urlscan.io logo urlscan.io
SecurityTrails logo

princetonpayment.com Open in urlscan Pro
156.250.125.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.princetonpayment.com/
Effective URL: https://princetonpayment.com/
Submission: On March 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 39 HTTP transactions. The main IP is 156.250.125.150, located in Johannesburg, South Africa and belongs to MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK. The main domain is princetonpayment.com.
TLS certificate: Issued by R3 on March 4th 2023. Valid for: 3 months.
This is the only time princetonpayment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 156.250.125.150 135097 (MYCLOUD-A...)
1 2a00:1450:400... 15169 (GOOGLE)
1 159.69.88.71 24940 (HETZNER-AS)
6 103.60.110.222 55720 (GIGABIT-M...)
4 103.235.46.191 55967 (BAIDU Bei...)
5 2a00:1450:400... 15169 (GOOGLE)
39 6
23    156.250.125.150 (Johannesburg, South Africa)

ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK)
www.princetonpayment.com
princetonpayment.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    159.69.88.71 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.71.88.69.159.clients.your-server.de
cdn.thememattic.com
6    103.60.110.222 (Hong Kong)

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)
m1.jifa66.com
www.jifa33.com
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
5    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
23 princetonpayment.com
www.princetonpayment.com
princetonpayment.com
372 KB
5 gstatic.com
fonts.gstatic.com
157 KB
5 jifa33.com
www.jifa33.com — Cisco Umbrella Rank: 805818
2 MB
4 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8406
24 KB
1 jifa66.com
m1.jifa66.com
1 KB
1 thememattic.com
cdn.thememattic.com — Cisco Umbrella Rank: 613066
409 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
2 KB
39 7
Domain Requested by
22 princetonpayment.com princetonpayment.com
5 fonts.gstatic.com fonts.googleapis.com
5 www.jifa33.com m1.jifa66.com
www.jifa33.com
4 hm.baidu.com princetonpayment.com
1 m1.jifa66.com princetonpayment.com
1 cdn.thememattic.com princetonpayment.com
1 fonts.googleapis.com princetonpayment.com
1 www.princetonpayment.com 1 redirects
39 8

This site contains links to these domains. Also see Links.

Domain
wordpress.org
thememattic.com
Subject Issuer Validity Valid
princetonpayment.com
R3		 2023-03-04 -
2023-06-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
cdn.thememattic.com
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
m1.jifa66.com
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
jifa55.com
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://princetonpayment.com/
Frame ID: CA86380A125D2A7519A227FDF64A6494
Requests: 34 HTTP requests in this frame

Frame: https://www.jifa33.com/go/yb.html
Frame ID: 17BBD0AD17682A80D741D5455B817FBC
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

亚伯平台(中国)股份有限公司

Page URL History Show full URLs

  1. https://www.princetonpayment.com/ HTTP 301
    https://princetonpayment.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

33 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

2657 kB
Transfer

3317 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.princetonpayment.com/ HTTP 301
    https://princetonpayment.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
princetonpayment.com/
Redirect Chain
  • https://www.princetonpayment.com/
  • https://princetonpayment.com/
118 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx / PHP/7.3.29
Resource Hash
061ef66318bc98c65a0fc8f8d690017cd5a89ac590925bc41ed67640326e559e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 Mar 2023 17:05:57 GMT
link
<https://princetonpayment.com/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.3.29

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 04 Mar 2023 17:05:56 GMT
location
https://princetonpayment.com/
server
nginx
x-powered-by
PHP/7.3.29
x-redirect-by
WordPress
style.min.css
princetonpayment.com/wp-includes/css/dist/block-library/ 		93 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 05:40:07 GMT
server
nginx
etag
W/"6375c937-172a9"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:57 GMT
classic-themes.min.css
princetonpayment.com/wp-includes/css/ 		217 B
388 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
last-modified
Wed, 09 Nov 2022 05:39:22 GMT
server
nginx
etag
"636b3d0a-d9"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
217
expires
Sun, 05 Mar 2023 05:05:57 GMT
slick.min.css
princetonpayment.com/wp-content/themes/news-base/assets/libraries/slick/css/ 		1 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/slick/css/slick.min.css?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
21b589bbc25d38fbf4c8168b0801ce4cf9d0aa1d372ae1ac773574aaeb10c08d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-511"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:57 GMT
ionicons.min.css
princetonpayment.com/wp-content/themes/news-base/assets/libraries/ionicons/css/ 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/ionicons/css/ionicons.min.css?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-c854"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:57 GMT
bootstrap.min.css
princetonpayment.com/wp-content/themes/news-base/assets/libraries/bootstrap/css/ 		152 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/bootstrap/css/bootstrap.min.css?ver=5.0.2
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-260c5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:57 GMT
jquery.sidr.css
princetonpayment.com/wp-content/themes/news-base/assets/libraries/sidr/css/ 		802 B
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/sidr/css/jquery.sidr.css?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
652737eea9c8f3ddbcc231978aa558d13dbff2d3059a12daf458fc7d61cf6715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
"6279fa44-322"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
802
expires
Sun, 05 Mar 2023 05:05:57 GMT
magnific-popup.css
princetonpayment.com/wp-content/themes/news-base/assets/libraries/magnific-popup/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/magnific-popup/magnific-popup.css?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
6f9839aedcec04cee0368f106b821896253124e1c39f44b8ee2536176013cc2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-1c83"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:57 GMT
style.css
princetonpayment.com/wp-content/themes/news-base/ 		87 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/style.css?ver=1.1.7
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
d35cc4a59e4b5224f97e7c76b77b125429926c170280364c76b3d34eb0444a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-15ae6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:57 GMT
css
fonts.googleapis.com/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:400,400i,600,600i,700,700i|Merriweather:300,300i,400,400i,700,700i|Libre%20Franklin:400,400i,600,600i,700,700i&subset=latin,latin-ext
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
341928544cc027e37162e51a7711aeb241c9178fa36ab1f8c761218f11e2252c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Mar 2023 17:05:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Mar 2023 17:05:57 GMT
jquery.min.js
princetonpayment.com/wp-includes/js/jquery/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
last-modified
Wed, 09 Nov 2022 05:39:23 GMT
server
nginx
etag
W/"636b3d0b-15e54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:57 GMT
jquery-migrate.min.js
princetonpayment.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:57 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:27:03 GMT
server
nginx
etag
W/"6279f7a7-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:57 GMT
vue.min.js
princetonpayment.com/ 		780 B
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/vue.min.js
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
5f013b1d8bbd2a022773674d3bcc67cb0cd96e9655b5cd7a50fec3f58d6353de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
last-modified
Sun, 24 Jul 2022 16:12:28 GMT
server
nginx
etag
"62dd6f6c-30c"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
780
expires
Sun, 05 Mar 2023 05:05:58 GMT
/
cdn.thememattic.com/ 		19 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thememattic.com/?product=news_base&version=1677949557&ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.88.71 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.71.88.69.159.clients.your-server.de
Software
nginx-rc /
Resource Hash
8ee5daef0a5d094deecc0a204af31b163de406d13380a0afcf19d75b406c750d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
nginx-rc
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,X-CustomHeader
x-xss-protection
1; mode=block
skip-link-focus-fix.js
princetonpayment.com/wp-content/themes/news-base/assets/libraries/js/ 		880 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
"6279fa44-370"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
880
expires
Sun, 05 Mar 2023 05:05:58 GMT
slick.min.js
princetonpayment.com/wp-content/themes/news-base/assets/libraries/slick/js/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/slick/js/slick.min.js?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-a3e1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:58 GMT
bootstrap.min.js
princetonpayment.com/wp-content/themes/news-base/assets/libraries/bootstrap/js/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/bootstrap/js/bootstrap.min.js?ver=5.0.2
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-eab9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:58 GMT
jquery.matchHeight.min.js
princetonpayment.com/wp-content/themes/news-base/assets/libraries/jquery-match-height/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
5f4cc74fad347ce7a9352c9e15c6aba70f80a0e4679b1f07daa152d11a762894

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-2def"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:58 GMT
jquery.sidr.min.js
princetonpayment.com/wp-content/themes/news-base/assets/libraries/sidr/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/sidr/js/jquery.sidr.min.js?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-1b7a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:58 GMT
theia-sticky-sidebar.min.js
princetonpayment.com/wp-content/themes/news-base/assets/libraries/theiaStickySidebar/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-1535"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:58 GMT
jquery.magnific-popup.min.js
princetonpayment.com/wp-content/themes/news-base/assets/libraries/magnific-popup/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-4efb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:58 GMT
custom-script.js
princetonpayment.com/wp-content/themes/news-base/assets/libraries/custom/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/custom/js/custom-script.js?ver=1.1.7
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
0fbaa51b83df3f7134096cd7e65c0e132404a0f7593629a5cd760d8449eda153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:58 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
etag
W/"6279fa44-34fa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:58 GMT
wp-emoji-release.min.js
princetonpayment.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:59 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 05:38:20 GMT
server
nginx
etag
W/"628dc0cc-48b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 05 Mar 2023 05:05:59 GMT
yb.js
m1.jifa66.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m1.jifa66.com/js/yb.js
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.60.110.222 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
7cf536ea11b5f77c7ba7e02665c31a50226eb901c22103fc2e127684f6748ffd

Request headers

Referer
https://princetonpayment.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 04 Mar 2023 17:05:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Sep 2022 20:09:45 GMT
Server
nginx
ETag
W/"63165789-6b5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?928e308f9c5573be67e569cf51250d86
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/vue.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
79148ee421e2806eda0eb2f9126f09c3198605b8a7121a0bc820091d6fe515ba
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 17:05:59 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
4e6862d4c621ed9444a5748fcf348686
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11255
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?ffbcf66b0598a472db1d0db26298bccf
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/vue.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
5f6bc18df7cec4dee9dd2f4dc1c2f5e4aaac3aa216eb9ffdc6053538491a21b3
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 17:06:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
0315bd7b28a14d968430ae5f13cf00d7
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11265
yb.html
www.jifa33.com/go/ Frame 17BB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jifa33.com/go/yb.html
Requested by
Host: m1.jifa66.com
URL: https://m1.jifa66.com/js/yb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.60.110.222 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
3d47ec57ef87037ee37c4de82842cea967e340005cbf7ca416d02b30335be89c

Request headers

Referer
https://princetonpayment.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 04 Mar 2023 17:06:00 GMT
ETag
W/"6400b42a-d18"
Last-Modified
Thu, 02 Mar 2023 14:35:22 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400,400i,600,600i,700,700i|Merriweather:300,300i,400,400i,700,700i|Libre%20Franklin:400,400i,600,600i,700,700i&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://princetonpayment.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 05:05:33 GMT
x-content-type-options
nosniff
age
216026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 05:05:33 GMT
ionicons.ttf
princetonpayment.com/wp-content/themes/news-base/assets/libraries/ionicons/fonts/ 		184 KB
184 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/ionicons/fonts/ionicons.ttf?v=2.0.0
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/ionicons/css/ionicons.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.250.125.150 Johannesburg, South Africa, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer
https://princetonpayment.com/wp-content/themes/news-base/assets/libraries/ionicons/css/ionicons.min.css?ver=6.1.1
Origin
https://princetonpayment.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 17:05:59 GMT
last-modified
Tue, 10 May 2022 05:38:12 GMT
server
nginx
accept-ranges
bytes
etag
"6279fa44-2e05c"
content-length
188508
content-type
application/octet-stream
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400,400i,600,600i,700,700i|Merriweather:300,300i,400,400i,700,700i|Libre%20Franklin:400,400i,600,600i,700,700i&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://princetonpayment.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 16:31:08 GMT
x-content-type-options
nosniff
age
174891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27268
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 16:31:08 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400,400i,600,600i,700,700i|Merriweather:300,300i,400,400i,700,700i|Libre%20Franklin:400,400i,600,600i,700,700i&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://princetonpayment.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:48:43 GMT
x-content-type-options
nosniff
age
155836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 21:48:43 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400,400i,600,600i,700,700i|Merriweather:300,300i,400,400i,700,700i|Libre%20Franklin:400,400i,600,600i,700,700i&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://princetonpayment.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 22:41:31 GMT
x-content-type-options
nosniff
age
152668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 22:41:31 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400,400i,600,600i,700,700i|Merriweather:300,300i,400,400i,700,700i|Libre%20Franklin:400,400i,600,600i,700,700i&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://princetonpayment.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 19:22:25 GMT
x-content-type-options
nosniff
age
78214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 19:22:25 GMT
bg.png
www.jifa33.com/go/images/kaiyun-h5/ Frame 17BB 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jifa33.com/go/images/kaiyun-h5/bg.png
Requested by
Host: www.jifa33.com
URL: https://www.jifa33.com/go/yb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.60.110.222 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
c7cf02349f1b3fe1dab2b9edf721505a0985268b08f57e139a0faa11478341bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jifa33.com/go/yb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 17:06:00 GMT
Last-Modified
Thu, 01 Dec 2022 06:40:29 GMT
Server
nginx
ETag
"63884c5d-1fdc4b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2088011
shouji.png
www.jifa33.com/go/images/kaiyun-h5/ Frame 17BB 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jifa33.com/go/images/kaiyun-h5/shouji.png
Requested by
Host: www.jifa33.com
URL: https://www.jifa33.com/go/yb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.60.110.222 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
b2d2afac525c2bd76cde58eb26f8bb4920eff93aad0dfd7bc715ff4365f7054c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jifa33.com/go/yb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 17:06:00 GMT
Last-Modified
Fri, 21 Oct 2022 02:36:08 GMT
Server
nginx
ETag
"63520598-4230"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16944
diannao.png
www.jifa33.com/go/images/kaiyun-h5/ Frame 17BB 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jifa33.com/go/images/kaiyun-h5/diannao.png
Requested by
Host: www.jifa33.com
URL: https://www.jifa33.com/go/yb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.60.110.222 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
570ccdc943f2cec45cc7a0ffb62f910a6c4c27fae0ad60763e17240257f09514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jifa33.com/go/yb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 17:06:00 GMT
Last-Modified
Fri, 21 Oct 2022 02:36:25 GMT
Server
nginx
ETag
"635205a9-6570"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25968
quanzhanapp.png
www.jifa33.com/go/images/kaiyun-h5/ Frame 17BB 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jifa33.com/go/images/kaiyun-h5/quanzhanapp.png
Requested by
Host: www.jifa33.com
URL: https://www.jifa33.com/go/yb.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.60.110.222 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
08648973a1cccb196b17914ae0c558c038a316337816abab19a2958e965f8647

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jifa33.com/go/yb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 17:06:00 GMT
Last-Modified
Fri, 21 Oct 2022 02:36:36 GMT
Server
nginx
ETag
"635205b4-4369"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17257
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1000301391&si=928e308f9c5573be67e569cf51250d86&v=1.3.0&lv=1&sn=56956&r=0&ww=1600&u=https%3A%2F%2Fprincetonpayment.com%2F&tt=%E4%BA%9A%E4%BC%AF%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Mar 2023 17:06:00 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=944956377&si=ffbcf66b0598a472db1d0db26298bccf&v=1.3.0&lv=1&sn=56956&r=0&ww=1600&u=https%3A%2F%2Fprincetonpayment.com%2F&tt=%E4%BA%9A%E4%BC%AF%E5%B9%B3%E5%8F%B0(%E4%B8%AD%E5%9B%BD)%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: princetonpayment.com
URL: https://princetonpayment.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://princetonpayment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Mar 2023 17:06:00 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery string| l_a_n_g_age string| sen_type string| c_d1 string| c_d2 object| _hmt object| twemoji object| wp function| isMobile string| url function| getIosVersion string| u boolean| isIOS function| randomNum number| uidEvent object| bootstrap boolean| success boolean| _bdhm_loaded_928e308f9c5573be67e569cf51250d86 object| mini_tangram_log_uv4teg boolean| _bdhm_loaded_ffbcf66b0598a472db1d0db26298bccf object| mini_tangram_log_w4kzt5

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: A4BC11E092AD78D8
.princetonpayment.com/ Name: Hm_lvt_928e308f9c5573be67e569cf51250d86
Value: 1677949561
.princetonpayment.com/ Name: Hm_lpvt_928e308f9c5573be67e569cf51250d86
Value: 1677949561
.princetonpayment.com/ Name: Hm_lvt_ffbcf66b0598a472db1d0db26298bccf
Value: 1677949561
.princetonpayment.com/ Name: Hm_lpvt_ffbcf66b0598a472db1d0db26298bccf
Value: 1677949561

2 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://m1.jifa66.com/js/yb.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://m1.jifa66.com/js/yb.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.thememattic.com
fonts.googleapis.com
fonts.gstatic.com
hm.baidu.com
m1.jifa66.com
princetonpayment.com
www.jifa33.com
www.princetonpayment.com
103.235.46.191
103.60.110.222
156.250.125.150
159.69.88.71
2a00:1450:4001:801::2003
2a00:1450:4001:813::200a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
061ef66318bc98c65a0fc8f8d690017cd5a89ac590925bc41ed67640326e559e
08648973a1cccb196b17914ae0c558c038a316337816abab19a2958e965f8647
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0fbaa51b83df3f7134096cd7e65c0e132404a0f7593629a5cd760d8449eda153
21b589bbc25d38fbf4c8168b0801ce4cf9d0aa1d372ae1ac773574aaeb10c08d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
341928544cc027e37162e51a7711aeb241c9178fa36ab1f8c761218f11e2252c
3d47ec57ef87037ee37c4de82842cea967e340005cbf7ca416d02b30335be89c
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
570ccdc943f2cec45cc7a0ffb62f910a6c4c27fae0ad60763e17240257f09514
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
5f013b1d8bbd2a022773674d3bcc67cb0cd96e9655b5cd7a50fec3f58d6353de
5f4cc74fad347ce7a9352c9e15c6aba70f80a0e4679b1f07daa152d11a762894
5f6bc18df7cec4dee9dd2f4dc1c2f5e4aaac3aa216eb9ffdc6053538491a21b3
652737eea9c8f3ddbcc231978aa558d13dbff2d3059a12daf458fc7d61cf6715
6f9839aedcec04cee0368f106b821896253124e1c39f44b8ee2536176013cc2d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
79148ee421e2806eda0eb2f9126f09c3198605b8a7121a0bc820091d6fe515ba
7cf536ea11b5f77c7ba7e02665c31a50226eb901c22103fc2e127684f6748ffd
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ee5daef0a5d094deecc0a204af31b163de406d13380a0afcf19d75b406c750d
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b2d2afac525c2bd76cde58eb26f8bb4920eff93aad0dfd7bc715ff4365f7054c
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c7cf02349f1b3fe1dab2b9edf721505a0985268b08f57e139a0faa11478341bd
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d35cc4a59e4b5224f97e7c76b77b125429926c170280364c76b3d34eb0444a5c
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31