct 2023 22:48:26 GMT
server
nginx
etag
"1696718906_br"
vary
Accept-Encoding
x-cache
HIT, policy, memory
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 18:37:28 GMT

Redirect headers

location
https://kki.kdfe8.com/wg-2023440066/960-100.gif
date
Sat, 07 Oct 2023 23:01:03 GMT
content-length
0
content-type
text/html; charset=utf-8
960-100.gif
kki.kdfe8.com/tu-2022290039/
Redirect Chain
  • https://kki.kdfe8.com/tu-2022290039/960-100.gif
  • https://kki.kdfe8.com/GE/CC/VALIDATOR?key=573a9da70907e571e1f985843b616263.b43673ae2fcee84ee6e4e43cd9519328.1696719662&url=https%3A%2F%2Fkki.kdfe8.com%2Ftu-2022290039%2F960-100.gif
  • https://kki.kdfe8.com/tu-2022290039/960-100.gif
248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kki.kdfe8.com/tu-2022290039/960-100.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Server
118.107.45.21 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
05a61738d2b180ef33ebc8debd0f1aecd6484c928458c636650b0f0523612ee0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 13:34:46 GMT
content-encoding
br
last-modified
Sat, 07 Oct 2023 22:14:26 GMT
server
nginx
etag
"1696716866_br"
vary
Accept-Encoding
x-cache
HIT, policy, memory
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 13:34:46 GMT

Redirect headers

location
https://kki.kdfe8.com/tu-2022290039/960-100.gif
date
Sat, 07 Oct 2023 23:01:03 GMT
content-length
0
content-type
text/html; charset=utf-8
960-100.gif
kki.kdfe8.com/tu-pic/
Redirect Chain
  • https://kki.kdfe8.com/tu-pic/960-100.gif
  • https://kki.kdfe8.com/GE/CC/VALIDATOR?key=181abd6ee3a3c2d554b06244848ff56a.b43673ae2fcee84ee6e4e43cd9519328.1696719662&url=https%3A%2F%2Fkki.kdfe8.com%2Ftu-pic%2F960-100.gif
  • https://kki.kdfe8.com/tu-pic/960-100.gif
186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kki.kdfe8.com/tu-pic/960-100.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Server
118.107.45.21 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
08cf1188382f6dd5c2683bf9fca8520a799c341d34754837863a5d346e687a51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 18:37:28 GMT
content-encoding
br
last-modified
Sat, 07 Oct 2023 22:51:26 GMT
server
nginx
etag
"1696719086_br"
vary
Accept-Encoding
x-cache
HIT, policy, memory
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 18:37:28 GMT

Redirect headers

location
https://kki.kdfe8.com/tu-pic/960-100.gif
date
Sat, 07 Oct 2023 23:01:03 GMT
content-length
0
content-type
text/html; charset=utf-8
960x60.gif
static.qwahk.com/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.qwahk.com/960x60.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.185.162.35 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c25d50eea7fe6b832b3b5a1b3735f5cd9cdd3feb917ca24e9ac82c83bc7ad8b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 05:56:58 GMT
Via
1.1 dianxun232:10 (W), 1.1 PSmgshxSJC1cd36:13 (W)
Last-Modified
Tue, 19 Sep 2023 05:56:57 GMT
Server
PWS/8.3.1.0.8
X-Reqid
2019214167228197202309191356589wuCwOrOsampled
ETag
"1695103017"
X-Ws-Request-Id
65093829_PSmgshxSJC1cd36_28527-52588
Access-Control-Allow-Methods
*
Content-Type
image/gif;charset=UTF-8
X-Cache
HIT, server, memory
Access-Control-Allow-Orign
*
X-Px
ms PSmgshxSJC1cd36SJC,ms dianxun232HKG(origin)
Accept-Ranges
bytes
Content-Length
186717
yx1.gif
niubixxx.xyz/img/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niubixxx.xyz/img/yx1.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b40ec29e7bdc1f30f11043e8f1d5a84acd0e6aff3a3399e999b1907cbf3c172

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:01:00 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 04 Jul 2022 10:49:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZpZIEgUgREydRTK52GCKgNLxubr%2BREJcgPPh8aJVUV34b%2FO1O2r4j%2BE7dzv51TiBjm9Kj6K1ZJjxnyKT2KxxVo5maQCpy51InWRcfRpdR%2FHk7VGZsXQB8%2BoJZU0xvIndOr1rSmplFgt4CE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
8129c375fa00daf1-MIA
alt-svc
h3=":443"; ma=86400
content-length
136313
mh1.gif
niubixxx.xyz/img/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niubixxx.xyz/img/mh1.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933e6aecd66d958b3f037a521d35f96848df877ae04d9f27fc5d39aea1c484a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:01:00 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 04 Jul 2022 10:49:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOkSafrliBa8QsDhbWEGhE9hih%2FhLz60ng3lZDNgGjZn0fkTOjdl8ZNg0mvutTIHCrOUifgDV%2Bof874hh%2BypXy6s5%2FT%2B5b7BmQtbsC8t7jdzYQ9l62a1v1ve%2BFCGzv1qjaB158IDSHZXS8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
8129c375fa01daf1-MIA
alt-svc
h3=":443"; ma=86400
content-length
124485
tv2.gif
niubixxx.xyz/img/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niubixxx.xyz/img/tv2.gif
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b59b45c8faa70b7e31e522711a144fba97f4e4dfe9ada14053edd9ec2fe32e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 23:01:00 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 04 Jul 2022 10:49:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZB%2BFDU5K6LOfh0H2YOBHyNY8cmz9Th6sY3hG8VbB5euxaVmr%2F33HQAgtG6Q4hiykSB8%2FkvLmyOzDXhCoGbDmdD%2BLzadn5DkCVOxbie3K6hvJ8DhoVYmFC6RaPu9y4bWm06MFg%2BbbZDDNJbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
8129c375fa05daf1-MIA
alt-svc
h3=":443"; ma=86400
content-length
62865
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: 42xr.com
URL: https://42xr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.145.219 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 14:43:24 GMT
via
cache35.l2us2[656,656,304-0,H], cache10.l2us2[718,0], ens-kunlun1.us21[0,0,200-0,H], ens-kunlun9.us21[1,0]
content-encoding
gzip
x-oss-request-id
651ECB8C1A83213830FAF9F5
content-md5
JLtSDpUX8u0+2Ye0aur3Iw==
age
202658
x-swift-cachetime
1296000
x-cache
HIT TCP_MEM_HIT dirn:12:558734204
x-oss-cdn-auth
success
x-swift-savetime
Thu, 05 Oct 2023 14:43:24 GMT
content-length
12846
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:24:34 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1696517004
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
5143829838470429443
eagleid
a3b5919d16967196626058874e
x-oss-server-time
3
collect
collect-v6.51.la/v6/ 		0
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://42xr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://42xr.com
Date
Sat, 07 Oct 2023 23:01:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
niubixxx.xyz
URL
http://niubixxx.xyz/static/css/iconfont.woff?0529
Domain
niubixxx.xyz
URL
http://niubixxx.xyz/static/css/iconfont.ttf?0529

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| seatype number| seaid undefined| divObj undefined| toplist undefined| bottomlist undefined| k undefined| first function| a0cp function| a0a function| a0c function| Zepto function| $ function| formSubmit function| post function| get object| setting object| API function| _alert function| showMask function| hideMask function| dialog function| toast object| lastLoadMoreElement function| Swiper function| storage function| iError function| initFloat function| _A function| TOPAD function| BOTAD function| PLAD function| _$ object| LA function| _cookie function| mzTpl function| imgError function| DIRURL function| tj function| ajaxDialog function| loadSubPage function| loadSubPageHtml function| userInfo function| refreshUserStatus object| INIT number| _zid function| __lazyLoad function| xCover function| copyText function| initPic function| initNvl number| laWaitTime

4 Cookies

Domain/Path Name / Value
42xr.com/ Name: __vtins__JvQQHizA9WodOPMT
Value: %7B%22sid%22%3A%20%22d65c238e-19c2-5335-ade2-c4383c7d2089%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201696721463175%2C%20%22ct%22%3A%201696719663175%7D
42xr.com/ Name: __51uvsct__JvQQHizA9WodOPMT
Value: 1
42xr.com/ Name: __51vcke__JvQQHizA9WodOPMT
Value: b316e6b4-d6b8-53b2-a203-e868ab29ae62
42xr.com/ Name: __51vuft__JvQQHizA9WodOPMT
Value: 1696719663207

20 Console Messages

Source Level URL
Text
security error URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure font 'http://niubixxx.xyz/static/css/iconfont.woff?0529'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure font 'http://niubixxx.xyz/static/css/iconfont.ttf?0529'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.com/seo/dz.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://niubixxx.com/seo/alltop.js(Line 19)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://niubixxx.com/seo/tw.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://niubixxx.com/seo/alltop.js(Line 19)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://niubixxx.com/seo/tw.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/yx1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/mh1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/tv2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/yx1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/mh1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/tv2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://niubixxx.com/seo/top.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://niubixxx.com/seo/tw.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://niubixxx.com/seo/top.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://niubixxx.com/seo/tw.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/yx1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/mh1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/tv2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/yx1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/mh1.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://42xr.com/
Message:
Mixed Content: The page at 'https://42xr.com/' was loaded over HTTPS, but requested an insecure element 'http://niubixxx.xyz/img/tv2.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://collect-v6.51.la/v6/collect?dt=4
Message:
Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42xr.com
69688qp.com
c7575tp.com
collect-v6.51.la
feimian.slsltutu.com
kki.kdfe8.com
niubixxx.com
niubixxx.xyz
sdk.51.la
static.qwahk.com
niubixxx.xyz
118.107.45.21
134.122.135.51
157.185.162.35
162.218.28.94
163.181.145.219
203.107.86.226
2606:4700:10::ac43:8ab
2606:4700:3032::6815:3229
2606:4700:3032::ac43:d086
2606:4700:3037::6815:47b4
05a61738d2b180ef33ebc8debd0f1aecd6484c928458c636650b0f0523612ee0
06b338626686c8f35728c8fa91591a9d14e474b1fb05a9a0d05fd074568af667
08cf1188382f6dd5c2683bf9fca8520a799c341d34754837863a5d346e687a51
285cddb0c9a34482900d2a8f354a90ba175661402d8ca62f46c89a16bf3d4447
2a984c9124e62651c923525f64e138e48053f4cabf2825d5340fb8c61184eef1
2b40ec29e7bdc1f30f11043e8f1d5a84acd0e6aff3a3399e999b1907cbf3c172
2ec9a1e575af0098b889c6b3e6bed434bc1c1acc8b442c865768e4bdd3c6de6b
330703cbfe2925a97a476bdb3573ed44bf159c95f09099614909b047afae7008
4bd755c56ccebd31ae8a164eb6ec2c8e27644b74dc2bbc2f738797d039c41d3a
52044f75ed84767cda3d36b541150b25926b9e2ab0725309b4d71baf94ce03ef
56d945793ff849772845bcb2013eef96c6005161b567b096268b893907adfa9e
6a2f912c75b39c7f29fd9899d3e2dc704f34933b614b52758d9d3d9d3721d24c
7d129c202b43748619f2237e1d68afea466a7d82433b78dccb16c48af61d6397
8c834fa8662c4e953fb2dd63b27c28dc25d2f245a5c9a2e3f606a9e68b6c8152
8e226f6d8ff0527d4c01411f618fc316c969d5c1c9e842519b538aa91bdf82f9
90ab58189cc280969f6e69edbbf2b38f636226ce7a18db9f41730060ed0b320b
933e6aecd66d958b3f037a521d35f96848df877ae04d9f27fc5d39aea1c484a9
93a3dfeee1d42b3be1ddcca930782cf063b8d012c956ae1aca36be23c28c3e42
9b117ef60d65bdca025fefb996ec9aff7b0c32b1a419035ca4a607309217e4fd
afd7ee1b3d5a3a771c4b0fa2b31213e8c7e0b7fc9c143ad42be796f2b1e62608
bce640151939dce1adc93f0407481f1f843dad22624e78d5a9bcd8505c436098
bd0042660c442aac3834783a9282ebde9e8d57718ef264756216e3d93f81b1e0
bfb1a631ff45c1e696543c3e7b56016c412f0dcfb61a67981e02bf0d2d61a852
c0b59b45c8faa70b7e31e522711a144fba97f4e4dfe9ada14053edd9ec2fe32e
c25d50eea7fe6b832b3b5a1b3735f5cd9cdd3feb917ca24e9ac82c83bc7ad8b2
c70b2ebf84db18919e084b2e5bac792958fd77d8797c853a376a4128c3e07cd2
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
da9d3c39fa77e36343a63ce6d16e041fc09eaacbbb51d7f5798d93d8e911e8c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb8cb8c2a2604ea4f7401baa35c9c894a40d95c1ad7bea3bfa110345829e7c40
ffc689aedda9e9d240c0dc937c8001fa8e0a237f291850b1fd94b877602846d3