Submitted URL: http://respiratorz.com/
Effective URL: https://respiratorz.com/
Submission: On August 30 via api from SG — Scanned from DE

Summary

This website contacted 12 IPs in 5 countries across 9 domains to perform 47 HTTP transactions. The main IP is 23.107.144.226, located in Los Angeles, United States and belongs to LEASEWEB-USA-LAX, US. The main domain is respiratorz.com.
TLS certificate: Issued by R3 on August 15th 2022. Valid for: 3 months.
This is the only time respiratorz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 23.107.144.226 395954 (LEASEWEB-...)
1 182.61.201.94 38365 (BAIDU Bei...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 182.61.201.93 38365 (BAIDU Bei...)
13 156.240.110.161 140227 (HKCICL-AS...)
2 47.242.182.1 45102 (ALIBABA-C...)
17 79.133.177.180 24429 (TAOBAO Zh...)
2 220.185.164.250 136190 (CHINATELE...)
3 47.254.187.186 45102 (ALIBABA-C...)
1 2409:8c20:5c6... ()
1 240e:97b:500:... ()
47 12
Apex Domain
Subdomains
Transfer
17 psmtywu.cn
lyc-tore-prod-landing-material-hz.psmtywu.cn
2 MB
13 bense707.com
www.bense707.com
46 KB
4 cnzz.com
s4.cnzz.com — Cisco Umbrella Rank: 69159
c.cnzz.com — Cisco Umbrella Rank: 59928
z3.cnzz.com
ei.cnzz.com
5 KB
4 baidu.com
push.zhanzhang.baidu.com — Cisco Umbrella Rank: 84202
hm.baidu.com — Cisco Umbrella Rank: 8572
api.share.baidu.com — Cisco Umbrella Rank: 59455
13 KB
3 aliyuncs.com
lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com
12 KB
3 respiratorz.com
respiratorz.com
www.respiratorz.com
2 KB
2 hotline.gd.cn
app-api-aaa.hotline.gd.cn
366 B
0 mmstat.com Failed
cnzz.mmstat.com Failed
0 qihucdn.com Failed
js.passport.qihucdn.com Failed
47 9
Domain Requested by
17 lyc-tore-prod-landing-material-hz.psmtywu.cn www.bense707.com
13 www.bense707.com respiratorz.com
www.bense707.com
3 lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com respiratorz.com
2 app-api-aaa.hotline.gd.cn www.bense707.com
2 hm.baidu.com www.respiratorz.com
respiratorz.com
2 respiratorz.com 1 redirects
1 ei.cnzz.com
1 z3.cnzz.com
1 c.cnzz.com s4.cnzz.com
1 s4.cnzz.com www.bense707.com
1 api.share.baidu.com respiratorz.com
1 push.zhanzhang.baidu.com www.respiratorz.com
1 www.respiratorz.com respiratorz.com
0 cnzz.mmstat.com Failed
0 js.passport.qihucdn.com Failed www.respiratorz.com
47 15

This site contains no links.

Subject Issuer Validity Valid
m.respiratorz.com
R3
2022-08-15 -
2022-11-13
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2022-07-05 -
2023-08-06
a year crt.sh
www.bense707.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-30 -
2023-08-30
a year crt.sh
*.hotline.gd.cn
Sectigo RSA Domain Validation Secure Server CA
2022-05-20 -
2023-05-20
a year crt.sh
*.psmtywu.cn
Sectigo RSA Domain Validation Secure Server CA
2022-08-22 -
2023-08-22
a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-01-11 -
2023-02-12
a year crt.sh
*.oss-eu-central-1.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-01-20 -
2023-02-21
a year crt.sh

This page contains 2 frames:

Primary Page: https://respiratorz.com/
Frame ID: 7F5854BF7126078290279F2DD8618266
Requests: 7 HTTP requests in this frame

Frame: https://www.bense707.com/c2.html?c=sktsjc
Frame ID: 0C8D2CF88E87DDF3FC998C04F1075959
Requests: 54 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://respiratorz.com/ HTTP 301
    https://respiratorz.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

91 %
HTTPS

18 %
IPv6

9
Domains

15
Subdomains

12
IPs

5
Countries

1942 kB
Transfer

3401 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://respiratorz.com/ HTTP 301
    https://respiratorz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
respiratorz.com/
Redirect Chain
  • http://respiratorz.com/
  • https://respiratorz.com/
54 B
193 B
Document
General
Full URL
https://respiratorz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.107.144.226 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
nginx /
Resource Hash
84d1b5ff8ce413c0e21edaaf99b6bf17689e34f709eb4e9c439d20f7619830a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 30 Aug 2022 10:45:12 GMT
location
https://www.respiratorz.com/
server
nginx
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 30 Aug 2022 10:45:11 GMT
Location
https://respiratorz.com/
Server
nginx
Strict-Transport-Security
max-age=31536000
johar.js
www.respiratorz.com/
3 KB
2 KB
Script
General
Full URL
https://www.respiratorz.com/johar.js
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.107.144.226 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
nginx /
Resource Hash
57ef08ae29eb2f993256a86c925d0d13dbf4cb709f38a5c72c2eaef0cc4561fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://respiratorz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:13 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 06:15:39 GMT
server
nginx
etag
W/"6304708b-a55"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Tue, 30 Aug 2022 22:45:13 GMT
push.js
push.zhanzhang.baidu.com/
281 B
923 B
Script
General
Full URL
https://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.respiratorz.com
URL: https://www.respiratorz.com/johar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.201.94 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://respiratorz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 10:45:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
227
Expires
Wed, 30 Aug 2023 10:45:15 GMT
11.0.1.js
js.passport.qihucdn.com/
0
0

hm.js
hm.baidu.com/
30 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?80d156ee7fa58859098af0ce600b7c20
Requested by
Host: www.respiratorz.com
URL: https://www.respiratorz.com/johar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
60d3284a4dbe915aeb039982dedff46ff4940828fb3dd0ee343a7dfe6485fee5
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://respiratorz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 10:45:17 GMT
Content-Encoding
gzip
Server
apache
Etag
2e9904d5c840d6be504101eafed69e03
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11336
s.gif
api.share.baidu.com/
0
116 B
Image
General
Full URL
https://api.share.baidu.com/s.gif?l=https://respiratorz.com/
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://respiratorz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 10:45:18 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
c2.html
www.bense707.com/ Frame 0C8D
11 KB
3 KB
Document
General
Full URL
https://www.bense707.com/c2.html?c=sktsjc
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0042b61319e3ab9627d3582529ff01884ff488dc61b8718173e2ef886e8489b4

Request headers

Referer
https://respiratorz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache private
content-encoding
gzip
content-type
text/html
date
Tue, 30 Aug 2022 10:45:16 GMT
etag
W/"630a4dfd-2d8c"
last-modified
Sat, 27 Aug 2022 17:01:49 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
settings.js
www.bense707.com/lib/ Frame 0C8D
407 B
517 B
Script
General
Full URL
https://www.bense707.com/lib/settings.js
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1f0d477c315a0e314245e648fc6cce59333529817f32a7a48569db71054c7dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:16 GMT
content-encoding
gzip
last-modified
Sat, 27 Aug 2022 12:19:26 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"630a0bce-197"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private
jquery-3.6.0.min.js
www.bense707.com/lib/ Frame 0C8D
87 KB
30 KB
Script
General
Full URL
https://www.bense707.com/lib/jquery-3.6.0.min.js
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:16 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 16:49:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62eaa72f-15d9c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private
clipboard.min.js
www.bense707.com/lib/ Frame 0C8D
9 KB
3 KB
Script
General
Full URL
https://www.bense707.com/lib/clipboard.min.js
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:16 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 16:49:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62eaa72f-234a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private
init.min.css
www.bense707.com/ Frame 0C8D
2 KB
1 KB
Stylesheet
General
Full URL
https://www.bense707.com/init.min.css
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9d61b361e6e464d91fa43ba5c81f7e61f57641a1e827311e5e732329c01094d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:16 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 16:49:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62eaa72f-8e8"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, private
styles.min.css
www.bense707.com/c2_click/css/ Frame 0C8D
8 KB
2 KB
Stylesheet
General
Full URL
https://www.bense707.com/c2_click/css/styles.min.css
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
702260065d53e2a367d828c982c080b40184a6d622609b93e2b0f226a6cd0170

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:16 GMT
content-encoding
gzip
last-modified
Sat, 27 Aug 2022 16:54:48 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"630a4c58-213c"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, private
launcher-icon.png
www.bense707.com/%7B%7BossPath%7D%7D/style2/image/ Frame 0C8D
564 B
564 B
Image
General
Full URL
https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/launcher-icon.png
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:17 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html
arrow.png
www.bense707.com/%7B%7BossPath%7D%7D/style2/image/ Frame 0C8D
564 B
564 B
Image
General
Full URL
https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/arrow.png
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:17 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html
arrow-right.png
www.bense707.com/%7B%7BossPath%7D%7D/style2/image/ Frame 0C8D
564 B
564 B
Image
General
Full URL
https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/arrow-right.png
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:17 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html
index.min.js
www.bense707.com/c2_click/js/ Frame 0C8D
7 KB
3 KB
Script
General
Full URL
https://www.bense707.com/c2_click/js/index.min.js
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2.html?c=sktsjc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d9e786abe5668124915989f46e48b11c7650131f2de5c09cce5013ae175e9867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:17 GMT
content-encoding
gzip
last-modified
Sat, 27 Aug 2022 16:54:48 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"630a4c58-1cec"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1995235020&si=80d156ee7fa58859098af0ce600b7c20&v=1.2.97&lv=1&sn=19788&r=0&ww=1600&ct=!!&u=https%3A%2F%2Frespiratorz.com%2F
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://respiratorz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Aug 2022 10:45:17 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
landing
app-api-aaa.hotline.gd.cn/api/v1/statistics/ Frame
0
0
Preflight
General
Full URL
https://app-api-aaa.hotline.gd.cn/api/v1/statistics/landing
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.242.182.1 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bense707.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-CustomHeader, COOKEI, AuthDog
access-control-allow-methods
GET,POST
access-control-allow-origin
*
date
Tue, 30 Aug 2022 10:45:18 GMT
server
nginx/1.18.0 (Ubuntu)
bg-top-area.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
814 KB
816 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/bg-top-area.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
08e40a4bf9f9fb875de59093d8eb1cbad5497a0e463f002db612878b2abbbddc

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 09:46:38 GMT
via
cache21.l2de2[1102,1103,304-0,M], cache17.l2de2[1104,0], cache2.de3[0,0,200-0,H], cache14.de3[3,0]
x-oss-request-id
630DDC7E6FB42B3339441679
content-md5
yhkjntGWxFupC/K00OsJ2w==
age
3519
x-cache
HIT TCP_MEM_HIT dirn:13:464297098
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 09:46:38 GMT
content-length
833604
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:45 GMT
server
Tengine
etag
"CA19239ED196C45BA90BF2B4D0EB09DB"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
7931774474480943588
eagleid
4f85b1a216618563176794693e
x-oss-server-time
10
ali-swift-global-savetime
1661852798
bg-bottom-area.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
45 KB
46 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/bg-bottom-area.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
0a645643a77c90707814969b296f5402e52cae9a2b03c644df578958a47134db

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:38 GMT
via
cache26.l2de2[0,0,304-0,H], cache26.l2de2[0,0], cache8.de3[0,0,200-0,H], cache14.de3[4,0]
x-oss-request-id
630DE8EA53BCC6363198975A
content-md5
QBHyUcqpHKFX9I/JytPWIA==
age
339
x-cache
HIT TCP_MEM_HIT dirn:12:846851481
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
46200
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"4011F251CAA91CA157F48FC9CAD3D620"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
2733628038832534044
eagleid
4f85b1a216618563176794696e
x-oss-server-time
8
ali-swift-global-savetime
1661855978
video-cover-1.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
141 KB
142 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/video-cover-1.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
0384df9e4f4c525de04bcbf9b45e8755230b3f3d04e5b3ca1fab55789e34b9af

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:38 GMT
via
cache15.l2de2[0,0,304-0,H], cache5.l2de2[0,0], cache9.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8EA3D53853839A7FA64
content-md5
ujujQCAw1KktEOkYHTDiDw==
age
339
x-cache
HIT TCP_MEM_HIT dirn:12:703258861
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
144476
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"BA3BA3402030D4A92D10E9181D30E20F"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
9886086750005045144
eagleid
4f85b1a216618563176794699e
x-oss-server-time
3
ali-swift-global-savetime
1661855978
video-cover-2.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
155 KB
155 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/video-cover-2.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
21a260ea3acca3ec64e3274b8cf07450bb6a2c36f479550f8c5eb5c2ee44d5ff

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:38:30 GMT
via
cache8.l2de2[0,0,304-0,H], cache25.l2de2[0,0], cache2.de3[0,0,200-0,H], cache14.de3[4,0]
x-oss-request-id
630DE8A609E5983838381056
content-md5
yeX+VbBU/rPwka7HJpGISw==
age
407
x-cache
HIT TCP_MEM_HIT dirn:13:230315118
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
158336
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"C9E5FE55B054FEB3F091AEC72691884B"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
9021358266215257119
eagleid
4f85b1a216618563176794700e
x-oss-server-time
3
ali-swift-global-savetime
1661855910
video-cover-3.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
157 KB
157 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/video-cover-3.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
10121c2d4a3d6947a269159ad6a7bde1565ad0b19dfac403fbe44adfbf43d667

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache15.l2de2[0,0,304-0,H], cache16.l2de2[0,0], cache5.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8E994C77F32363C21CD
content-md5
58qFghvU16ztXP+xzfL3uA==
age
340
x-cache
HIT TCP_MEM_HIT dirn:12:922853981
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
160264
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"E7CA85821BD4D7ACED5CFFB1CDF2F7B8"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
2371107073738627505
eagleid
4f85b1a216618563176794701e
x-oss-server-time
8
ali-swift-global-savetime
1661855977
video-cover-4.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
171 KB
171 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/video-cover-4.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2340bf4897b8c9f9928588ccd8ff25211ffd401709afe9e7f33b9280c4ed2558

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:38 GMT
via
cache1.l2de2[0,0,304-0,H], cache11.l2de2[1,0], cache8.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8EA94C77F32325127CD
content-md5
+JH59zCbE5netfpvqjLraA==
age
339
x-cache
HIT TCP_MEM_HIT dirn:13:829936078
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
174772
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:43 GMT
server
Tengine
etag
"F891F9F7309B1399DEB5FA6FAA32EB68"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
15610143445925774971
eagleid
4f85b1a216618563176794703e
x-oss-server-time
55
ali-swift-global-savetime
1661855978
video-cover-5.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
144 KB
144 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/video-cover-5.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
72da5942860abeaaabce6d6464bd8f9e120aee31bf5d93fc05666c0c99edd4a9

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache17.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache1.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8E9A7BABC343222B989
content-md5
VqvPBy84LbKaNOhQIt6TDA==
age
340
x-cache
HIT TCP_MEM_HIT dirn:12:686387163
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
147076
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:43 GMT
server
Tengine
etag
"56ABCF072F382DB29A34E85022DE930C"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
4946009201813423964
eagleid
4f85b1a216618563176794704e
x-oss-server-time
9
ali-swift-global-savetime
1661855977
video-cover-6.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
144 KB
144 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/video-cover-6.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f67e698022109b746c56e3cd5f791f5750cd00c87b4a993180eeafc79815a929

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:38 GMT
via
cache6.l2de2[0,0,304-0,H], cache6.l2de2[0,0], cache14.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8EA94C77F33313C27CD
content-md5
+JtiuO2Dqe+M+O9i37OFTg==
age
339
x-cache
HIT TCP_MEM_HIT dirn:12:172691956
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
147152
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:43 GMT
server
Tengine
etag
"F89B62B8ED83A9EF8CF8EF62DFB3854E"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
3395536445675111081
eagleid
4f85b1a216618563176794705e
x-oss-server-time
3
ali-swift-global-savetime
1661855978
comment-1.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
7 KB
7 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/comment-1.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
831cddfaee700b1c80251ee237d83cdcad1b16d878947ba05dd1275e72273d7a

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:38 GMT
via
cache12.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache13.de3[0,0,200-0,H], cache14.de3[4,0]
x-oss-request-id
630DE8EA09E5983333B8C957
content-md5
GvY5ygEb7SWxFsGZIptCqw==
age
339
x-cache
HIT TCP_MEM_HIT dirn:12:859571742
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
6728
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"1AF639CA011BED25B116C199229B42AB"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
11880131270936455000
eagleid
4f85b1a216618563176894709e
x-oss-server-time
7
ali-swift-global-savetime
1661855978
comment-2.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
6 KB
7 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/comment-2.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
eac9b83200318bdcc940a3f84be4cee34fc307dfaed76f6c673ff59c89cf7958

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache10.l2de2[0,0,304-0,H], cache19.l2de2[0,0], cache2.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8E9716A9C3031AC9C72
content-md5
4hFZyzYZnMPDzedPYPNvlA==
age
340
x-cache
HIT TCP_MEM_HIT dirn:12:227298972
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
6572
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"E21159CB36199CC3C3CDE74F60F36F94"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
6263357543608293664
eagleid
4f85b1a216618563176894710e
x-oss-server-time
3
ali-swift-global-savetime
1661855977
comment-3.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
7 KB
7 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/comment-3.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
db262fb7c28cfb5f76879b3427890cfa9e14ff8b6fd27832d75006f29caac1a9

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache8.l2de2[0,0,304-0,H], cache20.l2de2[0,0], cache4.de3[0,0,200-0,H], cache14.de3[4,0]
x-oss-request-id
630DE8E93D5385353895F364
content-md5
IBzUusZWuc/2IVy7fX0tTw==
age
340
x-cache
HIT TCP_MEM_HIT dirn:12:859880602
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
6800
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"201CD4BAC656B9CFF6215CBB7D7D2D4F"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
7718014607514580760
eagleid
4f85b1a216618563176894712e
x-oss-server-time
8
ali-swift-global-savetime
1661855977
comment-4.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
6 KB
6 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/comment-4.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
accc9f6772851f36c35c3763c748d0c0cf76abcf4c43542b49c83c8d9614ad94

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache9.l2de2[0,0,304-0,H], cache14.l2de2[1,0], cache13.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8E9E20C8C3333C5B531
content-md5
WHh7QKvuYMaLOlKd/2wrwQ==
age
340
x-cache
HIT TCP_MEM_HIT dirn:13:865957002
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
6292
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"58787B40ABEE60C68B3A529DFF6C2BC1"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
15562976145486833059
eagleid
4f85b1a216618563176894714e
x-oss-server-time
8
ali-swift-global-savetime
1661855977
comment-5.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
7 KB
8 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/comment-5.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d43a0d2460a03f267c079b3bb8e7541fec8f52ed83e63c694e459e0d47e0c329

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache12.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache11.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8E9E3B51E3035E367E2
content-md5
ITKPvb5vnyRyhJPuRSr7GA==
age
340
x-cache
HIT TCP_MEM_HIT dirn:13:59573339
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
7440
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"21328FBDBE6F9F24728493EE452AFB18"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
5383926555899991133
eagleid
4f85b1a216618563176894715e
x-oss-server-time
8
ali-swift-global-savetime
1661855977
comment-6.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
6 KB
6 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/comment-6.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4e5bbdf8a9a4260b49e8001d888253c72d3d3572e1d7bf247c6ee4d01eff66ad

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:38 GMT
via
cache20.l2de2[0,0,304-0,H], cache6.l2de2[1,0], cache14.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8EA09E5983439BCC957
content-md5
Cg3/jxEjU4xHGxUcQsDD8A==
age
339
x-cache
HIT TCP_MEM_HIT dirn:13:174816685
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
6280
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"0A0DFF8F1123538C471B151C42C0C3F0"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
11072973934280057059
eagleid
4f85b1a216618563176894716e
x-oss-server-time
7
ali-swift-global-savetime
1661855978
comment-7.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/ Frame 0C8D
6 KB
7 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/comment-7.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1c6b5c4d92892585ce0472dc583abb4b57aea526a2689ad94e56a19b5dea268c

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache26.l2de2[0,0,304-0,H], cache16.l2de2[0,0], cache14.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8E9F9085339356725ED
content-md5
jx8BCTotWiRFlQds3iQd6Q==
age
340
x-cache
HIT TCP_MEM_HIT dirn:12:172691950
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
6252
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:44 GMT
server
Tengine
etag
"8F1F01093A2D5A244595076CDE241DE9"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
11975879393191824584
eagleid
4f85b1a216618563176894717e
x-oss-server-time
8
ali-swift-global-savetime
1661855977
sec-page-top-area.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/sec/ Frame 0C8D
19 KB
19 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/sec/sec-page-top-area.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
aaeccfe751a5b05828743ac11bfd167c0820f9188b229092d6f29e1703bc7e43

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache23.l2de2[0,0,304-0,H], cache25.l2de2[1,0], cache2.de3[0,0,200-0,H], cache14.de3[7,0]
x-oss-request-id
630DE8E938B0ED353091AD72
content-md5
bdq++Dq4mQBaaSyQlauI4Q==
age
340
x-cache
HIT TCP_MEM_HIT dirn:12:227298966
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
19220
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:42 GMT
server
Tengine
etag
"6DDABEF83AB899005A692C9095AB88E1"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
17187339101992635900
eagleid
4f85b1a216618563176894720e
x-oss-server-time
8
ali-swift-global-savetime
1661855977
sec-page-tips-copy.bin
lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/sec/ Frame 0C8D
22 KB
22 KB
XHR
General
Full URL
https://lyc-tore-prod-landing-material-hz.psmtywu.cn/0826/style2/image/sec/sec-page-tips-copy.bin
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.180 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4392fc55f6c7f838b3c236728bf131a83df4200a51830c02d5eb609dcc2777ae

Request headers

Accept
*/*
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:39:37 GMT
via
cache2.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache9.de3[0,0,200-0,H], cache14.de3[5,0]
x-oss-request-id
630DE8E9E20C8C3334DFB531
content-md5
ADgS6H0Oxl68VrAdPa5uAw==
age
340
x-cache
HIT TCP_MEM_HIT dirn:13:703009475
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Tue, 30 Aug 2022 10:41:41 GMT
content-length
22080
x-oss-object-type
Normal
last-modified
Fri, 26 Aug 2022 11:23:43 GMT
server
Tengine
etag
"003812E87D0EC65EBC56B01D3DAE6E03"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
17059711452483335290
eagleid
4f85b1a216618563176894722e
x-oss-server-time
16
ali-swift-global-savetime
1661855977
z_stat.php
s4.cnzz.com/ Frame 0C8D
11 KB
4 KB
Script
General
Full URL
https://s4.cnzz.com/z_stat.php?id=1281140148&web_id=1281140148
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/c2_click/js/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.185.164.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
83ac9f4365ef3a2aa8eff5c17df80bbf4d3f1968f5bf0b45877e8a481e3f1d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:14:26 GMT
content-encoding
gzip
age
1852
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:0:28283906
x-swift-cachetime
3599
x-swift-savetime
Tue, 30 Aug 2022 10:14:27 GMT
content-length
4049
last-modified
Tue, 30 Aug 2022 10:14:26 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1661854466
content-type
application/javascript
via
cache32.l2cn1836[0,0,200-0,H], cache18.l2cn1836[1,0], cache19.cn4100[0,0,200-0,H], cache5.cn4100[1,0]
cache-control
max-age=1800,s-maxage=3600
timing-allow-origin
*
eagleid
dcb9a49916618563187928220e
landing
app-api-aaa.hotline.gd.cn/api/v1/statistics/ Frame 0C8D
15 B
366 B
XHR
General
Full URL
https://app-api-aaa.hotline.gd.cn/api/v1/statistics/landing
Requested by
Host: www.bense707.com
URL: https://www.bense707.com/lib/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.242.182.1 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bense707.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
json/application

Response headers

x-trace-id
trace-id-47371-2022.08.30.18.45.18.582-81545983
date
Tue, 30 Aug 2022 10:45:18 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET,POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-CustomHeader, COOKEI, AuthDog
content-length
15
launcher-icon.png
www.bense707.com/%7B%7BossPath%7D%7D/style2/image/ Frame 0C8D
564 B
564 B
Image
General
Full URL
https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/launcher-icon.png
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:17 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html
arrow.png
www.bense707.com/%7B%7BossPath%7D%7D/style2/image/ Frame 0C8D
564 B
564 B
Image
General
Full URL
https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/arrow.png
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:17 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html
arrow-right.png
www.bense707.com/%7B%7BossPath%7D%7D/style2/image/ Frame 0C8D
564 B
564 B
Image
General
Full URL
https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/arrow-right.png
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.240.110.161 , Hong Kong, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/c2.html?c=sktsjc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:17 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html
truncated
/ Frame 0C8D
611 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
465e5760fc9e16d1e41977d96255883b5e8c1adaad5da7762a9a438cef3d4b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 0C8D
34 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad17636897223c08c47b2dee8d473ea3b7ffd2872c463bdc4722a6845536fc9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
106 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8162f247c2e9003016a3dc46c0395c255fc4d1d1a4b95d8939f29872562edbb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
116 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
435e38158569f0233164445a0333bab5c4e05f1f5bb6ba0c16eaf0cb6385feab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
117 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00dcb458b7c7538f1cccdc7219047d3d57766c208569cce3ad432d6a48ebbbc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
128 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5cefd47a64a3b6d1d1a9281d6dc9ae08c93c9f3fafdf930b80a97cb8d3a6650

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
108 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56b21509c3ea37e030de715def01faf2f9eb93c027890c02a0d1f84ec9b43548

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
108 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
111149345193a232a4e39e1c6abeaa16ab0239fa0d20e244cf0b71deea2fb113

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9cbf15b8925179fca4f9d4add2366c729ff069965ae5c2d64bc37608679b2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
121295076b4bf89bfd7b704c64d9a3c2fa633af754ed5ce57314ab73455ad456

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9ffbd99dc825ffbf2eac9695d9fb263300494655dec71002d5fad9949360610

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18a4e1a34a712f4ac6cb0d64cee418247e4dce694a2107b75098dd56b2f021a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ab20451ac4858f14d5b479de598e796abcc6d2b06233a82cdf844b5382f68c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76bdf2040bae077f448daae56c1ee2935c262cd26ecc8154f72e6b16a0d2ba63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C8D
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
258d12ddab25cba4b6c575ecc0382b05d6e91be9469ea12163a1b5c2d4b9b388

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
launcher-icon.png
lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com/0826/style2/image/ Frame 0C8D
10 KB
10 KB
Image
General
Full URL
https://lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com/0826/style2/image/launcher-icon.png
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.254.187.186 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
6e6ae2eefce0a0dfd59c908ba6644c7c999c0d90fdef70d0cd0f131118127d60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 10:45:18 GMT
x-oss-request-id
630DEA3E33FDC3FAC21703FA
Content-MD5
O++dorZbvdv3/h399u5CUQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
10085
x-oss-object-type
Normal
Last-Modified
Fri, 26 Aug 2022 11:23:44 GMT
Server
AliyunOSS
ETag
"3BEF9DA2B65BBDDBF7FE1DFDF6EE4251"
Content-Type
image/png
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16057965587959016402
x-oss-server-time
2
arrow.png
lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com/0826/style2/image/ Frame 0C8D
369 B
891 B
Image
General
Full URL
https://lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com/0826/style2/image/arrow.png
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.254.187.186 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e711d9ac39f67108f95d03dc4f06d35af259a315bf8af8bb0816da24616f50ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 10:45:18 GMT
x-oss-request-id
630DEA3E3587914880010E4E
Content-MD5
gwh1OUJFipZl0U//7CFb/A==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
369
x-oss-object-type
Normal
Last-Modified
Fri, 26 Aug 2022 11:23:44 GMT
Server
AliyunOSS
ETag
"8308753942458A9665D14FFFEC215BFC"
Content-Type
image/png
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
2665492481789633247
x-oss-server-time
2
arrow-right.png
lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com/0826/style2/image/ Frame 0C8D
317 B
840 B
Image
General
Full URL
https://lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com/0826/style2/image/arrow-right.png
Requested by
Host: respiratorz.com
URL: https://respiratorz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.254.187.186 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7a881d21fd492ef8b48d34045594910831b64141bb75037f0ff2c1581f101906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 10:45:18 GMT
x-oss-request-id
630DEA3EC25A1CB617108D74
Content-MD5
TTWUqgGgPhMQMDcuEP6yAg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
317
x-oss-object-type
Normal
Last-Modified
Fri, 26 Aug 2022 11:23:44 GMT
Server
AliyunOSS
ETag
"4D3594AA01A03E131030372E10FEB202"
Content-Type
image/png
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13865087813354183902
x-oss-server-time
2
core.php
c.cnzz.com/ Frame 0C8D
969 B
912 B
Script
General
Full URL
https://c.cnzz.com/core.php?web_id=1281140148&t=z
Requested by
Host: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1281140148&web_id=1281140148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.185.164.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
680748ad8787faad68bc30a16dfcdeed6c8f2e21bcf7cd0bccfa1a0e1f6f6438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:34:17 GMT
content-encoding
gzip
age
662
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:13:448707265
x-swift-cachetime
894
x-swift-savetime
Tue, 30 Aug 2022 10:34:23 GMT
content-length
620
last-modified
Tue, 30 Aug 2022 10:34:17 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1661855657
content-type
application/javascript
via
cache75.l2cn1836[0,0,200-0,H], cache16.l2cn1836[1,0], cache18.cn4100[0,0,200-0,H], cache5.cn4100[1,0]
timing-allow-origin
*
eagleid
dcb9a49916618563190711259e
expires
Tue, 30 Aug 2022 10:49:17 GMT
stat.htm
z3.cnzz.com/ Frame 0C8D
2 B
123 B
Image
General
Full URL
https://z3.cnzz.com/stat.htm?id=1281140148&r=https%3A%2F%2Frespiratorz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2Fwww.bense707.com%2Fc2.html%3Fc%3Dsktsjc&t=&umuuid=182ee5b05e3a42-0cf84755959697-613c5052-1d4c00-182ee5b05e492a&h=1&rnd=536180423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2409:8c20:5c64:2000::5 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:20 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
stat.htm
ei.cnzz.com/ Frame 0C8D
2 B
123 B
Image
General
Full URL
https://ei.cnzz.com/stat.htm?id=1281140148&r=https%3A%2F%2Frespiratorz.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2Fwww.bense707.com%2Fc2.html%3Fc%3Dsktsjc&ei=%25E4%25BB%25A3%25E7%2590%2586ID%7C%25E4%25B8%258B%25E8%25BC%2589%7Csktsjc%7C0%7C&t=&umuuid=182ee5b05e3a42-0cf84755959697-613c5052-1d4c00-182ee5b05e492a&h=1&rnd=1196900593
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:97b:500:2000::6 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bense707.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 10:45:20 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
9.gif
cnzz.mmstat.com/ Frame 0C8D
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.passport.qihucdn.com
URL
https://js.passport.qihucdn.com/11.0.1.js?8113138f123429f4e46184e7146e43d9
Domain
cnzz.mmstat.com
URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=1971387208

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _hmt object| regexp string| where string| UA string| ss boolean| _bdhm_loaded_80d156ee7fa58859098af0ce600b7c20 object| mini_tangram_log_58p8z5

4 Cookies

Domain/Path Name / Value
.baidu.com/ Name: BAIDUID_BFESS
Value: 008113F0B99657645CD4D7C63B01E884:FG=1
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 647D36D1FBB23051
.respiratorz.com/ Name: Hm_lvt_80d156ee7fa58859098af0ce600b7c20
Value: 1661856318
.respiratorz.com/ Name: Hm_lpvt_80d156ee7fa58859098af0ce600b7c20
Value: 1661856318

10 Console Messages

Source Level URL
Text
network error URL: https://respiratorz.com/
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://www.respiratorz.com/johar.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.passport.qihucdn.com/11.0.1.js?8113138f123429f4e46184e7146e43d9, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.respiratorz.com/johar.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.passport.qihucdn.com/11.0.1.js?8113138f123429f4e46184e7146e43d9, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://js.passport.qihucdn.com/11.0.1.js?8113138f123429f4e46184e7146e43d9
Message:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
network error URL: https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/launcher-icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/arrow.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/arrow-right.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/launcher-icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/arrow.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.bense707.com/%7B%7BossPath%7D%7D/style2/image/arrow-right.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.share.baidu.com
app-api-aaa.hotline.gd.cn
c.cnzz.com
cnzz.mmstat.com
ei.cnzz.com
hm.baidu.com
js.passport.qihucdn.com
lyc-tore-prod-landing-material-hz.oss-accelerate.aliyuncs.com
lyc-tore-prod-landing-material-hz.psmtywu.cn
push.zhanzhang.baidu.com
respiratorz.com
s4.cnzz.com
www.bense707.com
www.respiratorz.com
z3.cnzz.com
cnzz.mmstat.com
js.passport.qihucdn.com
103.235.46.191
156.240.110.161
182.61.201.93
182.61.201.94
220.185.164.250
23.107.144.226
2409:8c20:5c64:2000::5
240e:97b:500:2000::6
47.242.182.1
47.254.187.186
79.133.177.180
0042b61319e3ab9627d3582529ff01884ff488dc61b8718173e2ef886e8489b4
00dcb458b7c7538f1cccdc7219047d3d57766c208569cce3ad432d6a48ebbbc5
0384df9e4f4c525de04bcbf9b45e8755230b3f3d04e5b3ca1fab55789e34b9af
08e40a4bf9f9fb875de59093d8eb1cbad5497a0e463f002db612878b2abbbddc
0a645643a77c90707814969b296f5402e52cae9a2b03c644df578958a47134db
10121c2d4a3d6947a269159ad6a7bde1565ad0b19dfac403fbe44adfbf43d667
111149345193a232a4e39e1c6abeaa16ab0239fa0d20e244cf0b71deea2fb113
121295076b4bf89bfd7b704c64d9a3c2fa633af754ed5ce57314ab73455ad456
18a4e1a34a712f4ac6cb0d64cee418247e4dce694a2107b75098dd56b2f021a9
1c6b5c4d92892585ce0472dc583abb4b57aea526a2689ad94e56a19b5dea268c
1f0d477c315a0e314245e648fc6cce59333529817f32a7a48569db71054c7dd1
21a260ea3acca3ec64e3274b8cf07450bb6a2c36f479550f8c5eb5c2ee44d5ff
2340bf4897b8c9f9928588ccd8ff25211ffd401709afe9e7f33b9280c4ed2558
258d12ddab25cba4b6c575ecc0382b05d6e91be9469ea12163a1b5c2d4b9b388
3ab20451ac4858f14d5b479de598e796abcc6d2b06233a82cdf844b5382f68c6
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
435e38158569f0233164445a0333bab5c4e05f1f5bb6ba0c16eaf0cb6385feab
4392fc55f6c7f838b3c236728bf131a83df4200a51830c02d5eb609dcc2777ae
465e5760fc9e16d1e41977d96255883b5e8c1adaad5da7762a9a438cef3d4b18
4e5bbdf8a9a4260b49e8001d888253c72d3d3572e1d7bf247c6ee4d01eff66ad
56b21509c3ea37e030de715def01faf2f9eb93c027890c02a0d1f84ec9b43548
57ef08ae29eb2f993256a86c925d0d13dbf4cb709f38a5c72c2eaef0cc4561fe
60d3284a4dbe915aeb039982dedff46ff4940828fb3dd0ee343a7dfe6485fee5
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
680748ad8787faad68bc30a16dfcdeed6c8f2e21bcf7cd0bccfa1a0e1f6f6438
6e6ae2eefce0a0dfd59c908ba6644c7c999c0d90fdef70d0cd0f131118127d60
702260065d53e2a367d828c982c080b40184a6d622609b93e2b0f226a6cd0170
72da5942860abeaaabce6d6464bd8f9e120aee31bf5d93fc05666c0c99edd4a9
76bdf2040bae077f448daae56c1ee2935c262cd26ecc8154f72e6b16a0d2ba63
7a881d21fd492ef8b48d34045594910831b64141bb75037f0ff2c1581f101906
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
8162f247c2e9003016a3dc46c0395c255fc4d1d1a4b95d8939f29872562edbb0
831cddfaee700b1c80251ee237d83cdcad1b16d878947ba05dd1275e72273d7a
83ac9f4365ef3a2aa8eff5c17df80bbf4d3f1968f5bf0b45877e8a481e3f1d23
84d1b5ff8ce413c0e21edaaf99b6bf17689e34f709eb4e9c439d20f7619830a6
9d61b361e6e464d91fa43ba5c81f7e61f57641a1e827311e5e732329c01094d0
a9cbf15b8925179fca4f9d4add2366c729ff069965ae5c2d64bc37608679b2d6
aaeccfe751a5b05828743ac11bfd167c0820f9188b229092d6f29e1703bc7e43
accc9f6772851f36c35c3763c748d0c0cf76abcf4c43542b49c83c8d9614ad94
ad17636897223c08c47b2dee8d473ea3b7ffd2872c463bdc4722a6845536fc9c
baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1
c5cefd47a64a3b6d1d1a9281d6dc9ae08c93c9f3fafdf930b80a97cb8d3a6650
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d43a0d2460a03f267c079b3bb8e7541fec8f52ed83e63c694e459e0d47e0c329
d9e786abe5668124915989f46e48b11c7650131f2de5c09cce5013ae175e9867
d9ffbd99dc825ffbf2eac9695d9fb263300494655dec71002d5fad9949360610
db262fb7c28cfb5f76879b3427890cfa9e14ff8b6fd27832d75006f29caac1a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e711d9ac39f67108f95d03dc4f06d35af259a315bf8af8bb0816da24616f50ed
eac9b83200318bdcc940a3f84be4cee34fc307dfaed76f6c673ff59c89cf7958
f67e698022109b746c56e3cd5f791f5750cd00c87b4a993180eeafc79815a929