urlscan.io logo urlscan.io
SecurityTrails logo

cdn.khan2.com Open in urlscan Pro
172.67.204.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nenkin-tetsuzuki.net/
Effective URL: https://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On December 20 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 29 HTTP transactions. The main IP is 172.67.204.164, located in United States and belongs to CLOUDFLARENET, US. The main domain is cdn.khan2.com.
TLS certificate: Issued by WE1 on November 29th 2024. Valid for: 3 months.
This is the only time cdn.khan2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 172.67.204.164 13335 (CLOUDFLAR...)
8 104.251.228.22 140042 (IZEC-AS-A...)
7 142.250.76.131 15169 (GOOGLE)
1 172.67.133.243 13335 (CLOUDFLAR...)
29 6
2    2606:4700:3032::ac43:85f3 (United States)

ASN13335 (CLOUDFLARENET, US)
nenkin-tetsuzuki.net
8    172.67.204.164 (United States)

ASN13335 (CLOUDFLARENET, US)
tongji.khan2.com
cdn2.khan2.com
cdn.khan2.com
8    104.251.228.22 (Tokyo, Japan)

ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK)
image.bangkokbiznews.com
7    142.250.76.131 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f3.1e100.net
fonts.gstatic.com
1    172.67.133.243 (United States)

ASN13335 (CLOUDFLARENET, US)
nenkin-tetsuzuki.net
Apex Domain
Subdomains		 Transfer
8 khan2.com
tongji.khan2.com
cdn2.khan2.com
cdn.khan2.com
66 KB
8 bangkokbiznews.com
www.bangkokbiznews.com — Cisco Umbrella Rank: 211628 Failed
image.bangkokbiznews.com — Cisco Umbrella Rank: 91087
236 KB
7 gstatic.com
fonts.gstatic.com
69 KB
3 nenkin-tetsuzuki.net
nenkin-tetsuzuki.net
48 KB
0 apple.com Failed
apps.apple.com — Cisco Umbrella Rank: 431 Failed
29 5
Domain Requested by
8 image.bangkokbiznews.com nenkin-tetsuzuki.net
7 fonts.gstatic.com nenkin-tetsuzuki.net
4 cdn2.khan2.com tongji.khan2.com
cdn2.khan2.com
3 cdn.khan2.com cdn2.khan2.com
cdn.khan2.com
3 nenkin-tetsuzuki.net nenkin-tetsuzuki.net
1 tongji.khan2.com nenkin-tetsuzuki.net
0 apps.apple.com Failed
0 www.bangkokbiznews.com Failed nenkin-tetsuzuki.net
29 8

This site contains no links.

Subject Issuer Validity Valid
nenkin-tetsuzuki.net
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
khan2.com
WE1		 2024-11-29 -
2025-02-27		 3 months crt.sh
image.bangkokbiznews.com
Encryption Everywhere DV TLS CA - G2		 2024-11-28 -
2025-11-28		 a year crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Frame: itms-appss://apps.apple.com/US/app/id1462880009?mt=8
Frame ID: 1FDA04DFEEB3C9668092E2AF3DAC4A02
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. http://nenkin-tetsuzuki.net/ HTTP 307
    https://nenkin-tetsuzuki.net/ Page URL
  2. http://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.... HTTP 307
    https://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

90 %
HTTPS

20 %
IPv6

5
Domains

8
Subdomains

6
IPs

2
Countries

419 kB
Transfer

726 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nenkin-tetsuzuki.net/ HTTP 307
    https://nenkin-tetsuzuki.net/ Page URL
  2. http://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp HTTP 307
    https://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nenkin-tetsuzuki.net/ HTTP 307
  • https://nenkin-tetsuzuki.net/
Request Chain 1
  • https://www.bangkokbiznews.com/data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIHdpZHRoPSI5OTk5OXB4IiBoZWlnaHQ9Ijk5OTk5cHgiIHZpZXdCb3g9IjAgMCA5OTk5OSA5OTk5OSIgdmVyc2lvbj0iMS4xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj48ZyBzdHJva2U9Im5vbmUiIGZpbGw9Im5vbmUiIGZpbGwtb3BhY2l0eT0iMCI+PHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9Ijk5OTk5IiBoZWlnaHQ9Ijk5OTk5Ij48L3JlY3Q+IDwvZz4gPC9zdmc+ HTTP 307
  • https://www.bangkokbiznews.com/
Request Chain 27
  • https://operation.onelink.me/yxkn/qohz46xq HTTP 301
  • https://apps.apple.com/US/app/id1462880009?mt=8 HTTP 301
  • itms-appss://apps.apple.com/US/app/id1462880009?mt=8

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nenkin-tetsuzuki.net/
Redirect Chain
  • http://nenkin-tetsuzuki.net/
  • https://nenkin-tetsuzuki.net/
98 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:85f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf58e23482616def52d964777c7109f80eba488ed8f7b2b2ecd2b19993f5f296

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f5364838c2afcc1-NRT
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 20 Dec 2024 23:25:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6VyliBOYbGrwA4Rl8eX0ui9O%2FakvmfCbwfVCmo%2BcCVpwqSmDUa7chACybA8j6Dk4Ceng7uLOxF5s6zx91Pakg2dTAIVOJYbT1yuShVkWbFvvr7WgR%2Br%2Fku%2F6ZcF2mRfZH8qlbKkZipZ3lmgGQJNnQTNlug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=1259&min_rtt=969&rtt_var=565&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4358&recv_bytes=2322&delivery_rate=3444633&cwnd=254&unsent_bytes=0&cid=90684139a94d5429&ts=1328&x=0"
vary
Accept-Encoding

Redirect headers

Location
https://nenkin-tetsuzuki.net/
Non-Authoritative-Reason
HttpsUpgrades
/
www.bangkokbiznews.com/
Redirect Chain
  • https://www.bangkokbiznews.com/data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIHdpZHRoPSI5OTk5OXB4IiBoZWlnaHQ9Ijk5OTk5cHgiIHZpZXdCb3g9IjAgMCA5OTk5OSA5OTk5OSIgdmVy...
  • https://www.bangkokbiznews.com/
0
0
2b7773d5c910d186.css
nenkin-tetsuzuki.net/mir/_next/static/css/ 		180 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nenkin-tetsuzuki.net/mir/_next/static/css/2b7773d5c910d186.css
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:85f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5315887643d6e74007c5edcdc0eec512482f9ac86460e8634a94711742ea3a79

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"675813c9-2cf16"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJImLSw%2Bes%2FyZtFZIIOIcGS6ILqgT5NcmciYf%2BGZVRl0LyD1jXKRAUqAnus3C8AjY7oAUNhUNhhoVB9sWdszij7BgpEzRIaNzKRPVD%2F1PxUvCv9bEgqNPCVEotaJkZWSxDubgniXjp9nSiZNysF%2Fav8MrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f53648be98bfcc1-NRT
expires
Sat, 21 Dec 2024 11:25:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1118&min_rtt=969&rtt_var=51&sent=27&recv=32&lost=0&retrans=0&sent_bytes=18373&recv_bytes=2467&delivery_rate=12318537&cwnd=257&unsent_bytes=0&cid=90684139a94d5429&ts=1527&x=0"
date
Fri, 20 Dec 2024 23:25:38 GMT
content-type
text/css
last-modified
Tue, 10 Dec 2024 10:11:21 GMT
vary
Accept-Encoding
server
cloudflare
tongji2.js
tongji.khan2.com/ 		462 B
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tongji.khan2.com/tongji2.js
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6095bcf91b05fc4b540bc1ca31d53ce9f1d6821d147c7e32377b995bbca63daa

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66cef17e-1ce"
age
13145
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F9lzf4JIgLnKH9xhB0jfwSXafd%2B%2B8luYRF86SGlrgGF2Tro02KlPdduKR%2BPAf7xLOQlWJ6IGDCR24mWOwPyokKljsP4xN95Dw59uN3GKPt1n7bMjO5fasY5MeI3SpAnpr%2B3Z"}],"group":"cf-nel","max_age":604800}
expires
Sat, 21 Dec 2024 07:46:32 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1747&min_rtt=1229&rtt_var=668&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4168&recv_bytes=5630&delivery_rate=473417&cwnd=12000&unsent_bytes=0&cid=a9f29f3622d38236&ts=17&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 23:25:38 GMT
content-type
application/javascript
last-modified
Wed, 28 Aug 2024 09:44:30 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f53648c3bf2e364-NRT
server
cloudflare
logo-primary.png
image.bangkokbiznews.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.bangkokbiznews.com/logo-primary.png
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.22 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
0d52215a761755b0a4ef082d71dde7787a3530c4886b6df417ccf1de3d462bce

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
"096818c59c74d6c1852a371e8098b397"
age
1840169
nginx-hit
1
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/png
x-obs-request-id
00000192327FC674440C84C28EFD55BE
last-modified
Wed, 18 Sep 2024 07:57:46 GMT
content-disposition
inline
cache-control
max-age=1800
cloudservicediscount
CDN
x-ccdn-expires
751831
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
via
EA-JPN-tokyo-EDGE4-CACHE7[5],EA-JPN-tokyo-EDGE4-CACHE3[0,TCP_HIT,4],EA-HKG-GLOBAL1-CACHE12[3],EA-HKG-GLOBAL1-CACHE7[0,TCP_HIT,2]
x-obs-tagging-count
0
x-obs-version-id
G0011192042329DB0000440C09D9CE7F
accept-ranges
bytes
content-length
4021
server
openresty
logo_sonp.png
image.bangkokbiznews.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.bangkokbiznews.com/logo_sonp.png
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.22 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
1d28cf435c048bd9a22a051660390145706a1bdf32e01dffbad491d55bdcd8fe

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkU6bo7Pfu6krmodLgcEEst7vyWZG2u
etag
"5f523bf53e799a7173e3c150bba9f2a7"
age
653919
nginx-hit
1
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/png
x-obs-request-id
0000018D0F66B92E440CDB4D915EE978
last-modified
Fri, 07 Oct 2022 04:07:50 GMT
content-disposition
inline
cache-control
max-age=1800
cloudservicediscount
CDN
x-ccdn-expires
1938081
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
via
EA-JPN-tokyo-EDGE4-CACHE7[3],EA-JPN-tokyo-EDGE4-CACHE4[0,TCP_HIT,2],EA-HKG-GLOBAL1-CACHE27[27],EA-HKG-GLOBAL1-CACHE28[0,TCP_HIT,26]
x-obs-tagging-count
0
x-obs-version-id
G0011183B0A0C8FA0000440C6C2DB5DD
accept-ranges
bytes
content-length
3450
server
openresty
f.php
cdn2.khan2.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.khan2.com/f.php
Requested by
Host: tongji.khan2.com
URL: https://tongji.khan2.com/tongji2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9747cb074fbfc89a56ea173c6776937f4e790fc5d24ee94d4f0e76e09dd4f49d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://nenkin-tetsuzuki.net/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0J8AJy354ofhZI3cGp99aZCw98kNJRID7hSHdzRsaC6153354TcPFXtLDP5NcV1dG4td9Js8okyZFge7y0LQ1sLJEfO98SE8fNMhwcE8Kt90VYoKiLQXKsv3Aaz4Ens5ag%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f53648d3dfde364-NRT
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1719&min_rtt=1158&rtt_var=578&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5221&recv_bytes=6097&delivery_rate=98277&cwnd=12000&unsent_bytes=0&cid=a9f29f3622d38236&ts=314&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 23:25:38 GMT
content-type
text/html;charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
jquery.min.js
cdn2.khan2.com/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.khan2.com/jquery.min.js
Requested by
Host: cdn2.khan2.com
URL: https://cdn2.khan2.com/f.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://nenkin-tetsuzuki.net/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"16eac-53fe772d35100"
age
4269
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=amqt0sPPVKAij%2F2%2FF7k%2B2AlGVepdGGNoxhVgMJ8Em%2BjuP9m5LAgiFJtWFinvDQOeD5PT%2FSnfYKeIXX8coNyIXJJ8UpIzK8rpQxuF3ODQZdvWBdNcOrpeFosWXqlvSSWLRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1672&min_rtt=1158&rtt_var=527&sent=19&recv=17&lost=0&retrans=0&sent_bytes=7248&recv_bytes=7393&delivery_rate=13332&cwnd=12000&unsent_bytes=0&cid=a9f29f3622d38236&ts=326&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 23:25:38 GMT
content-type
application/javascript
last-modified
Fri, 28 Oct 2016 07:03:00 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f53648e2faae364-NRT
server
cloudflare
a.php
cdn2.khan2.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.khan2.com/a.php?s=aHR0cHMlM0ElMkYlMkZuZW5raW4tdGV0c3V6dWtpLm5ldCUyRnx8KzA5MDB8JXUwRTIzJXUwRTJEJXUwRTFBJXUwRTQyJXUwRTI1JXUwRTAxJXUwRTE5JXUwRTM0JXUwRTI3JXUwRTJBJXUwRTRD&t=0.02971923124927156
Requested by
Host: cdn2.khan2.com
URL: https://cdn2.khan2.com/f.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65eda0e9251159f8743adb86814ee93b8bc22075e4c69ba61287b49580e085fd

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIGKUBpXw0tirZM6YSHXZgaZR3qk3ETctzON20pJf6Bg5MUPL3VI%2BErFqoXsvKcu5m%2B%2BmcIpewLWWRaNl%2BN0MkSyQi%2Br%2Fgz4%2BJqHr%2FGktmBDap7UQlJOnTywwuasehUjfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f53648e2fade364-NRT
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1564&min_rtt=1158&rtt_var=248&sent=52&recv=34&lost=0&retrans=0&sent_bytes=44389&recv_bytes=8125&delivery_rate=29966&cwnd=25200&unsent_bytes=0&cid=a9f29f3622d38236&ts=712&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
text/html;charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
b.php
cdn2.khan2.com/ 		0
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.khan2.com/b.php?s=aHR0cHMlM0ElMkYlMkZuZW5raW4tdGV0c3V6dWtpLm5ldCUyRnx8KzA5MDB8JXUwRTIzJXUwRTJEJXUwRTFBJXUwRTQyJXUwRTI1JXUwRTAxJXUwRTE5JXUwRTM0JXUwRTI3JXUwRTJBJXUwRTRD&t=0.7332438649463628
Requested by
Host: cdn2.khan2.com
URL: https://cdn2.khan2.com/f.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKfQqiqNehfEG4QEKULbL0XYojPi5sAMjH%2FUT1%2BxN1iG%2Bu19Uc31iDE91tpjdQpM2f0DxxYUME5a6CPwl%2BwtXEjobIeexFxPQ%2Fkn%2BqVoNopLI%2B2qRNeT20BMZUrI9exUaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f53648e2fafe364-NRT
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1507&min_rtt=1158&rtt_var=179&sent=51&recv=33&lost=0&retrans=0&sent_bytes=43581&recv_bytes=8081&delivery_rate=18629113&cwnd=25200&unsent_bytes=0&cid=a9f29f3622d38236&ts=458&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
text/html;charset=utf-8
server
cloudflare
priority
u=3,i=?0
pxiLypw5ucZF-Tw4Mbr8f1s.woff2
fonts.gstatic.com/s/mitr/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Tw4Mbr8f1s.woff2
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f3.1e100.net
Software
sffe /
Resource Hash
e8ce93bfaca24b641f2844d1a3c6fb3588af7937f176746d8e981ed8e3f4efd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://nenkin-tetsuzuki.net
Referer
https://nenkin-tetsuzuki.net/

Response headers

age
6838
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 21:31:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 21:31:40 GMT
last-modified
Tue, 26 Apr 2022 14:51:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13768
x-xss-protection
0
server
sffe
update
nenkin-tetsuzuki.net/mirr/ 		10 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nenkin-tetsuzuki.net/mirr/update?url=/
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.133.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21e380b928c9b82b8ca09a883c836c57b819c88478f006054f56ad6ecaa1555

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZX7JIi4OrukDOzvE86LGIK7Hyyy8AINcc2eqeJdXqBxAOYCzCdoqh3%2Bnlv%2BPdCHJLty5Itg7qwwVgmAWCHRb4YnoQ10iUQAgIqrtnXLzg9Doca0%2Fh9%2FwlaXxOUa2mfHGpB6avJO5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f53648e5aa4d4b6-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1607&min_rtt=1219&rtt_var=533&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4339&recv_bytes=6080&delivery_rate=1028&cwnd=12000&unsent_bytes=0&cid=bc3a677e383db5d6&ts=544&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
appoint.xml
nenkin-tetsuzuki.net/sitemap_mir/ 		0
0
pxiEypw5ucZF8c8bJIPecnFHGPezSQ.woff2
fonts.gstatic.com/s/mitr/v11/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8c8bJIPecnFHGPezSQ.woff2
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f3.1e100.net
Software
sffe /
Resource Hash
c4917ebce93171c19e4781e851c82de695b8fb8c334715d502cb9cdc2a916260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://nenkin-tetsuzuki.net
Referer
https://nenkin-tetsuzuki.net/

Response headers

age
6651
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 21:34:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 21:34:47 GMT
last-modified
Tue, 26 Apr 2022 14:51:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7760
x-xss-protection
0
server
sffe
pxiEypw5ucZF8fMZJIPecnFHGPezSQ.woff2
fonts.gstatic.com/s/mitr/v11/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8fMZJIPecnFHGPezSQ.woff2
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f3.1e100.net
Software
sffe /
Resource Hash
52d511694c4f13d8682ecb1e718a13ffd5b40f198e0082384e90d49cc3cdacab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://nenkin-tetsuzuki.net
Referer
https://nenkin-tetsuzuki.net/

Response headers

age
266325
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 21:26:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 21:26:53 GMT
last-modified
Tue, 26 Apr 2022 15:03:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
6928
x-xss-protection
0
server
sffe
pxiEypw5ucZF8ZcaJJfecnFHGPc.woff2
fonts.gstatic.com/s/mitr/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8ZcaJJfecnFHGPc.woff2
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1ff28c2a1e4799953822d3139d02cbfba14428ec900a5bdd4478b6847e36f903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://nenkin-tetsuzuki.net
Referer
https://nenkin-tetsuzuki.net/

Response headers

age
61533
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 06:20:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 06:20:05 GMT
last-modified
Tue, 26 Apr 2022 14:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13264
x-xss-protection
0
server
sffe
pxiLypw5ucZF-Sg4Mbr8f1t9EQ.woff2
fonts.gstatic.com/s/mitr/v11/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Sg4Mbr8f1t9EQ.woff2
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f3.1e100.net
Software
sffe /
Resource Hash
c4db70cf7a59ade47aa89fe38f62d8592ce59eec1a49c18f299abb7084aa4801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://nenkin-tetsuzuki.net
Referer
https://nenkin-tetsuzuki.net/

Response headers

age
60327
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 06:40:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 06:40:11 GMT
last-modified
Tue, 26 Apr 2022 15:03:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7904
x-xss-protection
0
server
sffe
pxiEypw5ucZF8ZcaJIPecnFHGPezSQ.woff2
fonts.gstatic.com/s/mitr/v11/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8ZcaJIPecnFHGPezSQ.woff2
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f3.1e100.net
Software
sffe /
Resource Hash
41276a8c6bb481496aed93a7915aa95c74ef07311344c475cee546d69a934242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://nenkin-tetsuzuki.net
Referer
https://nenkin-tetsuzuki.net/

Response headers

age
5749
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 21:49:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 21:49:49 GMT
last-modified
Tue, 26 Apr 2022 14:51:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7616
x-xss-protection
0
server
sffe
pxiEypw5ucZF8c8bJJfecnFHGPc.woff2
fonts.gstatic.com/s/mitr/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8c8bJJfecnFHGPc.woff2
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.131 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f3.1e100.net
Software
sffe /
Resource Hash
4ed35744a314ecc235b9520c2cc1ecee0d3d1d65eaebcb6a6d006ce4754162c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://nenkin-tetsuzuki.net
Referer
https://nenkin-tetsuzuki.net/

Response headers

age
55882
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 07:54:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 07:54:16 GMT
last-modified
Tue, 26 Apr 2022 14:53:43 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13524
x-xss-protection
0
server
sffe
VOnW23LXCx92tUmNMyRW.webp
image.bangkokbiznews.com/uploads/images/md/2024/12/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.bangkokbiznews.com/uploads/images/md/2024/12/VOnW23LXCx92tUmNMyRW.webp?x-image-process=style/MD-webp
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.22 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
cce8375af1e00cfc34332af5080c5d0427d8db397a61ede4e4df37b7df54e70a

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

x-request-id
00000193E65B914B440E3D3B6C327B37
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
4111048f6c2026ad66181ee91e1566c5
age
558
nginx-hit
1
x-transcode-length
111942
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/webp
x-obs-request-id
00000193E65B914B440E3D3B6C327B37
content-disposition
inline
cache-control
max-age=1800
cloudservicediscount
CDN
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
x-ccdn-expires
2591442
via
EA-JPN-tokyo-EDGE4-CACHE7[17],EA-JPN-tokyo-EDGE4-CACHE7[0,TCP_HIT,15],EA-HKG-GLOBAL1-CACHE18[473],EA-HKG-GLOBAL1-CACHE22[463,TCP_MISS,468]
x-oef-request-id
38313039643664396466303a31332e32313a3334
accept-ranges
bytes
content-length
35232
server
openresty
00tyIGmwebrvBXD6qR68.webp
image.bangkokbiznews.com/uploads/images/md/2024/12/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.bangkokbiznews.com/uploads/images/md/2024/12/00tyIGmwebrvBXD6qR68.webp?x-image-process=style/MD-webp
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.22 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
206f5e581a2f73b3e1314bfcdf323dd7af237d4f8be6442b21075d8d6174ee48

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

x-request-id
00000193E64C6A2B440E3D31B3CA7848
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
7e48f0c6de64b1d23e6534ef8c35231c
age
712
nginx-hit
1
x-transcode-length
75802
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/webp
x-obs-request-id
00000193E64C6A2B440E3D31B3CA7848
content-disposition
inline
cache-control
max-age=1800
cloudservicediscount
CDN
x-ccdn-expires
2591288
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
via
EA-JPN-tokyo-EDGE4-CACHE7[5],EA-JPN-tokyo-EDGE4-CACHE5[0,TCP_HIT,2],EA-HKG-GLOBAL1-CACHE33[19],EA-HKG-GLOBAL1-CACHE13[0,TCP_HIT,18]
x-oef-request-id
38323534386438623665383a31332e3132303a65
accept-ranges
bytes
content-length
50402
server
openresty
Y8I8aE0dpXQaXMYsTBGw.webp
image.bangkokbiznews.com/uploads/images/md/2024/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.bangkokbiznews.com/uploads/images/md/2024/12/Y8I8aE0dpXQaXMYsTBGw.webp?x-image-process=style/MD-webp
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.22 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
27a81079502143e1247e6fbbe9148cb9059fd7a3cf4cd703211c432b5d7eb37c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

x-request-id
00000193E4AC4BD2440C849B050A3B06
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
15c904cda3293e7a1b2e5a7a720a55a9
age
712
nginx-hit
1
x-transcode-length
141076
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/webp
x-obs-request-id
00000193E4AC4BD2440C849B050A3B06
content-disposition
inline
cache-control
max-age=1800
cloudservicediscount
CDN
x-ccdn-expires
2591288
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
via
EA-JPN-tokyo-EDGE4-CACHE7[3],EA-JPN-tokyo-EDGE4-CACHE4[0,TCP_HIT,2],EA-HKG-GLOBAL1-CACHE40[4],EA-HKG-GLOBAL1-CACHE11[0,TCP_HIT,2]
x-oef-request-id
35353564306162393931613a31332e3234353a63
accept-ranges
bytes
content-length
38486
server
openresty
KjArj17kGxYHKsrRS8KX.webp
image.bangkokbiznews.com/uploads/images/md/2024/12/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.bangkokbiznews.com/uploads/images/md/2024/12/KjArj17kGxYHKsrRS8KX.webp?x-image-process=style/MD-webp
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.22 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
8de7b44a45abde0ac279cffde484137d162800756f2327199a8618ca505860cc

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

x-request-id
00000193E4AC4B77440C85BC04C634B6
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
0debe16626b33d96deae8d680b728f08
age
712
nginx-hit
1
x-transcode-length
173658
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/webp
x-obs-request-id
00000193E4AC4B77440C85BC04C634B6
content-disposition
inline
cache-control
max-age=1800
cloudservicediscount
CDN
x-ccdn-expires
2591288
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
via
EA-JPN-tokyo-EDGE4-CACHE7[5],EA-JPN-tokyo-EDGE4-CACHE2[0,TCP_HIT,2],EA-HKG-GLOBAL1-CACHE6[4],EA-HKG-GLOBAL1-CACHE27[0,TCP_HIT,2]
x-oef-request-id
36656430393863636238313a31332e3139363a63
accept-ranges
bytes
content-length
54160
server
openresty
n6WH77TBrTJbwyXJAQAG.webp
image.bangkokbiznews.com/uploads/images/md/2024/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.bangkokbiznews.com/uploads/images/md/2024/12/n6WH77TBrTJbwyXJAQAG.webp?x-image-process=style/MD-webp
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.22 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
78755d97c501047393674d994653781705433e39114874d9f60afb7612c92326

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

x-request-id
00000193E427081F440E3DB0E499318B
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
330b286c237c595b3e4d7da49a1e01b6
age
33033
nginx-hit
1
x-transcode-length
42404
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/webp
x-obs-request-id
00000193E427081F440E3DB0E499318B
content-disposition
inline
cache-control
max-age=1800
cloudservicediscount
CDN
x-ccdn-expires
2558967
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
via
EA-JPN-tokyo-EDGE4-CACHE7[3],EA-JPN-tokyo-EDGE4-CACHE2[0,TCP_HIT,1],EA-HKG-GLOBAL1-CACHE4[9],EA-HKG-GLOBAL1-CACHE8[0,TCP_HIT,8]
x-oef-request-id
32623062366137346162613a31332e3134353a39
accept-ranges
bytes
content-length
19822
server
openresty
7Oh8vndpzM7YjpCD6euA.webp
image.bangkokbiznews.com/uploads/images/md/2024/12/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.bangkokbiznews.com/uploads/images/md/2024/12/7Oh8vndpzM7YjpCD6euA.webp?x-image-process=style/MD-webp
Requested by
Host: nenkin-tetsuzuki.net
URL: https://nenkin-tetsuzuki.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.251.228.22 Tokyo, Japan, ASN140042 (IZEC-AS-AP Zhipinshang Hongkong Electron Communication Technology Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
1c03deaf5c89242d62c02103c3864091c3b4d1c9fd1a3c1f6d2e52b2043b5992

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://nenkin-tetsuzuki.net/

Response headers

x-request-id
00000193E41E453A440E3DE0ECA5C6B6
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
74e57e14b4ec4c55346450c156472e2a
age
38130
nginx-hit
1
x-transcode-length
105002
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/webp
x-obs-request-id
00000193E41E453A440E3DE0ECA5C6B6
content-disposition
inline
cache-control
max-age=1800
cloudservicediscount
CDN
x-hcs-proxy-type
1
x-ccdn-cachettl
2592000
x-ccdn-expires
2553870
via
EA-JPN-tokyo-EDGE4-CACHE7[5],EA-JPN-tokyo-EDGE4-CACHE5[0,TCP_HIT,2],EA-HKG-GLOBAL1-CACHE27[495],EA-HKG-GLOBAL1-CACHE9[485,TCP_MISS,488],EA-HKG-GLOBAL1-CACHE9[424,TCP_MISS,485]
x-oef-request-id
34303965363237663130333a31332e3232323a36
accept-ranges
bytes
content-length
31004
server
openresty
Primary Request ad.php
cdn.khan2.com/
Redirect Chain
  • http://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp
  • https://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp
895 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp
Requested by
Host: cdn2.khan2.com
URL: https://cdn2.khan2.com/a.php?s=aHR0cHMlM0ElMkYlMkZuZW5raW4tdGV0c3V6dWtpLm5ldCUyRnx8KzA5MDB8JXUwRTIzJXUwRTJEJXUwRTFBJXUwRTQyJXUwRTI1JXUwRTAxJXUwRTE5JXUwRTM0JXUwRTI3JXUwRTJBJXUwRTRD&t=0.02971923124927156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0591d5ce3222791e320bae6c26cdcc464579a19953022ee6368d1a1631690cf5

Request headers

Referer
https://nenkin-tetsuzuki.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f536490c9ac6867-NRT
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 20 Dec 2024 23:25:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3rst08nY7FJ6FfGixzcJ3tjXw3WMNLr%2BuyU8G6kd5FRBjAQOn5jFqMHnEZyrtyrZcDWzrSKZSobR%2FbtI8LsGKrClRzTRKhHHyWtmay8r3NbRadI1PxtHuEAAQLZN%2Bfv3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=1716&min_rtt=1307&rtt_var=508&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4248&recv_bytes=7062&delivery_rate=1048&cwnd=12000&unsent_bytes=0&cid=3257171b9b27442d&ts=140&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Location
https://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp
Non-Authoritative-Reason
HttpsUpgrades
loading.webp
cdn.khan2.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.khan2.com/loading.webp
Requested by
Host: cdn.khan2.com
URL: https://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a7e8b7fc288eaad001b6299693fbb9b29aa58880259d3d7b6f24c7afed26fc5

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://cdn.khan2.com/ad.php?s=aHR0cHM6Ly9vcGVyYXRpb24ub25lbGluay5tZS95eGtuL3FvaHo0Nnhx&i=loading.webp

Response headers

cf-cache-status
HIT
etag
"22d4-61dfb1d63dc32"
age
3486
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibBc09vi1M%2FimAaRv%2Bzq0UugUK0SDYl7Jl3JAbQZEirHqZUhD8OXlfs%2FCDA5MQeOxMhFDi5I97jsAwAsSC3XzxvbRhX35H0Qu0LQEGrW60KLWarKMSwOSsEadzAk7ya1"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1894&min_rtt=1307&rtt_var=611&sent=17&recv=15&lost=0&retrans=0&sent_bytes=5573&recv_bytes=7579&delivery_rate=593323&cwnd=12000&unsent_bytes=0&cid=3257171b9b27442d&ts=268&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/webp
last-modified
Wed, 24 Jul 2024 09:43:47 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5364925a476867-NRT
accept-ranges
bytes
content-length
8916
server
cloudflare
favicon.ico
cdn.khan2.com/ 		42 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.khan2.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22c5cea9bfd8d363558d3f00fe1dacdc06ec56d5dce4af953e37c4c4a4b63c5

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"a656-53fe98d69bc00"
age
3486
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvi%2FxU8oO5zblpr7kjj0kSBBOf9PB4TEsTPO4ZR%2BXZhgTRNjDHzLpisf1hXR3TWlWINmyWIje13opMo%2BjX10vpLKqqYJhEf300gqpYai35FWmj%2BY3Fb3jpZrgEolCheS"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1781&min_rtt=1307&rtt_var=302&sent=27&recv=20&lost=0&retrans=0&sent_bytes=15410&recv_bytes=8115&delivery_rate=603510&cwnd=12000&unsent_bytes=0&cid=3257171b9b27442d&ts=290&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 23:25:39 GMT
content-type
image/x-icon
last-modified
Fri, 28 Oct 2016 09:33:36 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5364927a6b6867-NRT
server
cloudflare
id1462880009
apps.apple.com/US/app/
Redirect Chain
  • https://operation.onelink.me/yxkn/qohz46xq
  • https://apps.apple.com/US/app/id1462880009?mt=8
  • itms-appss://apps.apple.com/US/app/id1462880009?mt=8
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bangkokbiznews.com
URL
https://www.bangkokbiznews.com/
Domain
nenkin-tetsuzuki.net
URL
https://nenkin-tetsuzuki.net/sitemap_mir/appoint.xml?action=update
Domain
apps.apple.com
URL
itms-appss://apps.apple.com/US/app/id1462880009?mt=8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.apple.com/US/app Name: geo
Value: JP
.bangkokbiznews.com/ Name: _cfuvid
Value: TFA_kOxRUVENCom_m9R16C8KDCkZyO7PRMX2I2hraXM-1734737138903-0.0.1.1-604800000
cdn.khan2.com/ Name: view
Value: 0

4 Console Messages

Source Level URL
Text
javascript warning URL: https://tongji.khan2.com/tongji2.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn2.khan2.com/f.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tongji.khan2.com/tongji2.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn2.khan2.com/f.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn2.khan2.com/f.php(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn2.khan2.com/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn2.khan2.com/f.php(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn2.khan2.com/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.apple.com
cdn.khan2.com
cdn2.khan2.com
fonts.gstatic.com
image.bangkokbiznews.com
nenkin-tetsuzuki.net
tongji.khan2.com
www.bangkokbiznews.com
apps.apple.com
nenkin-tetsuzuki.net
www.bangkokbiznews.com
104.251.228.22
142.250.76.131
172.67.133.243
172.67.204.164
2606:4700:3032::ac43:85f3
0591d5ce3222791e320bae6c26cdcc464579a19953022ee6368d1a1631690cf5
0d52215a761755b0a4ef082d71dde7787a3530c4886b6df417ccf1de3d462bce
1c03deaf5c89242d62c02103c3864091c3b4d1c9fd1a3c1f6d2e52b2043b5992
1d28cf435c048bd9a22a051660390145706a1bdf32e01dffbad491d55bdcd8fe
1ff28c2a1e4799953822d3139d02cbfba14428ec900a5bdd4478b6847e36f903
206f5e581a2f73b3e1314bfcdf323dd7af237d4f8be6442b21075d8d6174ee48
27a81079502143e1247e6fbbe9148cb9059fd7a3cf4cd703211c432b5d7eb37c
3a7e8b7fc288eaad001b6299693fbb9b29aa58880259d3d7b6f24c7afed26fc5
41276a8c6bb481496aed93a7915aa95c74ef07311344c475cee546d69a934242
4ed35744a314ecc235b9520c2cc1ecee0d3d1d65eaebcb6a6d006ce4754162c6
52d511694c4f13d8682ecb1e718a13ffd5b40f198e0082384e90d49cc3cdacab
5315887643d6e74007c5edcdc0eec512482f9ac86460e8634a94711742ea3a79
6095bcf91b05fc4b540bc1ca31d53ce9f1d6821d147c7e32377b995bbca63daa
65eda0e9251159f8743adb86814ee93b8bc22075e4c69ba61287b49580e085fd
78755d97c501047393674d994653781705433e39114874d9f60afb7612c92326
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8de7b44a45abde0ac279cffde484137d162800756f2327199a8618ca505860cc
9747cb074fbfc89a56ea173c6776937f4e790fc5d24ee94d4f0e76e09dd4f49d
c4917ebce93171c19e4781e851c82de695b8fb8c334715d502cb9cdc2a916260
c4db70cf7a59ade47aa89fe38f62d8592ce59eec1a49c18f299abb7084aa4801
cce8375af1e00cfc34332af5080c5d0427d8db397a61ede4e4df37b7df54e70a
cf58e23482616def52d964777c7109f80eba488ed8f7b2b2ecd2b19993f5f296
e21e380b928c9b82b8ca09a883c836c57b819c88478f006054f56ad6ecaa1555
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ce93bfaca24b641f2844d1a3c6fb3588af7937f176746d8e981ed8e3f4efd5
f22c5cea9bfd8d363558d3f00fe1dacdc06ec56d5dce4af953e37c4c4a4b63c5