urlscan.io logo urlscan.io
SecurityTrails logo

www.twoeggz.com Open in urlscan Pro
103.112.211.26  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.twoeggz.com/news/13920644.html
Submission: On July 04 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 11 domains to perform 31 HTTP transactions. The main IP is 103.112.211.26, located in China and belongs to LLKIT-AS-AP Zhengzhou Lulinke Information Technology CO.Ltd., CN. The main domain is www.twoeggz.com.
This is the only time www.twoeggz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 103.112.211.26 137547 (LLKIT-AS-...)
3 151.101.114.109 54113 (FASTLY)
8 163.171.132.119 54994 (QUANTILNE...)
1 195.27.31.222 1273 (CW Vodafo...)
1 65.153.158.132 209 (CENTURYLI...)
1 65.153.196.203 209 (CENTURYLI...)
3 195.27.31.224 1273 (CW Vodafo...)
1 213.244.178.240 3356 (LEVEL3)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 206.54.165.2 35415 (WEBZILLA)
5 206.54.165.177 35415 (WEBZILLA)
31 13
3    103.112.211.26 (China)

ASN137547 (LLKIT-AS-AP Zhengzhou Lulinke Information Technology CO.Ltd., CN)
www.twoeggz.com
3    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.jsdelivr.net
8    163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
p1.pstatp.com
p1-tt.byteimg.com
1    195.27.31.222 (Germany)

ASN1273 (CW Vodafone Group PLC, GB)
p3.pstatp.com
1    65.153.158.132 (Scottsdale, United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST - CenturyLink Communications, LLC, US)
p9.pstatp.com
1    65.153.196.203 (United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST - CenturyLink Communications, LLC, US)
p9-tt.byteimg.com
3    195.27.31.224 (Germany)

ASN1273 (CW Vodafone Group PLC, GB)
p3-tt.byteimg.com
1    213.244.178.240 (United Kingdom)

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)
at.alicdn.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    206.54.165.2 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
deloplen.com
5    206.54.165.177 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
native.propellerclick.com
Domain Requested by
6 p1-tt.byteimg.com www.twoeggz.com
5 native.propellerclick.com cdn.jsdelivr.net
native.propellerclick.com
3 p3-tt.byteimg.com www.twoeggz.com
3 cdn.jsdelivr.net www.twoeggz.com
3 www.twoeggz.com www.twoeggz.com
2 deloplen.com cdn.jsdelivr.net
deloplen.com
2 www.google-analytics.com 1 redirects cdn.jsdelivr.net
2 p1.pstatp.com www.twoeggz.com
1 www.google.de www.twoeggz.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 at.alicdn.com www.twoeggz.com
1 p9-tt.byteimg.com www.twoeggz.com
1 p9.pstatp.com www.twoeggz.com
1 p3.pstatp.com www.twoeggz.com
31 15

This site contains links to these domains. Also see Links.

Domain
www.dandanzan.com
Subject Issuer Validity Valid
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-09-20 -
2019-09-21		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.twoeggz.com/news/13920644.html
Frame ID: FC864ED2718ED282E734198507A71E91
Requests: 30 HTTP requests in this frame

Frame: http://deloplen.com/fac.php
Frame ID: 424E90A9938EB154C997AC6423DE3022
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

19 %
HTTPS

29 %
IPv6

11
Domains

15
Subdomains

13
IPs

6
Countries

432 kB
Transfer

751 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1243847164&t=pageview&_s=1&dl=http%3A%2F%2Fwww.twoeggz.com%2Fnews%2F13920644.html&ul=en-us&de=UTF-8&dt=360%E5%AE%89%E5%85%A8%E7%AE%A1%E5%AE%B6%E5%92%8C%E8%85%BE%E8%AE%AF%E5%AE%89%E5%85%A8%E7%AE%A1%E5%AE%B6%EF%BC%8C%E4%BD%A0%E4%BC%9A%E9%80%89%E6%8B%A9%E5%93%AA%E4%B8%AA%EF%BC%9F_%E6%96%B0%E9%97%BB_%E8%9B%8B%E8%9B%8B%E8%B5%9E&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=2070328679&gjid=91707496&cid=1059196442.1562220245&tid=UA-76290221-1&_gid=188024561.1562220245&_r=1&z=1097596062 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76290221-1&cid=1059196442.1562220245&jid=2070328679&_gid=188024561.1562220245&gjid=91707496&_v=j77&z=1097596062 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76290221-1&cid=1059196442.1562220245&jid=2070328679&_v=j77&z=1097596062 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76290221-1&cid=1059196442.1562220245&jid=2070328679&_v=j77&z=1097596062&slf_rd=1&random=3496564655

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 13920644.html
www.twoeggz.com/news/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Server
103.112.211.26 , China, ASN137547 (LLKIT-AS-AP Zhengzhou Lulinke Information Technology CO.Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
fd9b93e228e2dd350fd0c5de8b0a4137d84515b3fb82c80b0805955b35acb1af

Request headers

Host
www.twoeggz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Thu, 04 Jul 2019 06:04:04 GMT
Content-Type
text/html
Last-Modified
Thu, 04 Jul 2019 05:36:54 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5d1d9076-2daf"
Content-Encoding
gzip
twoeggz.css
cdn.jsdelivr.net/gh/twoeggz/twoeggz/ 		52 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/twoeggz/twoeggz/twoeggz.css
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9cdef0c661470c4f56a4161d007daab31bd7028817539ff0feca4ac0357b9b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Thu, 04 Jul 2019 06:04:04 GMT
content-length
9978
x-served-by
cache-ams21024-AMS, cache-hhn4028-HHN
etag
W/"cee0-7lO8I/jOF6L6BJNmTL4oVO2RsuM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
jquery.js
cdn.jsdelivr.net/gh/twoeggz/twoeggz/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/twoeggz/twoeggz/jquery.js
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e53bf9c2a78703212c9fc15baf0c107acf9926a0f8aac68a6584ea5a56fa6fd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Thu, 04 Jul 2019 06:04:04 GMT
content-length
34265
x-served-by
cache-ams21036-AMS, cache-hhn4028-HHN
etag
W/"17bc7-L59dQRqlPBdIChIstp3i7naXweo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
logo.png
www.twoeggz.com/res/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.twoeggz.com/res/images/logo.png
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
103.112.211.26 , China, ASN137547 (LLKIT-AS-AP Zhengzhou Lulinke Information Technology CO.Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
36ccbdd75a77eb67a2653431c9c68285f3137678a3f93f95086025d466242463

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 06:04:04 GMT
Last-Modified
Thu, 21 Apr 2016 12:26:34 GMT
Server
nginx
ETag
"5718c6fa-11ba"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4538
Expires
Sat, 03 Aug 2019 06:04:04 GMT
6a21b6e14d594ac6b680863c144643b9
p1.pstatp.com/large/pgc-image/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p1.pstatp.com/large/pgc-image/6a21b6e14d594ac6b680863c144643b9
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx /
Resource Hash
2320fd84b2f3426fbde7cca3de849799a50856c6f4ae52bdaa971ec768176620

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 06:04:05 GMT
Via
http/1.1 cache26.hlimg (bdcache [cMsSfW]), cache27.img
BD-Request-Id
b11ae7df1f78587beedcddd1b7581cab
Access-Control-Allow-Origin
*
Nw-Session-Id
57e47992-466a-4355-81ee-55b5e1823dbe
X-Via
1.1 PSgddgdx5fd81:0 (Cdn Cache Server V2.0), 1.1 PSfjfzsx3gh125:5 (Cdn Cache Server V2.0), 1.1 hdwt43:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2mu72:5 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
37289
Server
nginx
X-Tt-Logid
2019070413365401002707314327082
X-Response-Date
Thu, 04 Jul 2019 13:36:54 GMT
Content-Type
image/jpeg
Bd-Status
TCP_MISS
Nw-Session-Trace
2019-07-04T13:36:54.700131216+08:00 39
Cache-Control
max-age=31536000
X-Cache-new
HIT
5b060b138b114d53a27e07d241b3817f
p3.pstatp.com/large/pgc-image/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p3.pstatp.com/large/pgc-image/5b060b138b114d53a27e07d241b3817f
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
195.27.31.222 , Germany, ASN1273 (CW Vodafone Group PLC, GB),
Reverse DNS
Software
Tengine /
Resource Hash
0731949a4150bb97a3791e9fd0a83759289e035f7f25e61359919ee31fdee03d

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Jun 2019 15:03:55 GMT
Via
http/1.1 cache10.hlimg (bdcache [cMsSfW]), cache33.img, cache25.l2de1[0,200-0,H], cache36.l2de1[12,0], cache7.de1[0,200-0,H], cache6.de1[2,0]
Age
1868412
Nw-Session-Id
566a8ff2-c3cb-4a9d-953c-9652c76003e7
X-Cache
HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-CacheTime
29667590
Connection
keep-alive
Content-Length
22366
Access-Control-Allow-Origin
*
Server
Tengine
X-Tt-Logid
2019061223035501002905314814207
X-Response-Date
Wed, 12 Jun 2019 23:03:55 GMT
Ali-Swift-Global-Savetime
1560351835
Content-Type
image/jpeg
Bd-Status
TCP_MISS
Nw-Session-Trace
2019-06-12T23:03:55.171727239+08:00 8
Cache-Control
max-age=31536000
Timing-Allow-Origin
*
EagleId
c31b1fce15622202478331030e
BD-Request-Id
ef1c5beed788b279ec3ba59d252b4ab5
X-Swift-SaveTime
Thu, 04 Jul 2019 06:04:05 GMT
173d42fecedd4b9b847d71273b154ad8
p9.pstatp.com/large/pgc-image/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p9.pstatp.com/large/pgc-image/173d42fecedd4b9b847d71273b154ad8
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
65.153.158.132 Scottsdale, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST - CenturyLink Communications, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
561abda340e1141cbe77faec7e10cecaa6c3fe629062dd7102a5c0165dc62edf

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 06:04:08 GMT
Server
nginx
X-Tt-Logid
2019062815093301002007416642120
X-Response-Date
Fri, 28 Jun 2019 15:09:33 GMT
Nw-Session-Id
b0218c81-8c8d-49df-97cb-acb90fd2dcdc
X-Cache
HIT from BC227_US-Colorado-Denver-1-cache-2(baishan)
Content-Type
image/jpeg
Bd-Status
TCP_MISS
Nw-Session-Trace
2019-06-28T15:09:33.387258048+08:00 193
Cache-Control
max-age=31536000
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
24917
BD-Request-Id
a0e476d133387d5ad85ea8ddd17f0e9a
X-Ser
BC212_dx-lt-yd-jiangsu-taizhou-4-cache-10, BC227_US-Colorado-Denver-1-cache-2, BC131_US-Washington-seattle-1-cache-1
5300571c34154eb78a76650d6d5a51e6
p1.pstatp.com/large/pgc-image/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p1.pstatp.com/large/pgc-image/5300571c34154eb78a76650d6d5a51e6
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx /
Resource Hash
71c07b00863fa178b208ad6c2dbe4a6a18c382ac6117c12c226b789ab177d175

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 06:04:06 GMT
Via
http/1.1 cache26.img (bdcache [cMsSfW]), cache42.img
BD-Request-Id
b5c719777d98e04131c9130d76d9978a
Access-Control-Allow-Origin
*
Nw-Session-Id
9bdf3a68-875a-416b-aa3a-4cba2688e75d
X-Via
1.1 PSjslygsxhb151:10 (Cdn Cache Server V2.0), 1.1 PSzjsxsxnj98:10 (Cdn Cache Server V2.0), 1.1 hdwt40:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2so76:8 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
21991
Server
nginx
X-Tt-Logid
2019070413365401015502006727807
X-Response-Date
Thu, 04 Jul 2019 13:36:54 GMT
Content-Type
image/jpeg
Bd-Status
TCP_MISS
Nw-Session-Trace
2019-07-04T13:36:54.892921794+08:00 98
Cache-Control
max-age=31536000
X-Cache-new
HIT
aa94d7aa3e02446194a7fc15683e7598
p1-tt.byteimg.com/list/300x196/pgc-image/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p1-tt.byteimg.com/list/300x196/pgc-image/aa94d7aa3e02446194a7fc15683e7598
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx /
Resource Hash
83dd760df1d206ec89bb58243558f45da15b04bf8c6394e624db11573634f8cc

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 02 Jul 2019 15:20:41 GMT
Via
http/1.1 cache14.hlimg (bdcache [cHs f ]), cache33.img
X-Crop-Loc
(0,136)-(906,728)
BD-Request-Id
aa3cd8896998df911e49ad080d5a19fb
Age
1
Nw-Session-Id
c3a52b24-b723-47dc-b8fb-b8cbc115e616
X-Via
1.1 PSjsczsx2sc61:10 (Cdn Cache Server V2.0), 1.1 PSzjtzsxrk230:4 (Cdn Cache Server V2.0), 1.1 hdwt40:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2mu72:13 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
13702
Access-Control-Allow-Origin
*
Server
nginx
X-Tt-Logid
2019070121371601002007619510705
X-Response-Date
Mon, 01 Jul 2019 21:37:16 GMT
X-Response-LB
image
Content-Type
image/jpeg
Bd-Status
TCP_HIT
Nw-Session-Trace
2019-07-01T21:37:16.517524193+08:00 274
Cache-Control
max-age=31536000
X-Cache-new
HIT
615975c6bfab4904be0cae1febdbd102
p1-tt.byteimg.com/list/300x196/pgc-image/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p1-tt.byteimg.com/list/300x196/pgc-image/615975c6bfab4904be0cae1febdbd102
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx /
Resource Hash
9dec7c44c233dc649e33f9955566de5b20b161f4b5a04b763363163c6c196bb5

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 02 Jul 2019 19:08:35 GMT
Via
http/1.1 cache09.hlimg (bdcache [cMsSfW]), cache31.img
X-Crop-Loc
(14,0)-(652,417)
BD-Request-Id
301a44ad8a6282e9bbdffb85046e0bad
Age
1
Nw-Session-Id
c576f862-7857-46ba-b1bd-b4cbc6335c8f
X-Via
1.1 PSgddgdx5fb84:3 (Cdn Cache Server V2.0), 1.1 PSzjhzjfew241:3 (Cdn Cache Server V2.0), 1.1 hdwt44:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:5 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
8250
Access-Control-Allow-Origin
*
Server
nginx
X-Tt-Logid
2019070214262301002306105119457
X-Response-Date
Tue, 02 Jul 2019 14:26:23 GMT
X-Response-LB
image
Content-Type
image/jpeg
Bd-Status
TCP_MISS
Nw-Session-Trace
2019-07-02T14:26:23.973881868+08:00 21
Cache-Control
max-age=31536000
X-Cache-new
HIT
dd420f3a-1fc6-421a-9a95-92a33d7de1b5
p9-tt.byteimg.com/list/300x196/dfic-imagehandler/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p9-tt.byteimg.com/list/300x196/dfic-imagehandler/dd420f3a-1fc6-421a-9a95-92a33d7de1b5
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
65.153.196.203 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST - CenturyLink Communications, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
abcbc602da3c13de2189a26a025c515f1c79a84f4a82694b9bcd08725aaa1136

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 06:04:07 GMT
X-Response-LB
image
X-Crop-Loc
(0,0)-(1200,784)
Access-Control-Allow-Origin
*
Nw-Session-Id
5ddfcc4c-6141-4543-b736-b4dba4b7fe57
X-Cache
HIT from BC201_US-Colorado-Denver-1-cache-1(baishan)
Connection
keep-alive
Content-Length
19309
Server
nginx
X-Tt-Logid
2019070411284401002604809333799
X-Response-Date
Thu, 04 Jul 2019 11:28:44 GMT
Content-Type
image/jpeg
Bd-Status
TCP_HIT
Nw-Session-Trace
2019-07-04T11:28:44.311865882+08:00 43
Cache-Control
max-age=31536000
BD-Request-Id
156760ac480545f31396de249063f835
X-Ser
BC18_dx-lt-yd-zhejiang-jinhua-5-cache-8, BC198_US-DistColumbia-washingtonDC-1-cache-1, BC201_US-Colorado-Denver-1-cache-1
afcb640da40d4f92989ca191bcf5edca
p1-tt.byteimg.com/list/300x196/pgc-image/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p1-tt.byteimg.com/list/300x196/pgc-image/afcb640da40d4f92989ca191bcf5edca
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7d9777135d29f4752945b46ac65523152528f0224943ab124c8dbce4fd8929b

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 04:29:29 GMT
Via
http/1.1 cache10.hlimg (bdcache [cHs f ]), cache27.img
X-Crop-Loc
(0,0)-(554,362)
BD-Request-Id
9ad432d531fdd6723292d3e43b2b6aca
Age
1
Nw-Session-Id
3b2b35e0-4bf5-45eb-bc9c-e7733e3eed25
X-Via
1.1 PSjszjsx2ut185:10 (Cdn Cache Server V2.0), 1.1 PSfjfzsx3av123:5 (Cdn Cache Server V2.0), 1.1 hdwt42:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2so76:2 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
15782
Access-Control-Allow-Origin
*
Server
nginx
X-Tt-Logid
2019070322140601002707202236713
X-Response-Date
Wed, 03 Jul 2019 22:14:06 GMT
X-Response-LB
image
Content-Type
image/jpeg
Bd-Status
TCP_HIT
Nw-Session-Trace
2019-07-03T22:14:06.742925282+08:00 72
Cache-Control
max-age=31536000
X-Cache-new
HIT
RV9eVOG39kvZ8x
p1-tt.byteimg.com/list/300x196/pgc-image/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p1-tt.byteimg.com/list/300x196/pgc-image/RV9eVOG39kvZ8x
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx /
Resource Hash
0a88c72abdcaa23ef00e6a41665445ee110b8a6902f7971d4d43e4600c41802a

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 04:29:30 GMT
Via
http/1.1 cache30.hlimg (bdcache [cMsSfW]), cache33.img
X-Crop-Loc
(0,0)-(640,418)
BD-Request-Id
1778d93100202a17017bdd36f8382fd1
Age
1
Nw-Session-Id
07611232-a2e7-49e0-9d72-97996df9954f
X-Via
1.1 PSjslygsxsd152:5 (Cdn Cache Server V2.0), 1.1 PSjsczsxot120:8 (Cdn Cache Server V2.0), 1.1 hdwt42:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:14 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
17133
Access-Control-Allow-Origin
*
Server
nginx
X-Tt-Logid
2019070318471101002905409217941
X-Response-Date
Wed, 03 Jul 2019 18:47:11 GMT
X-Response-LB
image
Content-Type
image/jpeg
Bd-Status
TCP_MISS
Nw-Session-Trace
2019-07-03T18:47:11.975421567+08:00 13
Cache-Control
max-age=31536000
X-Cache-new
HIT
RF6lTMM6JS5I7G
p1-tt.byteimg.com/list/300x196/pgc-image/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p1-tt.byteimg.com/list/300x196/pgc-image/RF6lTMM6JS5I7G
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx /
Resource Hash
c88645dcb558d279bb3727780b1c546c6a5c42bdede31010e6dc811435b58549

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 01:23:41 GMT
Via
http/1.1 cache19.hlimg (bdcache [cHs f ]), cache31.img
X-Crop-Loc
(68,0)-(833,500)
BD-Request-Id
177b964d72c51db57e4818fedf77977c
Age
1
Nw-Session-Id
4e384865-2cf7-493c-a9ae-26c07234fc87
X-Via
1.1 PSzjhzjfef254:5 (Cdn Cache Server V2.0), 1.1 PSfjfzsx3av123:4 (Cdn Cache Server V2.0), 1.1 hdwt40:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:14 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
12997
Access-Control-Allow-Origin
*
Server
nginx
X-Tt-Logid
2019032211501601002506719514770
X-Response-Date
Fri, 22 Mar 2019 11:50:16 GMT
Content-Type
image/jpeg
Bd-Status
TCP_HIT
Nw-Session-Trace
2019-03-22T11:50:16.820570757+08:00 15
Cache-Control
max-age=31536000
X-Cache-new
HIT
RV8OhMRBSS4Qax
p3-tt.byteimg.com/list/300x196/pgc-image/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p3-tt.byteimg.com/list/300x196/pgc-image/RV8OhMRBSS4Qax
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
195.27.31.224 , Germany, ASN1273 (CW Vodafone Group PLC, GB),
Reverse DNS
Software
Tengine /
Resource Hash
7e0bbc4a5df7b47be0cb87e51fc7bf5760a86b4c57847bbca360ca20ae210b76

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 01:12:59 GMT
Via
http/1.1 cache05.hlimg (bdcache [cRs f ]), cache03.hlimg, cache62.l2de1[0,200-0,H], cache14.l2de1[1,0], cache11.de1[0,200-0,H], cache2.de1[1,0]
X-Crop-Loc
(23,0)-(430,266)
Age
17467
Nw-Session-Id
39597f9a-cad4-4209-be31-2f2c95739e30
X-Cache
HIT TCP_MEM_HIT dirn:4:63786815
X-Swift-CacheTime
31535916
server-timing
cdn-cache;desc=MISS,edge;dur=0,origin;dur=1
Content-Length
7371
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Server
Tengine
X-Tt-Logid
2019070313261801002902902335029
X-Response-Date
Wed, 03 Jul 2019 13:26:18 GMT
X-Response-LB
image
Ali-Swift-Global-Savetime
1562202780
Content-Type
image/jpeg
Bd-Status
TCP_HIT
Nw-Session-Trace
2019-07-03T13:26:18.290381339+08:00 15
Connection
keep-alive
Timing-Allow-Origin
*
EagleId
c31b1fca15622202467858569e
BD-Request-Id
df59094c0889f78af8bb9a867d5bec8b
X-Swift-SaveTime
Thu, 04 Jul 2019 01:14:23 GMT
RVBXXDVBwqp0Vc
p3-tt.byteimg.com/list/300x196/pgc-image/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p3-tt.byteimg.com/list/300x196/pgc-image/RVBXXDVBwqp0Vc
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
195.27.31.224 , Germany, ASN1273 (CW Vodafone Group PLC, GB),
Reverse DNS
Software
Tengine /
Resource Hash
8f64e9b2c1a375ce68eaf6f8132b5cc29abdb40eb59c90cada7dbd9ec3eb3f2b

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 01:12:59 GMT
Via
http/1.1 cache40.img (bdcache [cRs f ]), cache42.img, cache23.l2de1[0,200-0,H], cache9.l2de1[1,0], cache8.de1[0,200-0,H], cache2.de1[0,0]
X-Crop-Loc
(0,0)-(960,627)
Age
17467
Nw-Session-Id
004ad10a-39c1-4c7d-adad-caf755673015
X-Cache
HIT TCP_MEM_HIT dirn:5:883921238
X-Swift-CacheTime
31535916
server-timing
cdn-cache;desc=MISS,edge;dur=0,origin;dur=1
Content-Length
18762
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Server
Tengine
X-Tt-Logid
2019070402184401015204007991687
X-Response-Date
Thu, 04 Jul 2019 02:18:45 GMT
X-Response-LB
image
Ali-Swift-Global-Savetime
1562202779
Content-Type
image/jpeg
Bd-Status
TCP_HIT
Nw-Session-Trace
2019-07-04T02:18:45.045757071+08:00 70
Connection
keep-alive
Timing-Allow-Origin
*
EagleId
c31b1fca15622202468398620e
BD-Request-Id
6a7d3368a1570f470acd67caca8a2fcc
X-Swift-SaveTime
Thu, 04 Jul 2019 01:14:23 GMT
RVAhfq6AWuWZnj
p3-tt.byteimg.com/list/300x196/pgc-image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p3-tt.byteimg.com/list/300x196/pgc-image/RVAhfq6AWuWZnj
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
195.27.31.224 , Germany, ASN1273 (CW Vodafone Group PLC, GB),
Reverse DNS
Software
Tengine /
Resource Hash
c4db179c79e3d98a7b6e2bddb92222e592d98e1fcb30ff9590fcadb02d01562f

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 01:12:59 GMT
Via
http/1.1 cache22.img (bdcache [cRs f ]), cache04.hlimg, cache3.l2de1[0,200-0,H], cache8.l2de1[1,0], cache5.de1[0,200-0,H], cache2.de1[1,0]
X-Crop-Loc
(47,0)-(223,115)
Age
17467
Nw-Session-Id
e3e8f785-5129-449b-99b5-e55ca1c37321
X-Cache
HIT TCP_MEM_HIT dirn:7:922411716
X-Swift-CacheTime
31535916
server-timing
cdn-cache;desc=MISS,edge;dur=0,origin;dur=1
Content-Length
3234
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Server
Tengine
X-Tt-Logid
2019070323425401015504720166164
X-Response-Date
Wed, 03 Jul 2019 23:42:54 GMT
X-Response-LB
image
Ali-Swift-Global-Savetime
1562202779
Content-Type
image/jpeg
Bd-Status
TCP_HIT
Nw-Session-Trace
2019-07-03T23:42:54.526150125+08:00 5
Connection
keep-alive
Timing-Allow-Origin
*
EagleId
c31b1fca15622202468118599e
BD-Request-Id
515cf6d91ed1b581391cdc3466acab67
X-Swift-SaveTime
Thu, 04 Jul 2019 01:14:23 GMT
c3fa9666-ea43-475d-81b1-8d4ca56d4d98
p1-tt.byteimg.com/list/300x196/dfic-imagehandler/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p1-tt.byteimg.com/list/300x196/dfic-imagehandler/c3fa9666-ea43-475d-81b1-8d4ca56d4d98
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx /
Resource Hash
65fbcdb036bdd89a49ea6a4fbbe68a07d4a3e423c7640ed5f0b0cc75096f29dd

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 01:31:49 GMT
Via
http/1.1 cache28.hlimg (bdcache [cRs f ]), cache33.img
X-Crop-Loc
(33,0)-(437,264)
BD-Request-Id
097b34e22578967346dc877cce6aa4a5
Age
1
Nw-Session-Id
333b269d-6359-4dbc-960e-8ce723269312
X-Via
1.1 PSgddgjfkr117:5 (Cdn Cache Server V2.0), 1.1 PSfjsmsx2bt42:10 (Cdn Cache Server V2.0), 1.1 hdwt42:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:13 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
13860
Access-Control-Allow-Origin
*
Server
nginx
X-Tt-Logid
2019070218260501002910001337108
X-Response-Date
Tue, 02 Jul 2019 18:26:05 GMT
X-Response-LB
image
Content-Type
image/jpeg
Bd-Status
TCP_HIT
Nw-Session-Trace
2019-07-02T18:26:05.678303062+08:00 15
Cache-Control
max-age=31536000
X-Cache-new
HIT
twoeggz.js
cdn.jsdelivr.net/gh/twoeggz/twoeggz/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/twoeggz/twoeggz/twoeggz.js
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
0073a14df11324a8ef5818adec936e0227075a3302d035c83ffe03bb8d31003e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Thu, 04 Jul 2019 06:04:04 GMT
content-length
15183
x-served-by
cache-ams21022-AMS, cache-hhn4028-HHN
etag
W/"bbcb-tPi0UwRs44ozloqqzwGLz57Goog"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
qweasd.js
www.twoeggz.com/res/js/ 		571 B
885 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.twoeggz.com/res/js/qweasd.js
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
HTTP/1.1
Security
, ,
Server
103.112.211.26 , China, ASN137547 (LLKIT-AS-AP Zhengzhou Lulinke Information Technology CO.Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf5576e2aa2798d0e472497f692d776d30c5b9dd683b10e9e2a74620ec41315a

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 06:04:05 GMT
Last-Modified
Fri, 14 Jun 2019 01:46:45 GMT
Server
nginx
ETag
"5d02fc85-23b"
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
571
Expires
Thu, 04 Jul 2019 18:04:05 GMT
font_157560_0m91yhir5ce.woff
at.alicdn.com/t/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_157560_0m91yhir5ce.woff
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.244.178.240 , United Kingdom, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
Tengine /
Resource Hash
85adc45a55dffd8b9d80c9604519353d9017e64b47409670c73aeb85c9d370c7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cdn.jsdelivr.net/gh/twoeggz/twoeggz/twoeggz.css
Origin
http://www.twoeggz.com

Response headers

date
Tue, 14 Aug 2018 00:57:10 GMT
via
cache34.l2de1[0,200-0,H], cache20.l2de1[1,0], cache2.nl1[0,200-0,H], cache5.nl1[1,0]
x-oss-request-id
5B7228E6CF85218022E77472
content-md5
hDc/U2Vq/XQYHHV6wIyoqA==
age
28012017
x-cache
HIT TCP_MEM_HIT dirn:0:308446607
status
200
x-swift-cachetime
42275704
x-swift-savetime
Thu, 11 Apr 2019 17:42:06 GMT
content-length
4460
x-oss-object-type
Normal
last-modified
Mon, 06 Aug 2018 15:53:42 GMT
server
Tengine
etag
"84373F53656AFD74181C757AC08CA8A8"
ali-swift-global-savetime
1534208230
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
5394897861279408187
eagleid
d5f4b28515622202479062026e
x-oss-server-time
3
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/twoeggz/twoeggz/twoeggz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
4616
date
Thu, 04 Jul 2019 04:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Thu, 04 Jul 2019 06:47:08 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1243847164&t=pageview&_s=1&dl=http%3A%2F%2Fwww.twoeggz.com%2Fnews%2F13920644.html&ul=en-us&de=UTF-8&dt=360%E5%AE%89%E5%85%A8%E7%AE%A1%E5%AE%B...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76290221-1&cid=1059196442.1562220245&jid=2070328679&_gid=188024561.1562220245&gjid=91707496&_v=j77&z=1097596062
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76290221-1&cid=1059196442.1562220245&jid=2070328679&_v=j77&z=1097596062
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76290221-1&cid=1059196442.1562220245&jid=2070328679&_v=j77&z=1097596062&slf_rd=1&random=3496564655
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76290221-1&cid=1059196442.1562220245&jid=2070328679&_v=j77&z=1097596062&slf_rd=1&random=3496564655
Requested by
Host: www.twoeggz.com
URL: http://www.twoeggz.com/news/13920644.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jul 2019 06:04:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jul 2019 06:04:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76290221-1&cid=1059196442.1562220245&jid=2070328679&_v=j77&z=1097596062&slf_rd=1&random=3496564655
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apu.php
deloplen.com/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/apu.php?zoneid=2672083&_=1562220244699
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/twoeggz/twoeggz/jquery.js
Protocol
HTTP/1.1
Security
, ,
Server
206.54.165.2 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ebb817920590fbde8e180914ea0c7bb9149db69e1721b5c621b2f2d8a58d8974
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 06:04:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
3546af1eb8cffe09f3275e5c623ee41a
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires
Tue, 11 Jan 1994 10:00:00 GMT
1
native.propellerclick.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/1?z=2648668&eid=baidu1&_=1562220244700
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/twoeggz/twoeggz/jquery.js
Protocol
HTTP/1.1
Security
, ,
Server
206.54.165.177 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
7d33d3d86e827aae6fffb88507c95bb116e6dbb4af2e5a1ccac43a88bd87dc3f

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jul 2019 06:04:06 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, CVERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1
native.propellerclick.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/1?z=2648671&eid=baidu2&_=1562220244701
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/twoeggz/twoeggz/jquery.js
Protocol
HTTP/1.1
Security
, ,
Server
206.54.165.177 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
312cac477c28f3fd031fe46506a13df2b52e1732968530ff9d069e136aaf78bb

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Jul 2019 06:04:06 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, CVERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fac.php
deloplen.com/ Frame 424E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/fac.php
Requested by
Host: deloplen.com
URL: http://deloplen.com/apu.php?zoneid=2672083&_=1562220244699
Protocol
HTTP/1.1
Server
206.54.165.2 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
deloplen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.twoeggz.com/news/13920644.html
Accept-Encoding
gzip, deflate
Cookie
OAID=e44be12744204d54be22c3cf8dfeac95; oaidts=1562220245
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.twoeggz.com/news/13920644.html

Response headers

Server
nginx
Date
Thu, 04 Jul 2019 06:04:05 GMT
Content-Type
text/html; charset=utf8
Content-Length
197
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
371a340c26d539518c8b7201f5eea167
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
99b676af8b6bac181f509226870b6778
native.propellerclick.com/27/ 		164 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/27/99b676af8b6bac181f509226870b6778
Requested by
Host: native.propellerclick.com
URL: http://native.propellerclick.com/1?z=2648668&eid=baidu1&_=1562220244700
Protocol
HTTP/1.1
Security
, ,
Server
206.54.165.177 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
6b1062c93df93252a7c31d4d4f0445eacc8db1147763f79583e2f960392fd91c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.twoeggz.com/news/13920644.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 06:04:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 03 Jul 2019 05:28:39 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
max-age:290304000, public
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, CVERSION
Expires
Wed, 02 Aug 2079 05:28:39 GMT
13920644.html
www.twoeggz.com/news/ 		0
0
9
native.propellerclick.com/ 		0
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/9?z=2648671&eid=baidu2&rb=WJlHascaqknHB90V1RpPR2wnRN7OffqqPhW20Joc2oonJcRG8_05lqorwbBOsHtCL2uYKL63YQuPUTVMK0Dj6mdq3q5FXOpIwbrbBZ9IBOWsSwP6-zmwOPhnQ0kKut2EoUHGTml-s-ReowjjntYfMPtGbEvk3SCiHgJpN5f4E1LdGyLmxSpAvMAK-edEcrPQFMOxCI6iyIO-z3JDiRYliqGj-cM=&ir=3x2&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fwww.twoeggz.com%2Fnews%2F13920644.html&wy=0&wx=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Requested by
Host: native.propellerclick.com
URL: http://native.propellerclick.com/27/99b676af8b6bac181f509226870b6778
Protocol
HTTP/1.1
Security
, ,
Server
206.54.165.177 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.twoeggz.com/news/13920644.html
Origin
http://www.twoeggz.com

Response headers

Pragma
no-cache
Date
Thu, 04 Jul 2019 06:04:06 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
http://www.twoeggz.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, CVERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
9
native.propellerclick.com/ 		0
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://native.propellerclick.com/9?z=2648668&eid=baidu1&rb=Iyga1efnU6lGDGmIzTJKLqiEeLubHeSGyyufoGD38WGr_6PUfMKMAeN3EendfDuE9b6hWqUYYCEBVEtf0n9c2oH5NlSawouT8Szu0tc2HFm-aeZTf24hcwysbda-IU6JCXWktV9BQagBRz8Rxm56XBEX028JCegLjz4oT34d6v6Fft9UZDUWJi-580hWiLU2pzrdd9ZMT3r8rY2Luijp8yZfxDw=&ir=3x2&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fwww.twoeggz.com%2Fnews%2F13920644.html&wy=0&wx=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Requested by
Host: native.propellerclick.com
URL: http://native.propellerclick.com/27/99b676af8b6bac181f509226870b6778
Protocol
HTTP/1.1
Security
, ,
Server
206.54.165.177 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.twoeggz.com/news/13920644.html
Origin
http://www.twoeggz.com

Response headers

Pragma
no-cache
Date
Thu, 04 Jul 2019 06:04:06 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
http://www.twoeggz.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, CVERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.twoeggz.com
URL
http://www.twoeggz.com/news/13920644.html

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery string| rthost object| isMobile string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| TBUI object| jQuery112406608634030712717 object| zfgformats function| onClickTrigger boolean| zfgloadedpopup boolean| zfgloadednative function| _retranber

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
cdn.jsdelivr.net
deloplen.com
native.propellerclick.com
p1-tt.byteimg.com
p1.pstatp.com
p3-tt.byteimg.com
p3.pstatp.com
p9-tt.byteimg.com
p9.pstatp.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.twoeggz.com
www.twoeggz.com
103.112.211.26
151.101.114.109
163.171.132.119
195.27.31.222
195.27.31.224
206.54.165.177
206.54.165.2
213.244.178.240
2a00:1450:4001:817::2004
2a00:1450:4001:819::2003
2a00:1450:4001:81a::200e
2a00:1450:400c:c0a::9b
65.153.158.132
65.153.196.203
0073a14df11324a8ef5818adec936e0227075a3302d035c83ffe03bb8d31003e
0731949a4150bb97a3791e9fd0a83759289e035f7f25e61359919ee31fdee03d
0a88c72abdcaa23ef00e6a41665445ee110b8a6902f7971d4d43e4600c41802a
2320fd84b2f3426fbde7cca3de849799a50856c6f4ae52bdaa971ec768176620
312cac477c28f3fd031fe46506a13df2b52e1732968530ff9d069e136aaf78bb
36ccbdd75a77eb67a2653431c9c68285f3137678a3f93f95086025d466242463
561abda340e1141cbe77faec7e10cecaa6c3fe629062dd7102a5c0165dc62edf
65fbcdb036bdd89a49ea6a4fbbe68a07d4a3e423c7640ed5f0b0cc75096f29dd
6b1062c93df93252a7c31d4d4f0445eacc8db1147763f79583e2f960392fd91c
71c07b00863fa178b208ad6c2dbe4a6a18c382ac6117c12c226b789ab177d175
7d33d3d86e827aae6fffb88507c95bb116e6dbb4af2e5a1ccac43a88bd87dc3f
7e0bbc4a5df7b47be0cb87e51fc7bf5760a86b4c57847bbca360ca20ae210b76
83dd760df1d206ec89bb58243558f45da15b04bf8c6394e624db11573634f8cc
85adc45a55dffd8b9d80c9604519353d9017e64b47409670c73aeb85c9d370c7
8f64e9b2c1a375ce68eaf6f8132b5cc29abdb40eb59c90cada7dbd9ec3eb3f2b
9cdef0c661470c4f56a4161d007daab31bd7028817539ff0feca4ac0357b9b6d
9dec7c44c233dc649e33f9955566de5b20b161f4b5a04b763363163c6c196bb5
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
abcbc602da3c13de2189a26a025c515f1c79a84f4a82694b9bcd08725aaa1136
b7d9777135d29f4752945b46ac65523152528f0224943ab124c8dbce4fd8929b
c4db179c79e3d98a7b6e2bddb92222e592d98e1fcb30ff9590fcadb02d01562f
c88645dcb558d279bb3727780b1c546c6a5c42bdede31010e6dc811435b58549
cf5576e2aa2798d0e472497f692d776d30c5b9dd683b10e9e2a74620ec41315a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53bf9c2a78703212c9fc15baf0c107acf9926a0f8aac68a6584ea5a56fa6fd4
ebb817920590fbde8e180914ea0c7bb9149db69e1721b5c621b2f2d8a58d8974
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd9b93e228e2dd350fd0c5de8b0a4137d84515b3fb82c80b0805955b35acb1af