URL: http://donalcostigan.com/
Submission: On October 18 via api from GB — Scanned from GB

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 31 HTTP transactions. The main IP is 38.239.125.111, located in United States and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is donalcostigan.com.
This is the only time donalcostigan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 38.239.125.111 134548 (DXTL-HK D...)
1 154.86.128.204 134175 (SH2206-AP...)
2 103.235.46.191 55967 (BAIDU Bei...)
21 122.10.4.92 134548 (DXTL-HK D...)
1 121.207.229.203 133774 (CHINATELE...)
1 58.216.118.226 4134 (CHINANET-...)
31 6
Apex Domain
Subdomains
Transfer
21 xmjrcjx.com
xmjrcjx.com
2 MB
5 donalcostigan.com
donalcostigan.com
15 KB
2 sitongzixun.com
cache.sitongzixun.com
cache3.sitongzixun.com
98 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8526
13 KB
1 glsfjd.com
glsfjd.com
1 KB
31 5
Domain Requested by
21 xmjrcjx.com donalcostigan.com
glsfjd.com
xmjrcjx.com
5 donalcostigan.com donalcostigan.com
2 hm.baidu.com donalcostigan.com
1 cache3.sitongzixun.com donalcostigan.com
1 cache.sitongzixun.com donalcostigan.com
1 glsfjd.com donalcostigan.com
31 6

This site contains no links.

Subject Issuer Validity Valid
www.glsfjd.com
R3
2022-10-14 -
2023-01-12
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2022-07-05 -
2023-08-06
a year crt.sh
www.xmjrcjx.com
R3
2022-10-14 -
2023-01-12
3 months crt.sh

This page contains 2 frames:

Primary Page: http://donalcostigan.com/
Frame ID: E087031BDC53842A3C717FA065E60A2C
Requests: 12 HTTP requests in this frame

Frame: https://xmjrcjx.com/
Frame ID: 2A5AC4F3D3C84EBBB7204A9B27D6E097
Requests: 19 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Page Statistics

31
Requests

77 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

2239 kB
Transfer

2383 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
donalcostigan.com/
7 KB
3 KB
Document
General
Full URL
http://donalcostigan.com/
Protocol
HTTP/1.1
Server
38.239.125.111 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
1d1efd77c625d76be8ab603cc631fd2cc98b7c428c6c89fb7730a0804cc1f270

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Oct 2022 08:50:27 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
css.css
donalcostigan.com/template/news/blog1/
14 KB
4 KB
Stylesheet
General
Full URL
http://donalcostigan.com/template/news/blog1/css.css
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/
Protocol
HTTP/1.1
Server
38.239.125.111 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
592f6402e71c782316e1842239efa5d11f90a59e93ffc20ae4b6a31f704ff5aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 08:50:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2022 04:26:03 GMT
Server
nginx
ETag
W/"62f1e1db-37de"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Tue, 18 Oct 2022 20:50:28 GMT
orsxg5a.script
donalcostigan.com/js/
354 B
490 B
Script
General
Full URL
http://donalcostigan.com/js/orsxg5a.script
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/
Protocol
HTTP/1.1
Server
38.239.125.111 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
3d3e053eb411db17c0c9274f71219f960a047f4095e217a5947eaec67012a736

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 08:50:28 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
phone.jpg
donalcostigan.com/template/news/blog1/
1 KB
2 KB
Image
General
Full URL
http://donalcostigan.com/template/news/blog1/phone.jpg
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/
Protocol
HTTP/1.1
Server
38.239.125.111 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
39ee2d65cb9f765dfc6850c5ff5a47194aa2f5f55d1fe8b850a76da6669346cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 08:50:28 GMT
Last-Modified
Tue, 09 Aug 2022 04:26:33 GMT
Server
nginx
ETag
"62f1e1f9-5fe"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1534
Expires
Thu, 17 Nov 2022 08:50:28 GMT
default.png
donalcostigan.com/template/news/blog1/
5 KB
6 KB
Image
General
Full URL
http://donalcostigan.com/template/news/blog1/default.png
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/
Protocol
HTTP/1.1
Server
38.239.125.111 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
3b599230ff71fe22f3ee3a80839fd5bec53e779cc2c84736e2eba4177e1fff3b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 08:50:28 GMT
Last-Modified
Tue, 09 Aug 2022 04:26:21 GMT
Server
nginx
ETag
"62f1e1ed-157d"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5501
Expires
Thu, 17 Nov 2022 08:50:28 GMT
lanjie.js
glsfjd.com/
3 KB
1 KB
Script
General
Full URL
https://glsfjd.com/lanjie.js
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/js/orsxg5a.script
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.86.128.204 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
d27a365e4be124e2b04daf9fdf25d548ec08faea6a7975b49d62a1384b202fa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://donalcostigan.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 18 Oct 2022 08:50:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 13:38:24 GMT
server
nginx
etag
W/"634d5ad0-b93"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Tue, 18 Oct 2022 20:50:29 GMT
hm.js
hm.baidu.com/
34 KB
13 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?19e77f2fe0491dfe3e5dfd944830a453
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/js/orsxg5a.script
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
71322fd4e449513b3b9c10e9439d19ff03aa92221b95bf58b515838f24598251
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 08:50:29 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
edd18ca007c8d4816cecde57f668049b
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
12656
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1400813558&si=19e77f2fe0491dfe3e5dfd944830a453&v=1.2.99&lv=1&sn=52260&r=0&ww=1600&u=http%3A%2F%2Fdonalcostigan.com%2F&tt=%E6%84%8F%E7%94%B2%E6%9C%80%E5%A5%BD%E7%9A%84%E8%B5%9E%E5%8A%A9%E5%95%86%7C%E4%B8%AD%E5%9B%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Oct 2022 08:50:30 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
0.49457437534496496
xmjrcjx.com//
0
0
Image
General
Full URL
https://xmjrcjx.com//0.49457437534496496
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

0.6660702841972852
xmjrcjx.com//
0
0
Image
General
Full URL
https://xmjrcjx.com//0.6660702841972852
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

phonered.png
cache.sitongzixun.com/image/
2 KB
3 KB
Image
General
Full URL
http://cache.sitongzixun.com/image/phonered.png
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/template/news/blog1/css.css
Protocol
HTTP/1.1
Server
121.207.229.203 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f7554c2d232d2df224cbe6aa5ab9b31225e87fcc36c203d64565fa680abec689

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 08:31:34 GMT
Via
cache45.l2cn1802[263,262,304-0,M], cache39.l2cn1802[265,0], kunlun10.cn22[0,0,200-0,H], kunlun8.cn22[8,0]
x-oss-request-id
634E6466224F963630BAB07A
Content-MD5
94t6S1pvkiwIXUIT8OxXHA==
Age
1136
X-Swift-CacheTime
3600
X-Cache
HIT TCP_MEM_HIT dirn:10:187310482
x-oss-cdn-auth
success
Connection
keep-alive
X-Swift-SaveTime
Tue, 18 Oct 2022 08:31:34 GMT
Content-Length
2306
x-oss-object-type
Normal
Last-Modified
Fri, 12 Jul 2019 09:09:12 GMT
Server
Tengine
ETag
"F78B7A4B5A6F922C085D4213F0EC571C"
Ali-Swift-Global-Savetime
1666081894
Content-Type
image/png
x-oss-storage-class
Standard
Accept-Ranges
bytes
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
938580621783520416
EagleId
79cfe5a816660830304011632e
x-oss-server-time
45
defaultlunbo.png
cache3.sitongzixun.com/image/
95 KB
95 KB
Image
General
Full URL
http://cache3.sitongzixun.com/image/defaultlunbo.png?1=2
Requested by
Host: donalcostigan.com
URL: http://donalcostigan.com/
Protocol
HTTP/1.1
Server
58.216.118.226 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
63fc23e3d6df933f05d9b3805c91b9fc9295e99704fac4f87331db0e56736041

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://donalcostigan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 08:21:27 GMT
Via
cache71.l2cn3037[0,0,304-0,H], cache73.l2cn3037[0,0], kunlun5.cn1310[0,0,200-0,H], kunlun5.cn1310[165,0]
x-oss-request-id
634E620735EB263431D9FE79
Content-MD5
6qY8Rk7Gx2NwwRVmRQ8/sg==
Age
1743
X-Swift-CacheTime
3600
X-Cache
HIT TCP_MEM_HIT dirn:10:294934994
x-oss-cdn-auth
success
Connection
keep-alive
X-Swift-SaveTime
Tue, 18 Oct 2022 08:21:51 GMT
Content-Length
96826
x-oss-object-type
Normal
Last-Modified
Fri, 12 Jul 2019 09:09:04 GMT
Server
Tengine
ETag
"EAA63C464EC6C76370C11566450F3FB2"
Ali-Swift-Global-Savetime
1666081287
Content-Type
image/png
x-oss-storage-class
Standard
Accept-Ranges
bytes
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
10506170220189165396
EagleId
3ad8769916660830309368959e
x-oss-server-time
3
/
xmjrcjx.com/ Frame 2A5A
5 KB
2 KB
Document
General
Full URL
https://xmjrcjx.com/
Requested by
Host: glsfjd.com
URL: https://glsfjd.com/lanjie.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
62ef7910c5be8069d17cc9d1db89dc063defa07b237268d6ba2ca89b5c262395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://donalcostigan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 18 Oct 2022 08:50:31 GMT
etag
W/"6348f434-12a5"
last-modified
Fri, 14 Oct 2022 05:31:32 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
swiper.min.css
xmjrcjx.com/static/css/ Frame 2A5A
18 KB
4 KB
Stylesheet
General
Full URL
https://xmjrcjx.com/static/css/swiper.min.css
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
da95de96ee979fcc2cce40c253ea7cbaa7f9e17370561ccd8c0d55a9456a739b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 13:48:46 GMT
server
nginx
etag
W/"6332ff3e-47f1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Tue, 18 Oct 2022 20:50:31 GMT
swiper.min.js
xmjrcjx.com/static/js/ Frame 2A5A
141 KB
44 KB
Script
General
Full URL
https://xmjrcjx.com/static/js/swiper.min.js
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
e30efcffeda7bc2665aa0dd719bcfba5c1adb9d557dfa5da0787b47262390dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 13:48:46 GMT
server
nginx
etag
W/"6332ff3e-233e6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Tue, 18 Oct 2022 20:50:31 GMT
link.js
xmjrcjx.com/static/js/ Frame 2A5A
1 KB
847 B
Script
General
Full URL
https://xmjrcjx.com/static/js/link.js
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
1c574106771db47a6ffc827de9604fdc59d628bbe620d73194e238c38f4946f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 18 Oct 2022 08:41:44 GMT
server
nginx
etag
W/"634e66c8-489"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Tue, 18 Oct 2022 20:50:31 GMT
bg.jpg
xmjrcjx.com/static/ Frame 2A5A
92 KB
92 KB
Image
General
Full URL
https://xmjrcjx.com/static/bg.jpg
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
4fa33513566c455eb56df1191f15deaf2d9ff11a0c5ee3bc2a41df6130a6a9ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 16 Oct 2022 11:44:52 GMT
server
nginx
etag
"634beeb4-16e63"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
93795
expires
Thu, 17 Nov 2022 08:50:32 GMT
banner1.png
xmjrcjx.com/static/ Frame 2A5A
303 KB
304 KB
Image
General
Full URL
https://xmjrcjx.com/static/banner1.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
eb68f775b2ea64b0f9cfe787e222f02e0d725e887261543fae60f930ae1945ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 09:29:42 GMT
server
nginx
etag
"6336b706-4bdaf"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
310703
expires
Thu, 17 Nov 2022 08:50:32 GMT
banner2.png
xmjrcjx.com/static/ Frame 2A5A
222 KB
223 KB
Image
General
Full URL
https://xmjrcjx.com/static/banner2.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
858db53b4c0f00a8a58a059ed2028791c1d2ad595d200aceeb7904df86f90e38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 09:28:24 GMT
server
nginx
etag
"6336b6b8-378fc"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
227580
expires
Thu, 17 Nov 2022 08:50:32 GMT
banner4.png
xmjrcjx.com/static/ Frame 2A5A
240 KB
241 KB
Image
General
Full URL
https://xmjrcjx.com/static/banner4.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
ebd191e13afb8df42706ace6314254bb9cb3a98906ef291dc5c97f250a67d24c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 09:50:09 GMT
server
nginx
etag
"6336bbd1-3c0ab"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
245931
expires
Thu, 17 Nov 2022 08:50:32 GMT
banner5.png
xmjrcjx.com/static/ Frame 2A5A
199 KB
199 KB
Image
General
Full URL
https://xmjrcjx.com/static/banner5.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
4b692bac4af835a1dcdc0786cca767d03d50e347310271ef7f37f5e18eb5fa93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 09:50:10 GMT
server
nginx
etag
"6336bbd2-31b90"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
203664
expires
Thu, 17 Nov 2022 08:50:32 GMT
banner6.png
xmjrcjx.com/static/ Frame 2A5A
171 KB
171 KB
Image
General
Full URL
https://xmjrcjx.com/static/banner6.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
ac06f04918090512093314cc7f4a4c044c6f56d8529881070c773bb621a05ce7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 09:50:09 GMT
server
nginx
etag
"6336bbd1-2ab58"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
174936
expires
Thu, 17 Nov 2022 08:50:32 GMT
banner7.png
xmjrcjx.com/static/ Frame 2A5A
266 KB
267 KB
Image
General
Full URL
https://xmjrcjx.com/static/banner7.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
c4011d910bee3fe030972c63dfd6c9e42394beda3885ae1951cd2a258dc34c72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 09:55:57 GMT
server
nginx
etag
"6336bd2d-42860"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
272480
expires
Thu, 17 Nov 2022 08:50:32 GMT
btn-regis.png
xmjrcjx.com/static/ Frame 2A5A
11 KB
11 KB
Image
General
Full URL
https://xmjrcjx.com/static/btn-regis.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
6ac09b90b4f9c1d090432f42b64cac525a76633b646093ffe9c0423a795c866f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 27 Sep 2022 13:46:56 GMT
server
nginx
etag
"6332fed0-2c8f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11407
expires
Thu, 17 Nov 2022 08:50:32 GMT
btn-down.png
xmjrcjx.com/static/ Frame 2A5A
11 KB
11 KB
Image
General
Full URL
https://xmjrcjx.com/static/btn-down.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
428b68cfb3201b4e6b5399ba2cc968af487dda4d1d1b4ab1355e673a79141ebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 27 Sep 2022 13:46:56 GMT
server
nginx
etag
"6332fed0-2bd3"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11219
expires
Thu, 17 Nov 2022 08:50:32 GMT
btn-song88.png
xmjrcjx.com/static/ Frame 2A5A
18 KB
18 KB
Image
General
Full URL
https://xmjrcjx.com/static/btn-song88.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
9fe3bde6e3b21632ccbca4685b476e511f0e58406b4ebf403f6ef1ef90d31700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 07:52:33 GMT
server
nginx
etag
"6336a041-4716"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18198
expires
Thu, 17 Nov 2022 08:50:32 GMT
btn-pingyi.png
xmjrcjx.com/static/ Frame 2A5A
19 KB
19 KB
Image
General
Full URL
https://xmjrcjx.com/static/btn-pingyi.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
7e51d41780c15047c98ef538b175a16ab2f3291a7e09c3b92f0ef4160d6a90e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 07:52:34 GMT
server
nginx
etag
"6336a042-4a6b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19051
expires
Thu, 17 Nov 2022 08:50:32 GMT
banner3.png
xmjrcjx.com/static/ Frame 2A5A
316 KB
317 KB
Image
General
Full URL
https://xmjrcjx.com/static/banner3.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
8c1712a120a6c5111692ded1b132d6466e6c73f8510bcdeb090e17a77ad0f19c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 11:38:00 GMT
server
nginx
etag
"6336d518-4f066"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
323686
expires
Thu, 17 Nov 2022 08:50:32 GMT
kf.gif
xmjrcjx.com/static/ Frame 2A5A
65 KB
65 KB
Image
General
Full URL
https://xmjrcjx.com/static/kf.gif
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
63b7330085206af70120a6a984dce7ec0d8016fbe2d887492ba269ee23477c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Sep 2022 11:05:48 GMT
server
nginx
etag
"6336cd8c-1034c"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
66380
expires
Thu, 17 Nov 2022 08:50:32 GMT
gs.png
xmjrcjx.com/static/ Frame 2A5A
86 KB
86 KB
Image
General
Full URL
https://xmjrcjx.com/static/gs.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
54b0a123835a46e8119f642d055af0ce3f58bc45ca9de69c088867ff7884da5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 01 Oct 2022 15:47:07 GMT
server
nginx
etag
"633860fb-157cc"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
88012
expires
Thu, 17 Nov 2022 08:50:32 GMT
gd.png
xmjrcjx.com/static/ Frame 2A5A
38 KB
38 KB
Image
General
Full URL
https://xmjrcjx.com/static/gd.png
Requested by
Host: xmjrcjx.com
URL: https://xmjrcjx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.4.92 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
0c68cdaecfc4eebc0dd15537e4c4dca8f1634011ef8776366d8c39ba5c7038c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://xmjrcjx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:50:32 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 01 Oct 2022 15:46:42 GMT
server
nginx
etag
"633860e2-96df"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
38623
expires
Thu, 17 Nov 2022 08:50:32 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _hmt boolean| _bdhm_loaded_19e77f2fe0491dfe3e5dfd944830a453 object| _agl object| mini_tangram_log_c5px4l function| isMobile object| urlMobile object| urlPC number| tim1 number| maxTime object| Times function| loopImages

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 60AC73C842529EA6
.donalcostigan.com/ Name: Hm_lvt_19e77f2fe0491dfe3e5dfd944830a453
Value: 1666083030
.donalcostigan.com/ Name: Hm_lpvt_19e77f2fe0491dfe3e5dfd944830a453
Value: 1666083030

4 Console Messages

Source Level URL
Text
javascript warning URL: http://donalcostigan.com/js/orsxg5a.script
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://glsfjd.com/lanjie.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://donalcostigan.com/js/orsxg5a.script
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://glsfjd.com/lanjie.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://xmjrcjx.com//0.49457437534496496
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://xmjrcjx.com//0.6660702841972852
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cache.sitongzixun.com
cache3.sitongzixun.com
donalcostigan.com
glsfjd.com
hm.baidu.com
xmjrcjx.com
103.235.46.191
121.207.229.203
122.10.4.92
154.86.128.204
38.239.125.111
58.216.118.226
0c68cdaecfc4eebc0dd15537e4c4dca8f1634011ef8776366d8c39ba5c7038c7
1c574106771db47a6ffc827de9604fdc59d628bbe620d73194e238c38f4946f7
1d1efd77c625d76be8ab603cc631fd2cc98b7c428c6c89fb7730a0804cc1f270
39ee2d65cb9f765dfc6850c5ff5a47194aa2f5f55d1fe8b850a76da6669346cc
3b599230ff71fe22f3ee3a80839fd5bec53e779cc2c84736e2eba4177e1fff3b
3d3e053eb411db17c0c9274f71219f960a047f4095e217a5947eaec67012a736
428b68cfb3201b4e6b5399ba2cc968af487dda4d1d1b4ab1355e673a79141ebe
4b692bac4af835a1dcdc0786cca767d03d50e347310271ef7f37f5e18eb5fa93
4fa33513566c455eb56df1191f15deaf2d9ff11a0c5ee3bc2a41df6130a6a9ad
54b0a123835a46e8119f642d055af0ce3f58bc45ca9de69c088867ff7884da5b
592f6402e71c782316e1842239efa5d11f90a59e93ffc20ae4b6a31f704ff5aa
62ef7910c5be8069d17cc9d1db89dc063defa07b237268d6ba2ca89b5c262395
63b7330085206af70120a6a984dce7ec0d8016fbe2d887492ba269ee23477c6d
63fc23e3d6df933f05d9b3805c91b9fc9295e99704fac4f87331db0e56736041
6ac09b90b4f9c1d090432f42b64cac525a76633b646093ffe9c0423a795c866f
71322fd4e449513b3b9c10e9439d19ff03aa92221b95bf58b515838f24598251
7e51d41780c15047c98ef538b175a16ab2f3291a7e09c3b92f0ef4160d6a90e8
858db53b4c0f00a8a58a059ed2028791c1d2ad595d200aceeb7904df86f90e38
8c1712a120a6c5111692ded1b132d6466e6c73f8510bcdeb090e17a77ad0f19c
9fe3bde6e3b21632ccbca4685b476e511f0e58406b4ebf403f6ef1ef90d31700
ac06f04918090512093314cc7f4a4c044c6f56d8529881070c773bb621a05ce7
c4011d910bee3fe030972c63dfd6c9e42394beda3885ae1951cd2a258dc34c72
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d27a365e4be124e2b04daf9fdf25d548ec08faea6a7975b49d62a1384b202fa2
da95de96ee979fcc2cce40c253ea7cbaa7f9e17370561ccd8c0d55a9456a739b
e30efcffeda7bc2665aa0dd719bcfba5c1adb9d557dfa5da0787b47262390dcd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb68f775b2ea64b0f9cfe787e222f02e0d725e887261543fae60f930ae1945ca
ebd191e13afb8df42706ace6314254bb9cb3a98906ef291dc5c97f250a67d24c
f7554c2d232d2df224cbe6aa5ab9b31225e87fcc36c203d64565fa680abec689