Submitted URL: http://3.cn/1Fxv-INt
Effective URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Submission: On March 23 via manual from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 211.144.24.51, located in China and belongs to CHINA169-BJ China Unicom Beijing Province Network, CN. The main domain is tsw.m.jd.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 18th 2022. Valid for: a year.
This is the only time tsw.m.jd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 106.39.164.153 23724 (CHINANET-...)
1 1 111.13.28.27 9808 (CHINAMOBI...)
1 211.144.24.51 4808 (CHINA169-...)
13 163.171.132.119 54994 (QUANTILNE...)
1 123.6.77.65 ()
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 163.171.128.150 54994 (QUANTILNE...)
2 2408:8706:0:a... ()
21 7
Apex Domain
Subdomains
Transfer
12 360buyimg.com
storage.360buyimg.com — Cisco Umbrella Rank: 75676
static.360buyimg.com — Cisco Umbrella Rank: 129016
265 KB
6 jd.com
tsw.m.jd.com
sgm-static.jd.com
wl.jd.com — Cisco Umbrella Rank: 86701
mapi.m.jd.com Failed
uranus.jd.com — Cisco Umbrella Rank: 121986
sgm-m.jd.com
82 KB
3 3.cn
3.cn — Cisco Umbrella Rank: 51586
jstatic.3.cn — Cisco Umbrella Rank: 250415
94 KB
0 Failed
function sub() { [native code] }. Failed
21 4
Domain Requested by
11 storage.360buyimg.com tsw.m.jd.com
2 sgm-m.jd.com sgm-static.jd.com
2 3.cn 2 redirects
1 uranus.jd.com wl.jd.com
1 jstatic.3.cn tsw.m.jd.com
1 wl.jd.com tsw.m.jd.com
1 sgm-static.jd.com tsw.m.jd.com
1 static.360buyimg.com tsw.m.jd.com
1 tsw.m.jd.com
0 virtual Failed storage.360buyimg.com
0 mapi.m.jd.com Failed storage.360buyimg.com
21 11

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
storage.360buyimg.com
Subject Issuer Validity Valid
*.jd.com
GlobalSign RSA OV SSL CA 2018
2022-10-18 -
2023-11-19
a year crt.sh

This page contains 1 frames:

Frame: openapp.jdmobile://virtual?params={%22category%22:%22jump%22,%22des%22:%22orderDetail%22,%22orderId%22:%22260144857119%22,%22isNew%22:true}
Frame ID: E1D7404792AA8D6854E563D1201760F6
Requests: 25 HTTP requests in this frame

Screenshot

Page Title


Page URL History Show full URLs

  1. http://3.cn/1Fxv-INt HTTP 302
    https://3.cn/1Fxv-INt HTTP 302
    https://tsw.m.jd.com/cardorderjump?orderId=260144857119 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • zepto.*\.js

Page Statistics

21
Requests

90 %
HTTPS

25 %
IPv6

4
Domains

11
Subdomains

7
IPs

2
Countries

440 kB
Transfer

1396 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://3.cn/1Fxv-INt HTTP 302
    https://3.cn/1Fxv-INt HTTP 302
    https://tsw.m.jd.com/cardorderjump?orderId=260144857119 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request cardorderjump
tsw.m.jd.com/
Redirect Chain
  • http://3.cn/1Fxv-INt
  • https://3.cn/1Fxv-INt
  • https://tsw.m.jd.com/cardorderjump?orderId=260144857119
10 KB
5 KB
Document
General
Full URL
https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
211.144.24.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
jfe /
Resource Hash
82a9d1214c767e7dca60f60962c186c50b34920cb8d0e75bba7907c9095014c0
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, no-cache, must-revalidate, proxy-revalidate
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 19:42:05 GMT
etag
W/"639975d8-2977"
last-modified
Wed, 14 Dec 2022 07:06:00 GMT
server
jfe
strict-transport-security
max-age=7776000
vary
Accept-Encoding

Redirect headers

Connection
close
Content-Length
0
Date
Thu, 23 Mar 2023 19:42:05 GMT
Expires
Thu, 23 Mar 2023 19:42:05 GMT
Location
https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Server
jfe
Strict-Transport-Security
max-age=7776000
cache-control
max-age=0
pragma
no-cache
zepto.min.js
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/scripts/
47 KB
12 KB
Script
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/scripts/zepto.min.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
e44587f5bad020c909d5b671feb2e5d4dd73779bd60a943b0d970e73a22d4098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:09 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HB3-MIX-16 (jcs [cMsSfW]), http/1.1 HB-UNI-3-MIX-27 (jcs [cMsSfW])
x-via
1.1 PSxgHKG8sn129:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:11 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:16 (Cdn Cache Server V2.0)
x-jss-request-id
B9849051946B48D3
last-modified
Wed, 14 Dec 2022 07:03:06 GMT
server
nginx
x-trace
200-1671002386334-0-0-1-13-13;200-1671002386338-0-0-0-18-18;200-1671002386324-0-0-0-29-29
etag
W/"1691b25de354baf2d57cc71f0ed1edf8"
x-ws-request-id
641cab90_PSdgflkfFRA2po75_14756-55457
x-jss-content-length
47859
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:09 GMT
idauth.js
static.360buyimg.com/exploit/idauth/2.0/
35 KB
12 KB
Script
General
Full URL
https://static.360buyimg.com/exploit/idauth/2.0/idauth.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
180031804757a27c608faee4539f2b1d44b400d482d9b240ee63f4d701c1432a
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://tsw.m.jd.com/
Origin
https://tsw.m.jd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:10 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HUZ-MIX-16 (jcs [cRs f ]), http/1.1 GDdongguan-CT-01-MIX-200 (jcs [cRs f ])
strict-transport-security
max-age=3600
last-modified
Wed, 24 Mar 2021 16:54:20 GMT
server
nginx
x-trace
304-1679597383930-0-0-18-36-36;200-1679597416392-0-0-0-1-1;200-1679600529976-0-0-0-1-1
x-ws-request-id
641cab91_PSdgflkfFRA2gb73_38927-55083
content-type
application/javascript
access-control-allow-origin
*
x-via
1.1 PSxgHKG8om130:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:14 (Cdn Cache Server V2.0)
cache-control
max-age=3600
timing-allow-origin
*
content-length
11721
expires
Thu, 23 Mar 2023 20:42:10 GMT
wq.imk.downloadAppPlugin.min.js
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/scripts/
85 KB
24 KB
Script
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/scripts/wq.imk.downloadAppPlugin.min.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
6e4603b63f2cc846e5898ecfcb6962d6d9f4ee9b8eab6e366ca6015021312280

Request headers

Referer
https://tsw.m.jd.com/
Origin
https://tsw.m.jd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:09 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HUN-MIX-113 (jcs [cRs f ]), http/1.1 HUNchangsha-CT-01-MIX-163 (jcs [cMsSfW])
x-via
1.1 x140:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:11 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:9 (Cdn Cache Server V2.0)
content-length
23695
x-jss-request-id
9496B35D71E83A6C
last-modified
Wed, 14 Dec 2022 07:03:06 GMT
server
nginx
x-trace
200-1671002065886-0-0-2-15-15;200-1671002385995-0-0-0-0-0;200-1671002386015-0-0-0-11-11
etag
W/"adfad6f0c04125744b5962bf7e44a704"
x-ws-request-id
641cab90_PSdgflkfFRA2gb73_38927-55066
x-jss-content-length
87484
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:09 GMT
viewport-units-buggyfill.min.js
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/scripts/
6 KB
3 KB
Script
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/scripts/viewport-units-buggyfill.min.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
24b66afbe920fec15c6ea60844bafb93ad24d340d03ecebda470ed5f56c61657

Request headers

Referer
https://tsw.m.jd.com/
Origin
https://tsw.m.jd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:09 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HB3-MIX-7 (jcs [cHs f ]), http/1.1 HB-CT-6-MIX-21 (jcs [cMsSfW])
x-via
1.1 x140:1 (Cdn Cache Server V2.0), 1.1 kf230:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:12 (Cdn Cache Server V2.0)
content-length
2636
x-jss-request-id
925C8E68EE7B742E
last-modified
Wed, 14 Dec 2022 07:03:06 GMT
server
nginx
x-trace
200-1671002113641-0-0-0-11-11;200-1671002386026-0-0-0-1-1;200-1671002386037-0-0-0-3-3
etag
W/"d2322a13c481d25451acc721e2d527f3"
x-ws-request-id
641cab90_PSdgflkfFRA2gb73_38927-55067
x-jss-content-length
6352
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:09 GMT
h5_imk_component.min.css
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/scripts/
1 KB
1 KB
Stylesheet
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/scripts/h5_imk_component.min.css
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
61a07a60112471062be62deffd61d918c30a71eb2c257d289cc704cd5ff49543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:09 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HUZ-MIX-6 (jcs [cHs f ]), http/1.1 AHwuhu-UNI-1-MIX-173 (jcs [cMsSfW])
x-via
1.1 x140:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:15 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:0 (Cdn Cache Server V2.0)
content-length
491
x-jss-request-id
BA90CCB3A52F0457
last-modified
Wed, 14 Dec 2022 07:03:06 GMT
server
nginx
x-trace
200-1671002065887-0-0-1-10-10;200-1671002386153-0-0-0-2-2;200-1671002386177-0-0-0-20-20
etag
W/"2eb0c38c286e44b764e05ec14a7a1df1"
x-ws-request-id
641cab90_PSdgflkfFRA2po75_14756-55455
x-jss-content-length
1513
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:09 GMT
sgm-2.6.6.js
sgm-static.jd.com/
133 KB
45 KB
Script
General
Full URL
https://sgm-static.jd.com/sgm-2.6.6.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.6.77.65 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e1b2109453f6b0c9dcdd4ba42fecbe0f49af039f3f5d8f5afecc590a09cb3ec3
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://tsw.m.jd.com/
Origin
https://tsw.m.jd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:15 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HB3-MIX-14 (jcs [cRs f ]), http/1.1 HENzhengzhou-UNI-01-MIX-99 (jcs [cRs f ])
strict-transport-security
max-age=3600
age
62736
content-length
45933
last-modified
Tue, 07 Mar 2023 01:48:42 GMT
server
nginx
x-trace
304-1679537800200-0-0-0-1-1;200-1679600535715-0-0-0-2-2
etag
"640697fa-2124d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
timing-allow-origin
*
expires
Fri, 24 Mar 2023 02:16:39 GMT
main.d548cd3e.chunk.css
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/css/
17 KB
8 KB
Stylesheet
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/css/main.d548cd3e.chunk.css
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
c49c55914376bff6e56ac17304c3744baca8212d069b85e53b725b1f10d644ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:09 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HB3-MIX-20 (jcs [cRs f ]), http/1.1 HB-UNI-3-MIX-32 (jcs [cMsSfW])
x-via
1.1 x140:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:12 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:0 (Cdn Cache Server V2.0)
content-length
7447
x-jss-request-id
AFFAE2DDCB364192
last-modified
Wed, 14 Dec 2022 07:03:11 GMT
server
nginx
x-trace
200-1671002066125-0-0-2-12-12;200-1671002386789-0-0-0-1-1;200-1671002386743-0-0-0-51-51
etag
W/"7b784b0c4f5b6688b6fa4d06f8e4944e"
x-ws-request-id
641cab90_PSdgflkfFRA2po75_14756-55456
x-jss-content-length
17512
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:09 GMT
jssdk.tt.min.js
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/
7 KB
3 KB
Script
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/jssdk.tt.min.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
806e087cf1d06d981249e3fd508cb7bcdafd15e2e6160c22674c9c7989eb0e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:10 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HB3-MIX-24 (jcs [cMsSfW]), http/1.1 HB-CT-6-MIX-18 (jcs [cMsSfW])
x-via
1.1 PSxgHKG8sn129:4 (Cdn Cache Server V2.0), 1.1 kf230:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:2 (Cdn Cache Server V2.0)
x-jss-request-id
9E6207F6AC377EEB
last-modified
Wed, 14 Dec 2022 07:03:06 GMT
server
nginx
x-trace
200-1671002386289-0-0-2-8-8;200-1671002386279-0-0-0-21-21;200-1671002386281-0-0-0-24-24
etag
W/"3832c0e30aec03b80cecf30d27c5a3a2"
x-ws-request-id
641cab90_PSdgflkfFRA2po75_14756-55458
x-jss-content-length
7524
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:10 GMT
jssdk.min.js
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/
74 KB
17 KB
Script
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/jssdk.min.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
655b5e32d41f1583875d06b5d37b79a32dc7ff03944f9c26874cde1b8f0ea6d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:09 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-ZJ-MIX-196 (jcs [cMsSfW]), http/1.1 JN-UNI-2-MIX-16 (jcs [cMsSfW])
x-via
1.1 PSjsczsxvw116:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:0 (Cdn Cache Server V2.0)
x-jss-request-id
8E02FFDAFCEDB71A
last-modified
Wed, 14 Dec 2022 07:03:05 GMT
server
nginx
x-trace
200-1671002386168-0-0-1-16-16;200-1671002386175-0-0-0-68-68;200-1671002386149-0-0-0-84-84
etag
W/"ae0a014142bc646461afa6b24c680005"
x-ws-request-id
641cab90_PSdgflkfFRA2po75_14756-55459
x-jss-content-length
76219
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:09 GMT
unify.min.js
wl.jd.com/
92 KB
29 KB
Script
General
Full URL
https://wl.jd.com/unify.min.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fc9ed99984c563a166b378392a48a34432c5ccbb9752e9db851eb7a8163b4681
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://tsw.m.jd.com/
Origin
https://tsw.m.jd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
gzip
date
Thu, 23 Mar 2023 19:42:09 GMT
last-modified
Tue, 14 Mar 2023 07:02:11 GMT
server
nginx
x-trace
200-1678777357408-0-0-1-6-6;200;200-1678777357531-0-0-0-1-1;200-1678780599739-0-0-0-12-12
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-19-125-210.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
29674
h5_deal_addcart.v1.js
jstatic.3.cn/common/cart/
260 KB
94 KB
Script
General
Full URL
https://jstatic.3.cn/common/cart/h5_deal_addcart.v1.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
5118e0abf288cca1f4d0368f823a375d66c97f25c106c215d33bb9cb4a629194
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://tsw.m.jd.com/
Origin
https://tsw.m.jd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:09 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HUZ-MIX-25 (jcs [cRs f ]), http/1.1 GDdongguan-CT-01-MIX-208 (jcs [cRs f ])
strict-transport-security
max-age=3600
age
1
x-via
1.1 PS-000-01erM87:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:13 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:16 (Cdn Cache Server V2.0)
content-length
95104
ser
142.133
last-modified
Mon, 20 Mar 2023 06:06:29 GMT
server
nginx
x-trace
200-1679308107892-0-0-14-34-34;200;200-1679309597898-0-0-0-1-1;200-1679562880791-0-0-0-1-1
etag
W/"6417f7e5-411cc"
x-ws-request-id
641cab91_PSdgflkfFRA2gb73_38927-55084
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=259200
timing-allow-origin
*
expires
Sun, 26 Mar 2023 09:15:21 GMT
18.986767eb.chunk.js
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/js/
505 KB
142 KB
Script
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/js/18.986767eb.chunk.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
310ed4e2a80c29e48e8fd83cfb2f7e67c13ab51705888f8e5d4438b85ac77085

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:10 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HUN-MIX-18 (jcs [cHs f ]), http/1.1 HENluoyang-UNI-11-MIX-45 (jcs [cMsSfW])
x-via
1.1 PSjsczsxvw116:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:11 (Cdn Cache Server V2.0)
content-length
144806
x-jss-request-id
81CC7123EBF70C12
last-modified
Wed, 14 Dec 2022 07:03:16 GMT
server
nginx
x-trace
200-1671002113591-0-0-1-34-34;200-1671002386200-0-0-0-1-1;200-1671002386180-0-0-0-21-21
etag
W/"c425477aa1ef3fe77a0473247180bdfd"
x-ws-request-id
641cab90_PSdgflkfFRA2po75_14756-55460
x-jss-content-length
517374
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:10 GMT
main.63161c43.chunk.js
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/js/
65 KB
16 KB
Script
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/js/main.63161c43.chunk.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
ce208bbd91666e332c44cecb271e4e500cc299db7004fcd294ae190deca735ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:09 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-ZJ-MIX-199 (jcs [cHs f ]), http/1.1 JN-UNI-2-MIX-12 (jcs [cMsSfW])
x-via
1.1 x140:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:15 (Cdn Cache Server V2.0)
content-length
16061
x-jss-request-id
812ECA5C7430FC83
last-modified
Wed, 14 Dec 2022 07:03:20 GMT
server
nginx
x-trace
200-1671002360720-0-0-0-9-9;200-1671002386664-0-0-0-1-1;200-1671002386662-0-0-0-19-19
etag
W/"586851024cc7c0ed49128c1d66b4f442"
x-ws-request-id
641cab90_PSdgflkfFRA2po75_14756-55461
x-jss-content-length
66344
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:09 GMT
display.action
mapi.m.jd.com/config/
0
0

truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d238435c924e9f9206dc485902448f8567121571c32248d08d6e7abf5531c1ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
m
uranus.jd.com/log/
9 B
319 B
XHR
General
Full URL
https://uranus.jd.com/log/m?std=JA2019_4122262
Requested by
Host: wl.jd.com
URL: https://wl.jd.com/unify.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.150 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
jfe /
Resource Hash
a6be96dcbd03e4faed4eb0fc8fd5f2281abe5bc57c3191663eed809bb3328d72
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://tsw.m.jd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 19:42:11 GMT
strict-transport-security
max-age=86400
server
jfe
access-control-max-age
8640000
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-via
1.1 PSxgHKG8bf118:8 (Cdn Cache Server V2.0), 1.1 kf98:7 (Cdn Cache Server V2.0)
x-ws-request-id
641cab92_kf98_19186-10011
access-control-allow-headers
JD-STD
content-length
9
32.f13e44ff.chunk.css
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/css/32.f13e44ff.chunk.css
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
d899382ba3df3fd8480aa97005b68ba6aceeea1936004f62f38891dddea81b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:10 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HB3-MIX-25 (jcs [cSsNfU]), http/1.1 HB-UNI-3-MIX-229 (jcs [cHs f ])
x-via
1.1 PSjshasx3ag87:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:14 (Cdn Cache Server V2.0)
content-length
3111
x-jss-request-id
B60EF3BDD5E24EB3
last-modified
Wed, 14 Dec 2022 07:03:09 GMT
server
nginx
x-trace
304-1679074841927-0-0-0-72-72;200-1679076235428-0-0-0-1-1
etag
W/"6052a88730f595f3d0ab12ace3e0e3a6"
x-ws-request-id
641cab92_PSdgflkfFRA2po75_14756-55491
x-jss-content-length
4482
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:10 GMT
32.865159ff.chunk.js
storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/js/
29 KB
21 KB
Script
General
Full URL
https://storage.360buyimg.com/tswpaltform/5g-tsw-m/c49a1a2/static/js/32.865159ff.chunk.js
Requested by
Host: tsw.m.jd.com
URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
0236c7e974d6d820f29f4f830f8d1f783e6118dd4fe9b27389cebd70db7d89b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tsw.m.jd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 19:42:10 GMT
content-encoding
gzip
via
http/1.1 ORI-CLOUD-HUZ-MIX-25 (jcs [cSsNfU]), http/1.1 GDdongguan-CT-01-MIX-206 (jcs [cHs f ])
x-via
1.1 PSjshasx3ag87:4 (Cdn Cache Server V2.0), 1.1 kf230:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:6 (Cdn Cache Server V2.0)
content-length
21097
x-jss-request-id
9662825C22EC79A9
last-modified
Wed, 14 Dec 2022 07:03:19 GMT
server
nginx
x-trace
304-1679074763499-0-0-0-55-55;200-1679076235202-0-0-0-2-2
etag
W/"0a5f21eb3f7a4568efc8f47dc3b72576"
x-ws-request-id
641cab92_PSdgflkfFRA2po75_14756-55492
x-jss-content-length
30093
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 20:42:10 GMT
openapp.jdmobile://virtual?params={%22category%22:%22jump%22,%22des%22:%22orderDetail%22,%22orderId%22:%22260144857119%22,%22isNew%22:true}
openapp.jdmobile://virtual?params={%22category%22:%22jump%22,%22des%22:%22orderDetail%22,%22orderId%22:%22260144857119%22,%22isNew%22:true}
0
0

truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8003678f65dcb83d768797246c1ce1a3bc193e18d308b282e639980d1d20a00d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89cfc16653c85f7c4a9d1757eac282f34acd41cf9c5e25a15cbc159c94aaee39

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0de4783ab24429dfa1b1e31035cec09900d10bfd3a0c5bfe733af1dee58613b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
init
sgm-m.jd.com/h5/
1 KB
2 KB
Fetch
General
Full URL
https://sgm-m.jd.com/h5/init
Requested by
Host: sgm-static.jd.com
URL: https://sgm-static.jd.com/sgm-2.6.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2408:8706:0:a100::1e -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4fad5dbf5e9dbc28be3ff786cd006d6bdf584c750b99ad456c25c4a41d1a169e

Request headers

Referer
https://tsw.m.jd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Thu, 23 Mar 2023 19:42:17 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Content-Type, Accept, Sgm-App-Name, Sgm-Token, Sgm-SDK-Version, Content-Encoding
content-length
1324
vitals
sgm-m.jd.com/h5/
0
303 B
Fetch
General
Full URL
https://sgm-m.jd.com/h5/vitals
Requested by
Host: sgm-static.jd.com
URL: https://sgm-static.jd.com/sgm-2.6.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2408:8706:0:a100::1e -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tsw.m.jd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Thu, 23 Mar 2023 19:42:17 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
*
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Content-Type, X-Requested-With, Origin, Content-Type, Accept, Sgm-App-Name, Sgm-Token, Sgm-SDK-Version, Content-Encoding
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mapi.m.jd.com
URL
https://mapi.m.jd.com/config/display.action?isNewVersion=1&_format_=json&orderId=260144857119
Domain
virtual
URL
openapp.jdmobile://virtual?params={%22category%22:%22jump%22,%22des%22:%22orderDetail%22,%22orderId%22:%22260144857119%22,%22isNew%22:true}

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| Zepto function| $ object| __core-js_shared__ function| Idauth string| imk2Version boolean| isLoadedImk2 string| _eyeUrL undefined| _headDom undefined| _eyeDiv object| IMKTOOLS undefined| _imgDom function| CommmonLightLine function| mCarouselNew function| mDownloadTips object| IMK2_COMMON_OPTION object| imk2Handler function| wxOpenApp object| viewportUnitsBuggyfillHacks object| viewportUnitsBuggyfill object| jap function| getQueryString boolean| IsTtApp string| tt object| JSSDK object| fingerprint function| getFingerprint function| MPingSidSeq object| JA function| lg function| lgPv function| MPing function| initMagicModel function| logClstag function| getUnionSeries function| getAndroidUnionSeries function| getUnionSeriesJsonObj function| log function| logJSON function| nlog function| expLogJSON function| unifyRecoReport object| core object| callbackName number| ajaxCount string| __JS_SECURITY_VERSION object| AddcartToolObj function| flexible object| webpackJsonp5g-tsw-m object| regeneratorRuntime function| JSEncrypt

7 Cookies

Domain/Path Name / Value
.jd.com/ Name: __jda
Value: 122270672.1679600530307565000869.1679600530.1679600530.1679600530.1
.jd.com/ Name: __jdb
Value: 122270672.1.1679600530307565000869|1.1679600530
.jd.com/ Name: __jdv
Value: 122270672%7Cdirect%7C-%7Cnone%7C-%7C1679600530308
.jd.com/ Name: __jdc
Value: 122270672
.jd.com/ Name: mba_muid
Value: 1679600530307565000869
.jd.com/ Name: mba_sid
Value: 16796005303115336449616599059.1
.jd.com/ Name: cid
Value: 9

2 Console Messages

Source Level URL
Text
javascript error URL: https://tsw.m.jd.com/cardorderjump?orderId=260144857119
Message:
Access to XMLHttpRequest at 'https://mapi.m.jd.com/config/display.action?isNewVersion=1&_format_=json&orderId=260144857119' from origin 'https://tsw.m.jd.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://mapi.m.jd.com/config/display.action?isNewVersion=1&_format_=json&orderId=260144857119
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7776000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.cn
jstatic.3.cn
mapi.m.jd.com
sgm-m.jd.com
sgm-static.jd.com
static.360buyimg.com
storage.360buyimg.com
tsw.m.jd.com
uranus.jd.com
virtual
wl.jd.com
mapi.m.jd.com
virtual
106.39.164.153
111.13.28.27
123.6.77.65
163.171.128.150
163.171.132.119
211.144.24.51
2408:8706:0:a100::1e
2a02:26f0:480:e::210:f112
0236c7e974d6d820f29f4f830f8d1f783e6118dd4fe9b27389cebd70db7d89b4
180031804757a27c608faee4539f2b1d44b400d482d9b240ee63f4d701c1432a
24b66afbe920fec15c6ea60844bafb93ad24d340d03ecebda470ed5f56c61657
310ed4e2a80c29e48e8fd83cfb2f7e67c13ab51705888f8e5d4438b85ac77085
4fad5dbf5e9dbc28be3ff786cd006d6bdf584c750b99ad456c25c4a41d1a169e
5118e0abf288cca1f4d0368f823a375d66c97f25c106c215d33bb9cb4a629194
61a07a60112471062be62deffd61d918c30a71eb2c257d289cc704cd5ff49543
655b5e32d41f1583875d06b5d37b79a32dc7ff03944f9c26874cde1b8f0ea6d7
6e4603b63f2cc846e5898ecfcb6962d6d9f4ee9b8eab6e366ca6015021312280
8003678f65dcb83d768797246c1ce1a3bc193e18d308b282e639980d1d20a00d
806e087cf1d06d981249e3fd508cb7bcdafd15e2e6160c22674c9c7989eb0e5f
82a9d1214c767e7dca60f60962c186c50b34920cb8d0e75bba7907c9095014c0
89cfc16653c85f7c4a9d1757eac282f34acd41cf9c5e25a15cbc159c94aaee39
a6be96dcbd03e4faed4eb0fc8fd5f2281abe5bc57c3191663eed809bb3328d72
c0de4783ab24429dfa1b1e31035cec09900d10bfd3a0c5bfe733af1dee58613b
c49c55914376bff6e56ac17304c3744baca8212d069b85e53b725b1f10d644ce
ce208bbd91666e332c44cecb271e4e500cc299db7004fcd294ae190deca735ab
d238435c924e9f9206dc485902448f8567121571c32248d08d6e7abf5531c1ee
d899382ba3df3fd8480aa97005b68ba6aceeea1936004f62f38891dddea81b29
e1b2109453f6b0c9dcdd4ba42fecbe0f49af039f3f5d8f5afecc590a09cb3ec3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44587f5bad020c909d5b671feb2e5d4dd73779bd60a943b0d970e73a22d4098
fc9ed99984c563a166b378392a48a34432c5ccbb9752e9db851eb7a8163b4681