Submitted URL: https://google.us/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0
Effective URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%...
Submission: On January 29 via manual from AU — Scanned from US

Summary

This website contacted 9 IPs in 1 countries across 11 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3030::6815:13ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is heji.dealdashhub.com.
TLS certificate: Issued by E1 on December 27th 2023. Valid for: 3 months.
This is the only time heji.dealdashhub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
7 dealdashhub.com
heji.dealdashhub.com
258 KB
3 ipqscdn.com
www.ipqscdn.com — Cisco Umbrella Rank: 35826
fn.us.ipqscdn.com — Cisco Umbrella Rank: 35307
69 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
3 KB
2 discountdiscoverystore.com
t4.discountdiscoverystore.com
4 KB
1 quantumsurge.sc
quantumsurge.sc
657 B
1 gstatic.com
fonts.gstatic.com
19 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
29 KB
1 bcldtracker.com
www.bcldtracker.com
520 B
1 ip-40-160-10.us
ip66.ip-40-160-10.us
368 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 google.us
google.us — Cisco Umbrella Rank: 7035
1 KB
15 11
Domain Requested by
7 heji.dealdashhub.com 1 redirects t4.discountdiscoverystore.com
heji.dealdashhub.com
2 fonts.googleapis.com heji.dealdashhub.com
2 fn.us.ipqscdn.com t4.discountdiscoverystore.com
2 t4.discountdiscoverystore.com 1 redirects
1 quantumsurge.sc heji.dealdashhub.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com heji.dealdashhub.com
1 www.ipqscdn.com t4.discountdiscoverystore.com
1 www.bcldtracker.com 1 redirects
1 ip66.ip-40-160-10.us 1 redirects
1 www.google.com 1 redirects
1 google.us 1 redirects
15 12

This site contains no links.

Subject Issuer Validity Valid
ipqscdn.com
GTS CA 1P5
2023-12-03 -
2024-03-02
3 months crt.sh
fn.us.ipqscdn.com
R3
2024-01-28 -
2024-04-27
3 months crt.sh
dealdashhub.com
E1
2023-12-27 -
2024-03-26
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
quantumsurge.sc
GTS CA 1P5
2023-12-13 -
2024-03-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Frame ID: C7584DBBFBC821EB87C6D690EE790AE1
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Loyalty Program

Page URL History Show full URLs

  1. https://google.us/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
    https://www.google.com/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
    http://ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
    https://www.bcldtracker.com/L9B2Q2/3LH27NR/?sub1=105&sub2=41730_15&sub3=0_0_13267_7327345_md HTTP 302
    http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640... Page URL
  2. https://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640... HTTP 302
    http://heji.dealdashhub.com/fclkv2/icsir?bbb=1&cc=us&c=%7C437&clickid=w9a5on358k8vqequ2a51026g&id=w9a5on... HTTP 302
    https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php Page URL
  3. https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKej... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

79 %
IPv6

11
Domains

12
Subdomains

9
IPs

1
Countries

378 kB
Transfer

813 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://google.us/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
    https://www.google.com/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
    http://ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
    https://www.bcldtracker.com/L9B2Q2/3LH27NR/?sub1=105&sub2=41730_15&sub3=0_0_13267_7327345_md HTTP 302
    http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid= Page URL
  2. https://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=&tsrc=KcR6hLxt66|323377655991885d1822d6e8a63c5d06e7707f9b5ad8885724e3a7fd8501521f|100 HTTP 302
    http://heji.dealdashhub.com/fclkv2/icsir?bbb=1&cc=us&c=%7C437&clickid=w9a5on358k8vqequ2a51026g&id=w9a5on358k8vqequ2a51026g&k=sir-eff&s=1616&src=381&lpc=1706567291909&region=Florida&privacy=1&cep=eCbpgMX-haB78ATiY5_HxRh9bsJa2Dqbp24CuuNSrhIVnI2BY4Lgg-D-v9VWDL8Ch9wJoZ08tc3AN-jJhOVJjh-2crUmqiir8W6CDs7HZuyItMFtvoc0IboKoPTiCknh7dCgtpd72yODZeBAUG5kRRfbMMZJmCyw2maVoFRqvYmgZSYFC9JqopV8aTVEEpFSWMc1wlzozGxOyS2PJw9raf8PU1bllYXiDDNv521TbLe_-AbZGBi_LWWsMCRHD4HIsKfTJzxRm-LR8pI0xapYBaevNyYhwsg7XxC9tFHMKtLyJnybk9-V7brDec_Mem6-ZpNhMIxEr8HB6RwmAJyk7CKfRHLa3kyD4CM1WZ1betPSebwk1EEc--c0JVa1efGRMoc5ZJQ6u41X-vS-Z0tBpb28c66RTzouluA5iaU30FU0NQZ7B3o0U4FNilsSiFNacP7X4AHNe_Mr8pVMGbOcqeVt8PIAfFLJFejeEZF1acXxsjhBQXvpET9HaannzxUakieJ6DrWdCH90sFfXzxcuRK3Vha5-fm8OfsXGPQztYkHkf2CFkH77QsFH70NvWy6ZpOfVaZMC7errBKshIqjvT6Ratc8hb5TEyv3WCfjeFj6Ibxifa4q_z48TKQqNOlKw-fh5HrJ0TSHCpEAGQR9gMyJLAEkqvv4LEJCGNHVcAuPVNTEVcBel3IVJ-n7plSP&lptoken=1721061756fa905a915c&offer_id=437&keyword=sir-eff&source=381&affiliate_id=1616&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&aff_sub4=&aff_sub5=&aff_id=push_aff_id&vid=IPQS_100&cpc=0.0&modifier=&view=KcR6hLxt66&tracker=surfadvance.com&oho=t4.discountdiscoverystore.com&ptf=26934eb377001f66e37289a5c93fe284 HTTP 302
    https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php Page URL
  3. https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://google.us/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
  • https://www.google.com/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
  • http://ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0 HTTP 302
  • https://www.bcldtracker.com/L9B2Q2/3LH27NR/?sub1=105&sub2=41730_15&sub3=0_0_13267_7327345_md HTTP 302
  • http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=
Request Chain 4
  • https://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=&tsrc=KcR6hLxt66|323377655991885d1822d6e8a63c5d06e7707f9b5ad8885724e3a7fd8501521f|100 HTTP 302
  • http://heji.dealdashhub.com/fclkv2/icsir?bbb=1&cc=us&c=%7C437&clickid=w9a5on358k8vqequ2a51026g&id=w9a5on358k8vqequ2a51026g&k=sir-eff&s=1616&src=381&lpc=1706567291909&region=Florida&privacy=1&cep=eCbpgMX-haB78ATiY5_HxRh9bsJa2Dqbp24CuuNSrhIVnI2BY4Lgg-D-v9VWDL8Ch9wJoZ08tc3AN-jJhOVJjh-2crUmqiir8W6CDs7HZuyItMFtvoc0IboKoPTiCknh7dCgtpd72yODZeBAUG5kRRfbMMZJmCyw2maVoFRqvYmgZSYFC9JqopV8aTVEEpFSWMc1wlzozGxOyS2PJw9raf8PU1bllYXiDDNv521TbLe_-AbZGBi_LWWsMCRHD4HIsKfTJzxRm-LR8pI0xapYBaevNyYhwsg7XxC9tFHMKtLyJnybk9-V7brDec_Mem6-ZpNhMIxEr8HB6RwmAJyk7CKfRHLa3kyD4CM1WZ1betPSebwk1EEc--c0JVa1efGRMoc5ZJQ6u41X-vS-Z0tBpb28c66RTzouluA5iaU30FU0NQZ7B3o0U4FNilsSiFNacP7X4AHNe_Mr8pVMGbOcqeVt8PIAfFLJFejeEZF1acXxsjhBQXvpET9HaannzxUakieJ6DrWdCH90sFfXzxcuRK3Vha5-fm8OfsXGPQztYkHkf2CFkH77QsFH70NvWy6ZpOfVaZMC7errBKshIqjvT6Ratc8hb5TEyv3WCfjeFj6Ibxifa4q_z48TKQqNOlKw-fh5HrJ0TSHCpEAGQR9gMyJLAEkqvv4LEJCGNHVcAuPVNTEVcBel3IVJ-n7plSP&lptoken=1721061756fa905a915c&offer_id=437&keyword=sir-eff&source=381&affiliate_id=1616&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&aff_sub4=&aff_sub5=&aff_id=push_aff_id&vid=IPQS_100&cpc=0.0&modifier=&view=KcR6hLxt66&tracker=surfadvance.com&oho=t4.discountdiscoverystore.com&ptf=26934eb377001f66e37289a5c93fe284 HTTP 302
  • https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
aff_c
t4.discountdiscoverystore.com/
Redirect Chain
  • https://google.us/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0
  • https://www.google.com/amp/ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0
  • http://ip66.ip-40-160-10.us/cl/41730_md/105/13267/2182/0/0
  • https://www.bcldtracker.com/L9B2Q2/3LH27NR/?sub1=105&sub2=41730_15&sub3=0_0_13267_7327345_md
  • http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=
1 KB
1 KB
Document
General
Full URL
http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:550f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51df605198fbd21f68ede088e51f68f97aed1e937fc21385c82ef8ca100011bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
84d4e8191d3c744a-MIA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 29 Jan 2024 22:28:10 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMMjRBG41%2F3QXl0cZC0OLMGBxtWCojWJMg0OFE1RGMZCjrhe8S55MJDFFl3d%2FscNuW0nhJyEkke2RHyYtrk6ky5cFWbEP78yryy1GNuwnoX4K08%2FuwZxNVThkow%2Bce0tiwPm7aXMg3NwKls1bOuktDu%2BhsmL8UuPBOsxPw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
content-type
text/html; charset=utf-8
date
Mon, 29 Jan 2024 22:28:09 GMT
location
http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
490b95a3-f45f-4bb6-a8c0-979542e354f8
learn.js
www.ipqscdn.com/api/*/iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorP...
138 KB
68 KB
Script
General
Full URL
https://www.ipqscdn.com/api/*/iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorPiAKQ7wXitUZfARTr7jQGA0tJPo5CnlfkYpfY6NMdsoQxLTRzYRqOMbEFn0tkqtIFAnMPPFeX3nhSH9U5C/learn.js
Requested by
Host: t4.discountdiscoverystore.com
URL: http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8401 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f3d7d5baf59ad92ef44b928736ff67d7ae9071bfc3e83b26f7dcd712c4ba50

Request headers

Referer
http://t4.discountdiscoverystore.com/
Origin
http://t4.discountdiscoverystore.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:28:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20379
alt-svc
h3=":443"; ma=86400
pragma
cache
last-modified
Mon, 29 Jan 2024 16:48:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0H4%2Brdf%2FFlBkBOidpsZQeGjdLAlEw6HxiJzSTNukPx%2BDOZiOev8xJfQUEhFJqAqWNSpgnl0PzE8zK4nurlZpnPU3%2FF%2BXRMVBvxvYaclW4FQzfPAe6rdR4FXdUC0wlzvKOBfb17J88DHoAG7CQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-robots-tag
noindex
cf-ray
84d4e81cfb3db3e5-MIA
expires
Tue, 30 Jan 2024 11:48:31 GMT
udid.json
fn.us.ipqscdn.com/udid/
28 B
306 B
XHR
General
Full URL
https://fn.us.ipqscdn.com/udid/udid.json
Requested by
Host: t4.discountdiscoverystore.com
URL: http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US),
Reverse DNS
intimeclick.com
Software
/
Resource Hash
4ef9a8ee5fc89b74bf9a7d9aaebbe7d167765ea8a92d0a184302c7d9e72bc4c8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t4.discountdiscoverystore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 22:28:10 GMT
Last-Modified
Mon, 29 Jan 2024 22:28:10 GMT
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
close
Content-Length
28
Expires
Wed, 29 Jan 2025 22:28:10 GMT
fetch
fn.us.ipqscdn.com/api/*/iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmnto...
1 KB
1 KB
XHR
General
Full URL
https://fn.us.ipqscdn.com/api/*/iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorPiAKQ7wXitUZfARTr7jQGA0tJPo5CnlfkYpfY6NMdsoQxLTRzYRqOMbEFn0tkqtIFAnMPPFeX3nhSH9U5C/learn/fetch
Requested by
Host: t4.discountdiscoverystore.com
URL: http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US),
Reverse DNS
intimeclick.com
Software
nginx /
Resource Hash

Request headers

Referer
http://t4.discountdiscoverystore.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 29 Jan 2024 22:28:12 GMT
Server
nginx
Connection
close
X-Robots-Tag
noindex
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
index.php
heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/
Redirect Chain
  • https://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=&tsrc=KcR6hLxt66|323377655991885d1822d6e8a...
  • http://heji.dealdashhub.com/fclkv2/icsir?bbb=1&cc=us&c=%7C437&clickid=w9a5on358k8vqequ2a51026g&id=w9a5on358k8vqequ2a51026g&k=sir-eff&s=1616&src=381&lpc=1706567291909&region=Florida&privacy=1&cep=eC...
  • https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php
1 KB
1 KB
Document
General
Full URL
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php
Requested by
Host: t4.discountdiscoverystore.com
URL: http://t4.discountdiscoverystore.com/aff_c?offer_id=437&aff_id=1616&aff_sub=sir-eff&source=381&aff_sub2=c84adf640a114a23b4524e7e27f2ff55&aff_sub3=105&vid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://t4.discountdiscoverystore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84d4e82bdd5274a6-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 22:28:13 GMT
location
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?cucumi=musowuduxuconarafu
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BcX2gHEce63vVezEkV%2B0azXuSLjAry3j5oJVBF1CAYj%2FA6btDJ%2BYhMbyFRJdfR4Cc7J3BW2d7vXpISAG0lygevhTPLZapJuBeGWeFpg3u%2B%2B%2BH38ec82BPrhQPIRQJYDa9drt3nc17qFrXhzwTe%2FXd4sgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
84d4e828297eb3b6-MIA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 22:28:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php#/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs%2Fc%2FxxqNq6DOSclACtcLrjPyEvX2qsktKJqsnmaNMvRieNenMJiuTTyRFGecd3d4Yl7hLnAfZPmWORrTNzQPz3JwgeYwdSKDOniBb47P62EG0T1e1pLxT3Tnoo%2FOhAPtOSB%2BV3q0m7nwLbDtGw0jpog6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
Primary Request index.php
heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/
249 KB
121 KB
Document
General
Full URL
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a0e85e091a70f7e436f7c330b443b467abbe32052fc097a72531dd3602a067

Request headers

Referer
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84d4e82f7c2674a6-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 22:28:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqkNXRmMyPjlE0jBfP0Ry%2FfLSnHzRuPA0lpY60juKJrYcRD%2FeSh3AmxbcPCWzePYf%2Fz8gA5ZPcAYVTBHLl%2FLhl0DKmOK3888SRurXbvAMAdGab6iUyI6COMgazb0svwSD0fsqsTV0B%2FOMTGUOqckvAixyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery-2.2.4.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://heji.dealdashhub.com/
Origin
https://heji.dealdashhub.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:28:13 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
11663494
x-cache
HIT, HIT
content-length
29811
x-served-by
cache-lga21935-LGA, cache-mia-kmia1760058-MIA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706567294.711864,VS0,VE0
etag
W/"28feccc0-14e4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
43, 94543
css2
fonts.googleapis.com/
13 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3c840d7c2949eeace0bdf8ba905443d44391c25c35a0f44f38d44ec5ebe5f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heji.dealdashhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 22:28:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 22:21:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 22:28:13 GMT
css2
heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/icsir/0_files/
719 B
1 KB
Stylesheet
General
Full URL
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/icsir/0_files/css2
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddcdcdf09c83ca159b19c865bddcaaf1ae004a435846c83df733007f5c243f92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:28:14 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 25 Oct 2023 20:20:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2cf-608902f086168"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8JXklknC475%2FaXNeIoASEj41%2F3y7cG8IwjbT4o80InHs3r1K9ACULE085Uw5ZtY4TTJbupdk4llG3hrJ%2B5QT32II6fEOThyrYAhxlCy9XQutjfu0NLnVb2WS94sUZXcNEz66R7vmrku1PUjPa89ecF8sg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
84d4e8320b41da8b-MIA
alt-svc
h3=":443"; ma=86400
content-length
719
css2(1)
heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/icsir/0_files/
719 B
1 KB
Stylesheet
General
Full URL
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/icsir/0_files/css2(1)
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddcdcdf09c83ca159b19c865bddcaaf1ae004a435846c83df733007f5c243f92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:28:14 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 25 Oct 2023 20:20:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2cf-608902f086168"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KypFWtUDqeGcLdHqLzyqmhH35zd9FmrBDot1qGrHDgJib2XCgQwzW19gt78aEaGwhp2q%2B%2BdPw8ZPNgFkMWPzh3i2lvZrx9WZgdrB%2FpiKw%2Be%2FbZvSUvQeuWeUKa0PEoyWWj6KYJncL3q672EZTjJ3nQlWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
84d4e8320b44da8b-MIA
alt-svc
h3=":443"; ma=86400
content-length
719
bundle.6659c6537395db0e8db6.css
heji.dealdashhub.com/icsir/0_files/
75 KB
15 KB
Stylesheet
General
Full URL
https://heji.dealdashhub.com/icsir/0_files/bundle.6659c6537395db0e8db6.css
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60c23703dc6deba253295a48eced321007241d48da3ffa7ea99e6d0419dceaa5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:28:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Oct 2023 20:20:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3806
etag
W/"12a97-608902f086168-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zz0991HrWSyT8LiSpo1j8Ko4pihklYyRfD%2Bpf8ePILjaYHDj9frxALToDd%2Boecukys89aEHxbm1I5LYu4oB8hC%2FcOG3W9OrUFkUp3STn%2BMWNqG2cCuwnasEAfSC3OEYDgM6eH7bwQ%2F0do2zwA1gJWhW5Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84d4e8320b46da8b-MIA
alt-svc
h3=":443"; ma=86400
sirar3.jpg
heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/icsir/0_files/
115 KB
116 KB
Image
General
Full URL
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/icsir/0_files/sirar3.jpg?v=1
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:13ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77926b42e6fef1e7296f77a5643ff1f002382ab718da4570aad17d6990d9a94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:28:14 GMT
cf-cache-status
MISS
last-modified
Wed, 25 Oct 2023 20:20:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1cc5a-608902f086168"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0YtCDwtagkmHb7FRvgVFxxbLAj4I0duTyN6Jw4MrrYBEs4%2Fm49JmDol%2BrYP7XDv0aRI%2Fvkz8klNGol8%2FckWsLuJXRsRLzo2xjQ9S392ARlNHQ7kcD8i00%2F1IcRT85Pes%2BzOgO3g0CGtuqnoP%2BJ3fRqH4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84d4e8320b4ada8b-MIA
alt-svc
h3=":443"; ma=86400
content-length
117850
css2
fonts.googleapis.com/
2 KB
513 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/icsir/0_files/bundle.6659c6537395db0e8db6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heji.dealdashhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 22:28:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 21:47:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 22:28:13 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://heji.dealdashhub.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:17:34 GMT
x-content-type-options
nosniff
age
213040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18704
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Jan 2025 11:17:34 GMT
truncated
/
114 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e18dd8bb12713b5e48a3ed7fc288dadda1bfb5aa9385ffdb7aac0b6072e9c25b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/jpeg
41c158b1-444a-4054-ab22-2415f1921e4d
quantumsurge.sc/i/18d17a1b-e6ab-4655-9f3a-70d03c2571ce/
2 B
657 B
Image
General
Full URL
https://quantumsurge.sc/i/18d17a1b-e6ab-4655-9f3a-70d03c2571ce/41c158b1-444a-4054-ab22-2415f1921e4d
Requested by
Host: heji.dealdashhub.com
URL: https://heji.dealdashhub.com/jakoji/yime/wo/hizevoyu/index.php?rpclk=8W1H8WHj5m9sQw%2FLkNVbnWFtd%2Ft2SKejvOlCvnpy31DkaXE4jx1%2F3e4sae744OCt76aV511wOPXAtlNVLi2iqhWRe0Xsdwm2G1Ax7mw2B2ymH9ZM5U6Y5d%2FE62TZiuwXb8roM7vRQZKGcpVMxSNPQm%2BHStrM1AcpzuQkOYGwnTMgKozACoY84aifHCYhmMUZe3md3pW33Hd6lsRtPLxImUe4UD4gSl4R1PNoQRNzkQo1OuSajr4WHNwsFs2e4FzgK6HsNyrcbblVML%2BXEoEBR9rDLkIydnkTjKuguz0fwMXYiLhO6haBtq2BCg8lqVeulanJsehUOBEIYVqjidJS70Hw9osmWwb%2B2Y7JESsm6vIAPLVXfQQBxrJIwIDSRBgAXS4VykCYTF%2BSnLaHnXEiu%2Bxa27T84D4NsHLYsOy5gL4hGsFGr%2B8duw0EWJWa0HCiQLoxT8oVSQeDRmz02sK%2Fkxh2a15BOriPLVVkFP1JxdWXJzAHiiBGQuscgRrQBagJwFdK0JwxU0UgfVP%2FeVlXFae4zRI7d8NSRI2J%2BrCRzgxMiuZ8vpDf8Ecv%2FYQG0qHe5XzaGcjA%2BPPt1i%2Fjug1D3cUFlEL8ICiGijUMklA%2FMNVwWw9trSq6tc8xXg7Uj%2B5T8WYqrWTW9IIEjaYyLWUovgBLIDWmR3TSa3%2BXebMXwsQV8dc3asVov39E6YMG4914CovXCdu3%2FNQOQ44x%2FM3RpSt5mk2AfqRI9NlTkiVIOLOEXioKAeoTaNTRsD5p3J681uL2uCQpXP%2BuoOq1LeJszNXcjkM9PywU6oP1leKGIGvB81w5qCIn%2B4QW5pHN%2BqxbmY87LGTelRZEN9jB1iOAVzEvsPyS2FPgoak%2FNKUqLMnn5di30A6jIQiFB8O%2BG9qCMfm8sGIgJawyaHhvIV1JCKGGpiwnzDDdL98p8ChrYbhZd5nbuDbVbQf%2Bi5JSvv9%2BhvP8PFN%2FZul8haPEUvHOm0kjZEvYO4pqoRw7RM2nN0bkzxE2vldz09%2FhHJxZ42VQiOG5%2BOFsDvZroyJvod1bA9en4WjgW9K8xmoWg%2FNqK5TMzxzIyOllx2N2jG2GSuNj79M%2Bm7mj0OqojAjaF%2BwtlJHJTYA4AMAjgzHiG46MOxTJ6nG9bZDG%2BELbD%2B%2F5RvlvcbF3BaL%2FBYpcmML7%2BfEdbQa3ZKnniAZ8j2rQYh0HawglBylvBUBPwtffS0GPAhJbgVl7qx%2FZq8%2FTb%2F%2B0%2FedoDZQAGzhk2gkd7hZLAGhXtKxjEJw%2FbH%2Fl%2FyckdMppZM%2F4cHhLfm4ZJUOMAv1Ygri9ux%2FhnIFVlsdIBlVYDkiw1Zfh19cJu1MAGZgEcJFyRsOxQPXu4PcSMliI3N7I7aXmmY3CBXX9gGNjEGLq%2FJdjnxPTWHS3Aoqhdb%2BWSCCH54NEL%2BoUXN1udCDrM9wyokC7mJD%2ByQSGqfuWxZy17FdF2o%2F8vT3C8z16RhovyM%2BM5czqtPhUALVnh2K5kel%2B6QPwEpWx5Q%2FeEHqSq%2B1BVhGJzSC1UoP7yZKRDP0qK94%2BEAg%2FYSnFma06ybqU4nEXpLbs183ZVT9VdO0Lv01KnDZiJMPl06cBgbwIPfIKbbuMVQcgfMkLr8LbdDEDfhBFUHMunPF31FfpX6ajlwEGQVDzzQwYvvzMywLNJoCiu%2FI7zV8D2PyIKih8%2FtyBbox6fBkbV4SKrU6wilsE%2BSza97%2Bs71WO3JF13rSpHuQarwNpFOpCRR8I1GOmbtgnLflWzvcOlb79Hs3doIoQvvyPd1PYP9EUYR5JmPtqCqzjKA%3D%3D%3A%3A8c656003b1be055b43b01fe5b73757f1&p=grWv%2F4pi4889QJf3Geau%3A%3Aa022ac7f9318272fe8b3f5f475d532b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c6dc -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heji.dealdashhub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:28:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
3628800
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7jkeu1abMHQgY5oVv352c2O6l%2FFzGmcQ99sYWGtP5Kr%2F5KovRZOjg3hZsKtk7TKkBXTpg9RACaBi27hF6luBcSXswQLwkb2T0JDO690SMuZ%2BzbMb8N2UwWxOe2gLfOphw8jYKWCNSiz2MMqOl0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84d4e8380caf67e1-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
content-length
2
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| r function| gotoLink

12 Cookies

Domain/Path Name / Value
.google.us/ Name: 1P_JAR
Value: 2024-01-29-22
.google.us/ Name: NID
Value: 511=jVmXjm4hDeqlusTgzkxucUnAPDIDfHCQIhUNEQOPGSWcZOmhEOAPcaeeAZpNSw1BsdzEjWMovphwzmUWrjz4WjM72kAjB3we56aOBEeWm57vNWKpgtANVet6nBTMV55vvTi60Et4Q645-hlE0Ry3VirJPXhzZ9QKxs1i_BdaPyU
.google.com/ Name: 1P_JAR
Value: 2024-01-29-22
.google.com/ Name: NID
Value: 511=Ip2Lct6m1N9W0UVTBIaYBPpVkcbpeF6VyI0h9wF0tTfDzVs1NH4gxwg0BaFlG6CxiWI9OVY-THtGtmAHGEeT6OgvJ6AJU2szF5WabDAmHhssc_-lldeaV4CYEpfoYyZauuBoNrFp7m_ighZHlnSuizqeESWCHrAvOurhdC1XnFU
www.bcldtracker.com/ Name: uniqueClick_3LH27NR
Value: db1ecdcd-c65a-462d-964b-bb0acd31136f:1706567289
www.bcldtracker.com/ Name: transaction_id
Value: c84adf640a114a23b4524e7e27f2ff55
t4.discountdiscoverystore.com/ Name: ipqsd
Value: 279134112097247680
.t4.discountdiscoverystore.com/ Name: device_id_1706567292
Value: KcR6hLxt66-1706567292
t4.discountdiscoverystore.com/ Name: fe9ecf68-6582-48ba-8fd6-8415647123fe-v4
Value: IGabZHjN8-W-KwlHa-RJJySIc-P2FRCAT9vHbmQN4RU
t4.discountdiscoverystore.com/ Name: cep-v4
Value: 8jopqbWqerqnvlBJoh2qrduMuCGYTTae1xUU4q-UWONkeoXmYjRJeoidz5bpe_Js97dROy2Ph7iRIkiQgOhBREcsmJBrwKZA7HE24buwF7mFqz-fUK7WKqsxqeJqJVKv-FPugI36acdtU9E7k-rtTw9DpY9X1KaFCdoFR38JV-b9Ubmsc6eDnuAjW7zSYeGxt9Iwg5h_dH9ZUCWCGNJiQBDHXQHfA24PpppwtT4G_jYh6gdM6QCAz39TGOezAHD6OFzmPQOyXueqgCFZh0F-U4wqALB_odKOp3HaXoycXX9knFAiGdpFa1s3SzNl-eJrwESwfewnd88Ek0Y3SHYbhAGNXRev9wtb268bFm-OFN4Rd_l3cTuIUf9I9LLcoir7DwUE1uZmFmeQ1Fg9OiDX82Rpg6W-7DLaTQdknA6u4t-pL3gTRzZ3v0OthfC5kag9R7NscmsQfNdw5gUOdryX5UBmH0DuJz8A8vdGqwXyvVAydr43D1u9S631E0rOPSPBYUHZnp6QWhH0k05hsA2bqdx6Nrkvd9tEU5S4M8Hc4Zu0QqRB-JS7FR2x3qY2dYy-Brwt9bLDVFl807rjQ6vKe31QNO0KZxpdRb4_0HGA36zjtAtg_aXyiFmj3Iq5rZ0jyPsse4cPPhlA1W-m9BA2hEKH_lRarhcjyfeOQeUojOrafxZNaw3SijIIg-PMya8V
heji.dealdashhub.com/ Name: PHPSESSID
Value: jgvg54f3car55en3e7kpploa1d
.heji.dealdashhub.com/ Name: cid
Value: w9a5on358k8vqequ2a51026g

2 Console Messages

Source Level URL
Text
rendering warning
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fn.us.ipqscdn.com
fonts.googleapis.com
fonts.gstatic.com
google.us
heji.dealdashhub.com
ip66.ip-40-160-10.us
quantumsurge.sc
t4.discountdiscoverystore.com
www.bcldtracker.com
www.google.com
www.ipqscdn.com
192.158.224.59
2606:4700:3030::6815:13ee
2606:4700:3032::6815:550f
2606:4700:3033::ac43:8401
2606:4700:3035::ac43:c902
2606:4700:3036::ac43:be7b
2606:4700:3037::ac43:c6dc
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::69
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1f::69
2a04:4e42:600::649
34.95.111.143
40.160.10.66
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
4ef9a8ee5fc89b74bf9a7d9aaebbe7d167765ea8a92d0a184302c7d9e72bc4c8
51df605198fbd21f68ede088e51f68f97aed1e937fc21385c82ef8ca100011bf
60c23703dc6deba253295a48eced321007241d48da3ffa7ea99e6d0419dceaa5
758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
a2a0e85e091a70f7e436f7c330b443b467abbe32052fc097a72531dd3602a067
c3c840d7c2949eeace0bdf8ba905443d44391c25c35a0f44f38d44ec5ebe5f37
d6f3d7d5baf59ad92ef44b928736ff67d7ae9071bfc3e83b26f7dcd712c4ba50
ddcdcdf09c83ca159b19c865bddcaaf1ae004a435846c83df733007f5c243f92
e18dd8bb12713b5e48a3ed7fc288dadda1bfb5aa9385ffdb7aac0b6072e9c25b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f77926b42e6fef1e7296f77a5643ff1f002382ab718da4570aad17d6990d9a94