urlscan.io logo urlscan.io
SecurityTrails logo

www.lewen123.com Open in urlscan Pro
23.234.25.222  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.lewen123.com/61/61690/.html
Submission: On July 10 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 35 HTTP transactions. The main IP is 23.234.25.222, located in Rowland Heights, United States and belongs to IKGUL-26484, US. The main domain is www.lewen123.com.
This is the only time www.lewen123.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 23.234.25.222 26484 (IKGUL-26484)
7 112.34.113.148 9808 (CMNET-GD ...)
6 2a00:1450:400... 15169 (GOOGLE)
2 101.89.124.234 4812 (CHINANET-...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 203.119.215.3 37963 (CNNIC-ALI...)
1 1 198.11.136.24 45102 (CNNIC-ALI...)
1 106.11.92.15 37963 (CNNIC-ALI...)
2 2a00:1450:400... 15169 (GOOGLE)
1 182.61.200.83 38365 (BAIDU Bei...)
35 10
10    23.234.25.222 (Rowland Heights, United States)

ASN26484 (IKGUL-26484, US)
www.lewen123.com
7    112.34.113.148 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)
bdimg.share.baidu.com
api.share.baidu.com
6    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
www.googletagservices.com
2    101.89.124.234 (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)
s19.cnzz.com
c.cnzz.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    203.119.215.3 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z8.cnzz.com
1    198.11.136.24 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
cnzz.mmstat.com
1    106.11.92.15 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
pcookie.cnzz.com
2    2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    182.61.200.83 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
nsclick.baidu.com
Domain Requested by
10 www.lewen123.com www.lewen123.com
6 bdimg.share.baidu.com www.lewen123.com
bdimg.share.baidu.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com www.lewen123.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 nsclick.baidu.com
1 pcookie.cnzz.com www.lewen123.com
1 cnzz.mmstat.com 1 redirects
1 api.share.baidu.com bdimg.share.baidu.com
1 z8.cnzz.com www.lewen123.com
1 c.cnzz.com s19.cnzz.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 s19.cnzz.com www.lewen123.com
35 15

This site contains links to these domains. Also see Links.

Domain
www.baidu.com
www.cnzz.com
Subject Issuer Validity Valid
*.google.de
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://www.lewen123.com/61/61690/.html
Frame ID: AFCBDD59401FC3485BEFCBF812A9264D
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200707/r20190131/zrt_lookup.html
Frame ID: 862A6E233F86E95B64B5D5C7028F926D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8894941249578844&output=html&h=90&slotname=2706292046&adk=515708172&adf=54630664&w=728&lmt=1492026870&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&flash=0&wgl=1&adsid=NT&dt=1594422474061&bpp=11&bdt=716&idt=87&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3063782210084&frm=20&pv=2&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=195176&dssz=18&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&pvsid=3137664131612252&pem=308&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&xpc=87IJRU7YIV&p=http%3A//www.lewen123.com&dtd=104
Frame ID: 1A39048DDBCC8A261BB5069CDF680024
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8894941249578844&output=html&h=90&slotname=2990494040&adk=184071228&adf=1631216761&w=970&lmt=1492026870&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&flash=0&wgl=1&adsid=NT&dt=1594422474073&bpp=2&bdt=729&idt=99&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3063782210084&frm=20&pv=1&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=719464&dssz=19&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&pvsid=3137664131612252&pem=308&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dOctT30n3Y&p=http%3A//www.lewen123.com&dtd=102
Frame ID: 87FE4C2DE1DE9917F618CFFD9B651776
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8894941249578844&output=html&adk=1812271804&adf=3025194257&lmt=1492026870&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594422475299&bpp=1&bdt=1955&idt=2&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x90&nras=1&correlator=3063782210084&frm=20&pv=1&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=11511200&dssz=20&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&psts=AGkb-H8YGmZJAPHrRl2_KzyQEvtsuxi1_fbG-zrN-1fe--S9j-O6iW11vyh39MblHF_uyw%2CAGkb-H9Tf4XXIvzDAcozyrlwE3ONkTxr40oPnsVFWX1Y-eStUtBl5vKcOXXbcaaoE2Kc&pvsid=3137664131612252&pem=308&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
Frame ID: C57367FEFDF4C4241C82608B341C9778
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 714A1D100B28E08B0B5E9161C7521EF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

35
Requests

34 %
HTTPS

36 %
IPv6

9
Domains

15
Subdomains

10
IPs

3
Countries

287 kB
Transfer

699 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • http://cnzz.mmstat.com/9.gif?abc=1&rnd=1911590312 HTTP 302
  • http://pcookie.cnzz.com/app.gif?&cna=y+KPF4fDIDUCAbnZqww+4ll9

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request .html
www.lewen123.com/61/61690/ 		25 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a074267a47401eef24fa7baf42406ff329b4feb4c19b19c257dac84665644bdc

Request headers

Host
www.lewen123.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html
Last-Modified
Wed, 12 Apr 2017 19:54:30 GMT
ETag
"73f7199c6b3d21:0"
Server
Microsoft-IIS/8.5
Date
Sun, 05 Jul 2020 15:05:35 GMT
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Content-Length
4248
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
common.css
www.lewen123.com/themes/lwxs/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.lewen123.com/themes/lwxs/css/common.css
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
c75c59382c2b4c48d2f7a5f08482f6518482b342c5428c43b3373b3bf06f3bda

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 22:10:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Mar 2017 14:37:08 GMT
Server
Microsoft-IIS/8.5
ETag
"44a6fcdf494d21:0"
Vary
Accept-Encoding
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Content-Type
text/css
Content-Length
4263
read.css
www.lewen123.com/themes/lwxs/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.lewen123.com/themes/lwxs/css/read.css
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
7742bba46b73806c19a8255d464f20974d0ce66657a0bb04e1e6f5050f667095

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 16:51:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Mar 2017 13:13:44 GMT
Server
Microsoft-IIS/8.5
ETag
"c9d8a2d15693d21:0"
Vary
Accept-Encoding
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Content-Type
text/css
Content-Length
4113
jquery-1.7.1.min.js
www.lewen123.com/themes/lwxs/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.lewen123.com/themes/lwxs/js/jquery-1.7.1.min.js
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
18d857ad8313bb7814593303621c7bb94af201f7667d67eaf3eda527ed5440ba

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 18:12:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Nov 2013 16:01:39 GMT
Server
Microsoft-IIS/8.5
ETag
"30f7f7d0e4d7ce1:0"
Vary
Accept-Encoding
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Content-Type
application/javascript
Content-Length
26370
jquery.base.js
www.lewen123.com/themes/lwxs/js/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.lewen123.com/themes/lwxs/js/jquery.base.js
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6661d36b772a61f7e144145e6c228589f7e032a71e11aa1ef5be2261623b5537

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:02:57 GMT
Content-Encoding
gzip
Last-Modified
Sun, 23 Sep 2018 00:26:50 GMT
Server
Microsoft-IIS/8.5
ETag
"6b55cd1ed452d41:0"
Vary
Accept-Encoding
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Content-Type
application/javascript
Content-Length
6378
logo.png
www.lewen123.com/themes/lwxs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lewen123.com/themes/lwxs/logo.png
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
1839673b8cd9f3f23bc7880ccb1607fe24006bd9e2e71395aaa8cc281c0432c3

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 27 Apr 2020 15:15:20 GMT
Last-Modified
Sun, 23 Sep 2018 00:09:48 GMT
Server
Microsoft-IIS/8.5
ETag
"ac8afdbdd152d41:0"
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4027
ui-icon.png
www.lewen123.com/themes/lwxs/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lewen123.com/themes/lwxs/ui-icon.png
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
4c8416c117b7505764023500a263dcc38875606f389e898eff5d2f1339761785

Request headers

Referer
http://www.lewen123.com/themes/lwxs/css/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 19 Oct 2019 09:45:40 GMT
Last-Modified
Wed, 10 Dec 2014 18:51:28 GMT
Server
Microsoft-IIS/8.5
ETag
"f89844eaa14d01:0"
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
16693
sico.gif
www.lewen123.com/themes/lwxs/ 		211 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lewen123.com/themes/lwxs/sico.gif
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
ac5363e080529758ef9779127d203d25e5d0d2ee4acf248dde47169a3bf3ee13

Request headers

Referer
http://www.lewen123.com/themes/lwxs/css/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 14 Jun 2020 21:55:57 GMT
Last-Modified
Thu, 15 Aug 2013 03:54:03 GMT
Server
Microsoft-IIS/8.5
ETag
"2376d3146b99ce1:0"
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
211
sbtn.png
www.lewen123.com/themes/lwxs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lewen123.com/themes/lwxs/sbtn.png
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
dd2afcd6ebf02e83e7e3843fab2a39d9a1ca0b667f0df7d7cc2b48606eb5f8f9

Request headers

Referer
http://www.lewen123.com/themes/lwxs/css/common.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 19 Oct 2019 09:45:02 GMT
Last-Modified
Wed, 10 Dec 2014 18:49:11 GMT
Server
Microsoft-IIS/8.5
ETag
"51cac5fca914d01:0"
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2816
bread-crumbs.gif
www.lewen123.com/themes/lwxs/ 		169 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lewen123.com/themes/lwxs/bread-crumbs.gif
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
23.234.25.222 Rowland Heights, United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
208413459634cceefc038df7ff46b427d943f5fb6999e60147685e745345f01e

Request headers

Referer
http://www.lewen123.com/themes/lwxs/css/read.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 19 Oct 2019 09:45:40 GMT
Last-Modified
Thu, 15 Aug 2013 09:09:55 GMT
Server
Microsoft-IIS/8.5
ETag
"9e787b359799ce1:0"
X-Via
1.1 cloud (random:88774 Fikker/Webcache/3.7.9)
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
169
shell_v2.js
bdimg.share.baidu.com/static/js/ 		1 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=442896
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:07:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
BWS/1.0
Etag
"2176374695"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Length
571
Expires
Fri, 10 Jul 2020 23:37:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		116 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/themes/lwxs/js/jquery.base.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c35d0187f2ab2cdf8c1b057916bdcffc753ae2b07d280c822cfe3602fb4be00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 10 Jul 2020 23:07:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13386127881697554942
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
42075
X-XSS-Protection
0
Expires
Fri, 10 Jul 2020 23:07:54 GMT
z_stat.php
s19.cnzz.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s19.cnzz.com/z_stat.php?id=1261989741&web_id=1261989741
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/themes/lwxs/js/jquery.base.js
Protocol
HTTP/1.1
Server
101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
b02d10711b0c203014f840e73073dad94d0f807454d3d941d5e740d0e1f620cf

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 10 Jul 2020 22:56:29 GMT
Content-Encoding
gzip
Age
685
X-Powered-By
PHP/5.5.25
X-Cache
HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-CacheTime
5400
Connection
keep-alive
Content-Length
4083
Last-Modified
Fri, 10 Jul 2020 22:56:29 GMT
Server
Tengine
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1594421789
Content-Type
application/javascript
Via
cache16.l2cn1807[38,200-0,M], cache38.l2cn1807[40,0], cache2.cn1401[0,200-0,H], cache3.cn1401[1,0]
Cache-Control
max-age=5400,s-maxage=5400
Timing-Allow-Origin
*
EagleId
65597c1715944224745918889e
X-Swift-SaveTime
Fri, 10 Jul 2020 22:56:29 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lewen123.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Jul 2020 23:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lewen123.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Jul 2020 23:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200707/r20190131/ 		220 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200707/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d6b51fd67d36bf5403cb362aee641d7702084f4b4d50c223af7280a19a2fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 23:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
84839
x-xss-protection
0
server
cafe
etag
14750969798358805552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jul 2020 23:07:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200707/r20190131/ Frame 862A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200707/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200707/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.lewen123.com/61/61690/.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.lewen123.com/61/61690/.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 07 Jul 2020 21:12:54 GMT
expires
Tue, 21 Jul 2020 21:12:54 GMT
content-type
text/html; charset=UTF-8
etag
4448614309292777386
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
cache-control
public, max-age=1209600
age
266100
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 1A39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8894941249578844&output=html&h=90&slotname=2706292046&adk=515708172&adf=54630664&w=728&lmt=1492026870&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&flash=0&wgl=1&adsid=NT&dt=1594422474061&bpp=11&bdt=716&idt=87&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3063782210084&frm=20&pv=2&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=195176&dssz=18&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&pvsid=3137664131612252&pem=308&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&xpc=87IJRU7YIV&p=http%3A//www.lewen123.com&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200707/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6365372464846854805/Hublot_GoogleAd_BBMilPi_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6365372464846854805/Hublot_GoogleAd_BBMilPi_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJSXyMnmw-oCFQjCdwodn1sDzQ&gqi=yvQIX_DOCtbt3wO5vLXwCQ&layout=/sadbundle/%24csp%253Der3%24/6365372464846854805/Hublot_GoogleAd_BBMilPi_728x90/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8894941249578844&output=html&h=90&slotname=2706292046&adk=515708172&adf=54630664&w=728&lmt=1492026870&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&flash=0&wgl=1&adsid=NT&dt=1594422474061&bpp=11&bdt=716&idt=87&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3063782210084&frm=20&pv=2&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=195176&dssz=18&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&pvsid=3137664131612252&pem=308&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&xpc=87IJRU7YIV&p=http%3A//www.lewen123.com&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.lewen123.com/61/61690/.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.lewen123.com/61/61690/.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6365372464846854805/Hublot_GoogleAd_BBMilPi_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6365372464846854805/Hublot_GoogleAd_BBMilPi_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJSXyMnmw-oCFQjCdwodn1sDzQ&gqi=yvQIX_DOCtbt3wO5vLXwCQ&layout=/sadbundle/%24csp%253Der3%24/6365372464846854805/Hublot_GoogleAd_BBMilPi_728x90/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Jul 2020 23:07:54 GMT
server
cafe
content-length
28239
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Jul-2020 23:22:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Jul 2020 23:07:54 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200707/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf1a22caad79e75e58be376fee15825e45af73505c5589722f7883d41035aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 23:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1594221094242358"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27481
x-xss-protection
0
expires
Fri, 10 Jul 2020 23:07:54 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 87FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8894941249578844&output=html&h=90&slotname=2990494040&adk=184071228&adf=1631216761&w=970&lmt=1492026870&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&flash=0&wgl=1&adsid=NT&dt=1594422474073&bpp=2&bdt=729&idt=99&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3063782210084&frm=20&pv=1&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=719464&dssz=19&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&pvsid=3137664131612252&pem=308&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dOctT30n3Y&p=http%3A//www.lewen123.com&dtd=102
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200707/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8894941249578844&output=html&h=90&slotname=2990494040&adk=184071228&adf=1631216761&w=970&lmt=1492026870&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&flash=0&wgl=1&adsid=NT&dt=1594422474073&bpp=2&bdt=729&idt=99&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3063782210084&frm=20&pv=1&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=719464&dssz=19&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&pvsid=3137664131612252&pem=308&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dOctT30n3Y&p=http%3A//www.lewen123.com&dtd=102
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.lewen123.com/61/61690/.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.lewen123.com/61/61690/.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Jul 2020 23:07:54 GMT
server
cafe
content-length
20108
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Jul-2020 23:22:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Jul 2020 23:07:54 GMT
cache-control
private
bds_s_v2.js
bdimg.share.baidu.com/static/js/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=442896
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=442896
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
999e8c2f43f2fcc423464f65018fb6745f2c0ddf35259a5144232317f388b7f4

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:07:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
BWS/1.0
Etag
"859391591"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Length
9992
Expires
Fri, 10 Jul 2020 23:37:54 GMT
core.php
c.cnzz.com/ 		969 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.cnzz.com/core.php?web_id=1261989741&t=z
Requested by
Host: s19.cnzz.com
URL: http://s19.cnzz.com/z_stat.php?id=1261989741&web_id=1261989741
Protocol
HTTP/1.1
Server
101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
90eee3a8bc8b8658736ab4e8f8fc988080d2b3acd5ca59acce91e8a0c9bbca36

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 10 Jul 2020 23:05:51 GMT
Content-Encoding
gzip
Age
124
X-Powered-By
PHP/5.5.25
X-Cache
HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-CacheTime
900
X-Swift-SaveTime
Fri, 10 Jul 2020 23:05:51 GMT
Content-Length
620
Last-Modified
Fri, 10 Jul 2020 23:05:51 GMT
Server
Tengine
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1565857201
Content-Type
application/javascript
Via
cache19.l2cn1807[0,200-0,H], cache10.l2cn1807[0,0], cache6.cn1401[0,200-0,H], cache1.cn1401[0,0]
Connection
keep-alive
Timing-Allow-Origin
*
EagleId
65597c1515944224751231654e
Expires
Fri, 10 Jul 2020 23:20:51 GMT
stat.htm
z8.cnzz.com/ 		2 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://z8.cnzz.com/stat.htm?id=1261989741&r=&lg=en-us&ntime=none&cnzz_eid=1498412318-1594421789-&showp=1600x1200&p=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&t=%E4%BD%A0%E7%9C%8B%E8%B5%B7%E6%9D%A5%E5%BE%88%E6%9C%89%E9%92%B1%E6%9C%80%E6%96%B0%E7%AB%A0%E8%8A%82%2C%E4%BD%A0%E7%9C%8B%E8%B5%B7%E6%9D%A5%E5%BE%88%E6%9C%89%E9%92%B1%E5%85%A8%E6%96%87%E9%98%85%E8%AF%BB%2C%E6%9E%97%E7%BB%B5%E7%BB%B5%E4%BD%9C%E5%93%81%20-%20%E4%B9%90%E6%96%87%E5%B0%8F%E8%AF%B4%E7%BD%91&umuuid=1733afc380d2c4-0e6752a1d29f64-1b396256-1d4c00-1733afc380ea25&h=1&rnd=1191355766
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
203.119.215.3 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:07:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Tengine
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
bdsstyle.css
bdimg.share.baidu.com/static/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=442896
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
7fd041c8afab81c40829e4693e337718cd3c0ce90eda87fca80d706ce106e2a2

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:07:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2015 08:50:09 GMT
Server
BWS/1.0
Etag
"3350779264"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Length
2021
Expires
Fri, 10 Jul 2020 23:37:55 GMT
getnum
api.share.baidu.com/ 		48 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
http://api.share.baidu.com/getnum?url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&callback=bdShare.fn._getShare&type=load&t=1594422475009
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=442896
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
8ce67a0d6bbafe907d017afce02287e8ba5840268f54d5c7f1473a5d09467005

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:07:55 GMT
Server
apache
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Content-Length
48
Content-Type
application/javascript
is_32.png
bdimg.share.baidu.com/static/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bdimg.share.baidu.com/static/images/is_32.png?cdnversion=20131219
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
622dac03465bc0ec9bc414282864ca50b2331f74209c8eee0dbdc37fcd4dee30

Request headers

Referer
http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:07:55 GMT
Last-Modified
Fri, 05 Jun 2015 08:50:09 GMT
Server
BWS/1.0
Etag
"2419672458"
Content-Type
image/png
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
29226
Expires
Fri, 17 Jul 2020 23:07:55 GMT
sc.png
bdimg.share.baidu.com/static/images/ 		579 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bdimg.share.baidu.com/static/images/sc.png?cdnversion=20120720
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
e7604f6e940013c082b193cca272bfc9add968dec4ef12f4f7b22f4d7496a314

Request headers

Referer
http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:07:55 GMT
Last-Modified
Fri, 05 Jun 2015 08:50:10 GMT
Server
BWS/1.0
Etag
"3350780909"
Content-Type
image/png
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
579
Expires
Fri, 17 Jul 2020 23:07:55 GMT
app.gif
pcookie.cnzz.com/
Redirect Chain
  • http://cnzz.mmstat.com/9.gif?abc=1&rnd=1911590312
  • http://pcookie.cnzz.com/app.gif?&cna=y+KPF4fDIDUCAbnZqww+4ll9
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pcookie.cnzz.com/app.gif?&cna=y+KPF4fDIDUCAbnZqww+4ll9
Requested by
Host: www.lewen123.com
URL: http://www.lewen123.com/61/61690/.html
Protocol
HTTP/1.1
Server
106.11.92.15 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Jul 2020 23:07:56 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Cache-Control
no-cache
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Jul 2020 23:07:55 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Location
http://pcookie.cnzz.com/app.gif?&cna=y+KPF4fDIDUCAbnZqww+4ll9
Cache-Control
no-cache
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C573 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8894941249578844&output=html&adk=1812271804&adf=3025194257&lmt=1492026870&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594422475299&bpp=1&bdt=1955&idt=2&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x90&nras=1&correlator=3063782210084&frm=20&pv=1&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=11511200&dssz=20&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&psts=AGkb-H8YGmZJAPHrRl2_KzyQEvtsuxi1_fbG-zrN-1fe--S9j-O6iW11vyh39MblHF_uyw%2CAGkb-H9Tf4XXIvzDAcozyrlwE3ONkTxr40oPnsVFWX1Y-eStUtBl5vKcOXXbcaaoE2Kc&pvsid=3137664131612252&pem=308&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200707/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8894941249578844&output=html&adk=1812271804&adf=3025194257&lmt=1492026870&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.lewen123.com%2F61%2F61690%2F.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594422475299&bpp=1&bdt=1955&idt=2&shv=r20200707&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C970x90&nras=1&correlator=3063782210084&frm=20&pv=1&ga_vid=1629652924.1594422474&ga_sid=1594422474&ga_hid=1526543564&ga_fc=0&iag=0&icsg=11511200&dssz=20&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723736&oid=3&psts=AGkb-H8YGmZJAPHrRl2_KzyQEvtsuxi1_fbG-zrN-1fe--S9j-O6iW11vyh39MblHF_uyw%2CAGkb-H9Tf4XXIvzDAcozyrlwE3ONkTxr40oPnsVFWX1Y-eStUtBl5vKcOXXbcaaoE2Kc&pvsid=3137664131612252&pem=308&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.lewen123.com/61/61690/.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.lewen123.com/61/61690/.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Jul 2020 23:07:55 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Jul-2020 23:22:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Jul 2020 23:07:55 GMT
cache-control
private
logger.js
bdimg.share.baidu.com/static/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/logger.js?cdnversion=442896
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=442896
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 23:07:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
BWS/1.0
Etag
"867751605"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Length
2404
Expires
Fri, 10 Jul 2020 23:37:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200707/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db97bd94d176ced813e43c672363f4caa3c704952bba6a3cb7d696c262b9bda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Jul 2020 23:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5574
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200707/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 23:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Fri, 10 Jul 2020 23:07:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 714A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.lewen123.com/61/61690/.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.lewen123.com/61/61690/.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Fri, 10 Jul 2020 20:38:46 GMT
expires
Sat, 10 Jul 2021 20:38:46 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8950
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200707&jk=3137664131612252&bg=!vr2lvaVY1JGOEPsNSXMCAAAAOlIAAAARmQGAlcLeiTfjciySjktKFcSdY2dTiLlsgYtnOSDAFynPmVC9PoYz7teZyPhgnADix6QFo9fQrQpTWgyTKcYoUdX64p3MiHvCIiZ5Fq8LfO1J9Rr4ivjmlUcn2MmQaYj93oPdsnfWdAlr6I0-fL_75FhuKnTTbNvgzj-qUn75tKCvKlM1MgUrT5sBuNjEUguBXfYHMr6k9qtwXZJbR34vzJ3D1or9NNDdZvZpQPZ8lsjjKSWa-km2KVj2ZPtnpl8o0kZBcATJyBqrEyJpg25u6Lpo7Q5O5hHZJUMRaPWZaBsnjAM0hyOq9IZv4mP662vDclHcu35bMbYlwWfrQ1IJx1XLdA2HhvllDJfCIQ2xu6YGvVAVZEyF1Z7YhQDMZxCQUo7kPd2oaJTODkU3-zwrn3ZhFNAH6O_3vs_I28wYIfh3jKT_TvV9VHLDedRHnTaHvQY8FUw3UQUL-43-ZBo8P-IiY2dWE2UCYQ6VMymqgxYI244fM34manVnP36LaJ7w2QB1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 23:07:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v.gif
nsclick.baidu.com/ 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nsclick.baidu.com/v.gif?pid=307&type=3071&sc=1600,1748,1600,1200&desturl=&apitype=1&linkid=kcgtz3ec7pg&velo_load=536&velo_cssload=261&velo_jsLoad=288&cite_uid=531626&cite_type=1&cite_mini=0
Protocol
HTTP/1.1
Server
182.61.200.83 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lewen123.com/61/61690/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Jul 2020 23:07:57 GMT
Last-Modified
Fri, 23 Oct 2009 08:06:04 GMT
Server
BWS/1.0
Etag
"4280832337"
Content-Type
image/gif
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
0
Expires
Fri, 10 Jul 2020 23:07:57 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| version object| layer string| title number| time object| anims object| timer1 function| inits function| show function| lays function| anim function| rmmessage function| closer function| original number| _jieqiUserId string| _jieqiUserName string| _jieqiUserPassword number| _jieqiUserGroup number| _jieqiNewMessage number| _jieqiUserVip string| _jieqiUserHonor string| _jieqiUserGroupName string| _jieqiUserVipName function| setTab function| denglu function| fav function| get_cookie_value function| getNames function| fod function| pinglun function| info_top1 function| info_top2 function| info_middle function| info_bottom function| index_baiduShare function| index_top function| index_bottom function| page_top function| page_bottom1 function| page_bottom2 function| rightbottom function| mobile_ad function| tongji function| selectStyle function| readSetting object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| bdShare object| shell object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1261989741 object| cnzz_image_627770398 string| inner object| cnzz_image_508614141 object| $BAIDU$ object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.lewen123.com/ Name: bdshare_firstime
Value: 1594422475010

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.share.baidu.com
bdimg.share.baidu.com
c.cnzz.com
cnzz.mmstat.com
googleads.g.doubleclick.net
nsclick.baidu.com
pagead2.googlesyndication.com
pcookie.cnzz.com
s19.cnzz.com
tpc.googlesyndication.com
www.googletagservices.com
www.lewen123.com
z8.cnzz.com
101.89.124.234
106.11.92.15
112.34.113.148
182.61.200.83
198.11.136.24
203.119.215.3
23.234.25.222
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:815::2001
2a00:1450:4001:81c::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
1839673b8cd9f3f23bc7880ccb1607fe24006bd9e2e71395aaa8cc281c0432c3
18d857ad8313bb7814593303621c7bb94af201f7667d67eaf3eda527ed5440ba
208413459634cceefc038df7ff46b427d943f5fb6999e60147685e745345f01e
4c8416c117b7505764023500a263dcc38875606f389e898eff5d2f1339761785
622dac03465bc0ec9bc414282864ca50b2331f74209c8eee0dbdc37fcd4dee30
6661d36b772a61f7e144145e6c228589f7e032a71e11aa1ef5be2261623b5537
6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654
70d6b51fd67d36bf5403cb362aee641d7702084f4b4d50c223af7280a19a2fe4
7742bba46b73806c19a8255d464f20974d0ce66657a0bb04e1e6f5050f667095
7c35d0187f2ab2cdf8c1b057916bdcffc753ae2b07d280c822cfe3602fb4be00
7fd041c8afab81c40829e4693e337718cd3c0ce90eda87fca80d706ce106e2a2
8bf1a22caad79e75e58be376fee15825e45af73505c5589722f7883d41035aca
8ce67a0d6bbafe907d017afce02287e8ba5840268f54d5c7f1473a5d09467005
90eee3a8bc8b8658736ab4e8f8fc988080d2b3acd5ca59acce91e8a0c9bbca36
96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214
999e8c2f43f2fcc423464f65018fb6745f2c0ddf35259a5144232317f388b7f4
a074267a47401eef24fa7baf42406ff329b4feb4c19b19c257dac84665644bdc
ac5363e080529758ef9779127d203d25e5d0d2ee4acf248dde47169a3bf3ee13
b02d10711b0c203014f840e73073dad94d0f807454d3d941d5e740d0e1f620cf
c75c59382c2b4c48d2f7a5f08482f6518482b342c5428c43b3373b3bf06f3bda
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db97bd94d176ced813e43c672363f4caa3c704952bba6a3cb7d696c262b9bda8
dd2afcd6ebf02e83e7e3843fab2a39d9a1ca0b667f0df7d7cc2b48606eb5f8f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7604f6e940013c082b193cca272bfc9add968dec4ef12f4f7b22f4d7496a314