urlscan.io logo urlscan.io
SecurityTrails logo

jk.2042w.xyz Open in urlscan Pro
216.224.124.118  Public Scan

Go To Rescan Add Verdict Report
URL: https://jk.2042w.xyz/
Submission: On May 22 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 61 HTTP transactions. The main IP is 216.224.124.118, located in United States and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is jk.2042w.xyz.
TLS certificate: Issued by R3 on May 22nd 2024. Valid for: 3 months.
This is the only time jk.2042w.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 216.224.124.118 152194 (CTGSERVER...)
1 39.97.203.24 37963 (ALIBABA-C...)
11 216.224.124.123 152194 (CTGSERVER...)
3 163.181.160.226 24429 (TAOBAO Zh...)
9 14.215.182.140 4134 (CHINANET-...)
14 172.67.219.84 13335 (CLOUDFLAR...)
1 2404:2280:1e0... 24429 (TAOBAO Zh...)
61 8
8    216.224.124.118 (United States)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)
jk.2042w.xyz
1    39.97.203.24 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
qz101.oss-cn-beijing.aliyuncs.com
11    216.224.124.123 (United States)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)
js.2042l.xyz
3    163.181.160.226 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ali-ec.static.yximgs.com
9    14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
14    172.67.219.84 (United States)

ASN13335 (CLOUDFLARENET, US)
wsrv.nl
1    2404:2280:1e0:0:3::3f1 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
lf1-cdn-tos.bytegoofy.com
Apex Domain
Subdomains		 Transfer
14 wsrv.nl
wsrv.nl — Cisco Umbrella Rank: 70905
314 KB
11 2042l.xyz
js.2042l.xyz
18 KB
9 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10507
48 KB
8 2042w.xyz
jk.2042w.xyz
76 KB
3 yximgs.com
ali-ec.static.yximgs.com — Cisco Umbrella Rank: 53431
130 KB
1 bytegoofy.com
lf1-cdn-tos.bytegoofy.com — Cisco Umbrella Rank: 43178
5 KB
1 aliyuncs.com
qz101.oss-cn-beijing.aliyuncs.com
1 KB
0 bdstatic.com Failed
pic.rmb.bdstatic.com Failed
61 8
Domain Requested by
14 wsrv.nl jk.2042w.xyz
11 js.2042l.xyz qz101.oss-cn-beijing.aliyuncs.com
9 hm.baidu.com js.2042l.xyz
jk.2042w.xyz
8 jk.2042w.xyz jk.2042w.xyz
3 ali-ec.static.yximgs.com jk.2042w.xyz
1 lf1-cdn-tos.bytegoofy.com
1 qz101.oss-cn-beijing.aliyuncs.com jk.2042w.xyz
0 pic.rmb.bdstatic.com Failed jk.2042w.xyz
61 8
Subject Issuer Validity Valid
jk.2042w.xyz
R3		 2024-05-22 -
2024-08-20		 3 months crt.sh
cn-beijing.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-18 -
2024-10-15		 8 months crt.sh
js.2042l.xyz
R3		 2024-05-22 -
2024-08-20		 3 months crt.sh
*.static.yximgs.com
GlobalSign RSA OV SSL CA 2018		 2023-09-15 -
2024-10-16		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
wsrv.nl
E1		 2024-04-20 -
2024-07-19		 3 months crt.sh
*.bytegoofy.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-06-30 -
2024-07-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://jk.2042w.xyz/
Frame ID: 535BA7D62798CFBB902E152ADF88D649
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JKav

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

77 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

593 kB
Transfer

932 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jk.2042w.xyz/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.118 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
02b8a765b4adb6730768eb72d7c77f08f11c05bea56627a61977e68b3e62912b

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2361
Content-Type
text/html; charset=utf-8
Date
Wed, 22 May 2024 21:45:23 GMT
Server
cdn
Upgrade
h2
Vary
Accept-Encoding
X-Cache-Status
HIT
bootstrap.min.css
jk.2042w.xyz/template/mb1/css/ 		135 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jk.2042w.xyz/template/mb1/css/bootstrap.min.css
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.118 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
1a5a2d56c9b20526838748cd5e1465f3ac063122880be075174b9d540e388617

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Sep 2023 11:21:35 GMT
Server
cdn
ETag
"21b97-605781cb23e80-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20923
common.css
jk.2042w.xyz/template/mb1/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jk.2042w.xyz/template/mb1/css/common.css
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.118 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
6b3cd69ff85e38fe4a5f937ecc27b022c83653d30eef4757d8cac6ae6a48bd2d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Sep 2023 11:21:57 GMT
Server
cdn
ETag
"22ce-605781df8d1bc-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1929
hmlcss.css
jk.2042w.xyz/template/mb1/css/ 		81 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jk.2042w.xyz/template/mb1/css/hmlcss.css
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.118 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
69c70aeddffde0f0a01a1501a55d0ae5af5b1bf35a17f8ca4357a03bd4688a9d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Sep 2023 11:22:26 GMT
Server
cdn
ETag
"142d8-605781fb36caf-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14271
app.css
jk.2042w.xyz/template/mb1/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://jk.2042w.xyz/template/mb1/css/app.css
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.118 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
a4702ab786ace4b8f47cf39359bffe4b5483cd94af54f1e168b2ad6fc1b8ae2e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:23 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Sep 2023 11:21:11 GMT
Server
cdn
ETag
"a7f-605781b3f1ccb-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
927
jquery.min.js
jk.2042w.xyz/template/mb1/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jk.2042w.xyz/template/mb1/js/jquery.min.js
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.118 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Oct 2023 22:18:24 GMT
Server
cdn
ETag
"17b8b-6074ff7fb9db0-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33760
jquery.lazyload.min.js
jk.2042w.xyz/template/mb1/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jk.2042w.xyz/template/mb1/js/jquery.lazyload.min.js
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.118 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
219f29828c17f401b7f030fc3aaa1d84fdebfdbf87e312bf4ab909d8a4b4d1f4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Oct 2023 22:18:24 GMT
Server
cdn
ETag
"d36-6074ff7fba198-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1298
h.js
qz101.oss-cn-beijing.aliyuncs.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
39.97.203.24 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
1b14bb167976cd4492dafc44a663a8717706da233c52a2f6bd3f9dbba1988c5e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Content-Encoding
gzip
x-oss-request-id
664E6775352E0D363051FE0C
Content-MD5
sf4xhf8WuUV/Q/80bLvw1Q==
Transfer-Encoding
chunked
Content-Disposition
attachment
Connection
keep-alive
x-oss-object-type
Normal
Last-Modified
Wed, 22 May 2024 01:11:29 GMT
Server
AliyunOSS
Vary
Accept-Encoding
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17618600360402293631
x-oss-server-time
1
wzts.js
jk.2042w.xyz/template/mb1/js/ 		213 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jk.2042w.xyz/template/mb1/js/wzts.js
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.118 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
7b01e12140a6a49f420d000bcaf838c0f21935983fded413704a1a62eef96748

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Oct 2023 22:18:24 GMT
Server
cdn
ETag
"d5-6074ff7fba198-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193
mh.js
js.2042l.xyz/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/mh.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
c3b0ab3ea4613495b2a88330c2d9f6ef5f185c06ec94310d5a0007bdaa07084e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 May 2024 18:35:56 GMT
Server
cdn
ETag
"4af7-6190f347d8fda-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6368
hf1.js
js.2042l.xyz/jk/ 		1 KB
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jk/hf1.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
3653aa4fb1c23b6edd8670449c3b36d6a73ba9fce489fc2b0b7d9f5596529cbf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 May 2024 04:39:21 GMT
Server
cdn
ETag
"529-618db48f8fa70-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
584
aae0d9a47d4735bb8e6c1a1480d12e429084.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
7041e39ae5d2fc61c1c67e5814f8e15d9998.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
c041bc51e4c125aedc1cb08b8433fe4e836.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
e5f2758cef78373401c50b9c84ba42e76165.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
6d74fa04c4736f4853abdf74e6b169388928.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
3bdc261bbedb25168564f35a64e82ca63601.gif
pic.rmb.bdstatic.com/bjh/240422/material/ 		0
0
00c91cf3f92ba8b3426972e0f6cf3321102.gif
pic.rmb.bdstatic.com/bjh/240523/material/ 		0
0
wenzi.js
js.2042l.xyz/jk/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jk/wenzi.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
3af0082f0b9dcad56a726e1ff80af3469b5d99e4b521197712a2c020c0758035

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jan 2024 13:02:19 GMT
Server
cdn
ETag
"1276-60e82ecb00c5a-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1035
apptubiao.js
js.2042l.xyz/jk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jk/apptubiao.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
5479c7169972191b816dbe3aa49cff0bb7b02ce9890faf1dcc717ccffd798371

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 May 2024 04:38:58 GMT
Server
cdn
ETag
"8ff-618db4795eb6f-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
976
282e59ea044905fbace8447b4d1c16815203.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
0da706481043451438876cba92a55be98849.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
021abba16b9680fbc47d481768b192747870.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
a4cbedb3e33a8e99ce1fea502df668ae1566.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
4e4496bc3e8dd763b46d765c5ec25c976116.gif
pic.rmb.bdstatic.com/bjh/240520/material/ 		0
0
be23bd48d884d19490c7366ae0a9781d3328.gif
pic.rmb.bdstatic.com/bjh/240422/material/ 		0
0
d91b52cc9503571ccf455c65de8f6c275692.gif
pic.rmb.bdstatic.com/bjh/240521/material/ 		0
0
486c603b-1427-43b8-94b2-76e52f183fc9_0497200dddb8a48c5caf49539c4a2358.jpg
ali-ec.static.yximgs.com/bs2/upload-kwaishop-themis-bucket/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ali-ec.static.yximgs.com/bs2/upload-kwaishop-themis-bucket/486c603b-1427-43b8-94b2-76e52f183fc9_0497200dddb8a48c5caf49539c4a2358.jpg
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.160.226 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
85c41db2039417c6930d190dd22e1878af2560b3b64307f3578cad70569dbd0d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
209.58.162.218
date
Wed, 28 Feb 2024 06:37:10 GMT
via
cache8.l2eu95-3[0,0,200-0,H], cache2.l2eu95-3[1,0], cache33.l2hk3[0,0,200-0,H], cache6.l2hk3[1,0], ens-cache3.sg17[0,0,200-0,H], ens-cache14.sg17[3,0]
x-oss-request-id
65DED496A53EB23237A582AE
age
7312096
x-swift-cachetime
7775854
x-cache
HIT TCP_HIT dirn:13:498677845
x-oss-cdn-auth
success
x-oss-expiration
expiry-date="Sat, 30 Mar 2024 00:00:00 GMT", rule-id="b9199bf5-bd93-4d4d-98ad-cde46af3d1d7"
kwaisign
null
x-swift-savetime
Wed, 28 Feb 2024 06:39:36 GMT
content-length
45422
x-ks-request-id
a3b5a0a217164143265365985e
x-ks-cache
HIT from 163.181.160.226
x-oss-object-type
Normal
last-modified
Wed, 28 Feb 2024 06:37:10 GMT
server
Tengine
ali-swift-global-savetime
1709102230
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
x-ks-request-id,x-ks-client-ip,Content-Length
cache-control
max-age=2592000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b5a0a217164143265365985e
x-oss-server-time
113
expires
Wed, 06 Mar 2024 06:37:10 GMT
5174cd45-b7ac-412f-aee8-2baead575dda_92416408329966693368087.jpg
ali-ec.static.yximgs.com/bs2/upload-kwaishop-themis-bucket/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ali-ec.static.yximgs.com/bs2/upload-kwaishop-themis-bucket/5174cd45-b7ac-412f-aee8-2baead575dda_92416408329966693368087.jpg
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.160.226 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
abf79ea84b66991fb35aa35285b665f13a07e1a82dba3df88d407de0b55d180b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
209.58.162.218
date
Fri, 05 Apr 2024 13:58:19 GMT
via
cache59.l2na63-1[0,0,200-0,H], cache7.l2na63-1[0,0], cache15.l2hk3[0,0,200-0,H], cache31.l2hk3[1,0], ens-cache3.sg17[0,0,200-0,H], ens-cache14.sg17[3,0]
x-oss-request-id
6610037B9DB6B931363AC9D8
content-md5
w8s3DPkp5v+INDQOj0tsBA==
age
4088827
x-swift-cachetime
5098261
x-cache
HIT TCP_HIT dirn:13:97449140
x-oss-cdn-auth
success
x-oss-expiration
expiry-date="Mon, 15 Apr 2024 00:00:00 GMT", rule-id="b9199bf5-bd93-4d4d-98ad-cde46af3d1d7"
kwaisign
null
x-swift-savetime
Mon, 06 May 2024 13:47:18 GMT
content-length
35511
x-ks-request-id
a3b5a0a217164143265375987e
x-ks-cache
HIT from 163.181.160.226
x-oss-object-type
Normal
last-modified
Fri, 15 Mar 2024 22:40:52 GMT
server
Tengine
etag
"C3CB370CF929E6FF8834340E8F4B6C04"
ali-swift-global-savetime
1712325499
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
x-ks-request-id,x-ks-client-ip,Content-Length
cache-control
max-age=2592000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
2269147653440616619
eagleid
a3b5a0a217164143265375987e
x-oss-server-time
71
expires
Fri, 22 Mar 2024 22:40:52 GMT
fcf6f733-aeb8-46be-8fe6-839219e58e4e_gif59.jpg
ali-ec.static.yximgs.com/bs2/upload-kwaishop-themis-bucket/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ali-ec.static.yximgs.com/bs2/upload-kwaishop-themis-bucket/fcf6f733-aeb8-46be-8fe6-839219e58e4e_gif59.jpg
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.160.226 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2b58df2516aac33e4c6719b976cbd63daf763295ea42788ef909373784de6279

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
209.58.162.218
date
Wed, 28 Feb 2024 06:18:33 GMT
via
cache21.l2nu20-2[0,0,200-0,H], cache15.l2nu20-2[1,0], cache7.l2hk3[0,0,200-0,H], cache36.l2hk3[1,0], ens-cache9.sg17[0,0,200-0,H], ens-cache14.sg17[1,0]
x-oss-request-id
65DED0392DA9463038674DC9
content-md5
q+TSjxKKcESFtFRKexgkWQ==
age
7313213
x-swift-cachetime
2770922
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth
success
x-oss-expiration
expiry-date="Wed, 20 Mar 2024 00:00:00 GMT", rule-id="b9199bf5-bd93-4d4d-98ad-cde46af3d1d7"
kwaisign
null
x-swift-savetime
Fri, 26 Apr 2024 04:36:31 GMT
content-length
50371
x-ks-request-id
a3b5a0a217164143265385988e
x-ks-cache
HIT from 163.181.160.226
x-oss-object-type
Normal
last-modified
Sun, 18 Feb 2024 10:25:22 GMT
server
Tengine
etag
"ABE4D28F128A704485B4544A7B182459"
ali-swift-global-savetime
1709101113
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
x-ks-request-id,x-ks-client-ip,Content-Length
cache-control
max-age=2592000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
1269865670493042726
eagleid
a3b5a0a217164143265385988e
x-oss-server-time
38
expires
Sun, 25 Feb 2024 10:25:22 GMT
byym.js
js.2042l.xyz/jk/ 		731 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jk/byym.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
1d18f13473897eb1fb10aea2b7f8dcec453054a9ffba4c7e41cac7cad7c9ef34

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Oct 2023 19:15:56 GMT
Server
cdn
ETag
"2db-607252fb77300-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
362
yjym.js
js.2042l.xyz/jk/ 		23 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jk/yjym.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
314dd991f56730634d0547ddbd75176dc56b5fb98608a2fe49615c3337b1d77b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Last-Modified
Sat, 07 Oct 2023 19:15:56 GMT
Server
cdn
ETag
"17-607252fb77300"
X-Cache-Status
HIT
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23
bqsy.js
js.2042l.xyz/jk/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jk/bqsy.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
902e70dcd5abe4d85b9850a79201945cb2f5703ab06d45a96520e90f77d33324

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Oct 2023 19:15:56 GMT
Server
cdn
ETag
"243a-607252fb77300-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1248
tg.js
js.2042l.xyz/jk/ 		20 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jk/tg.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
04b15b96773c39eacdd4ff687f89710a8b0e27c702628e75f0a36e73ac18411e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Last-Modified
Fri, 10 May 2024 13:52:49 GMT
Server
cdn
ETag
"14-61819d9e4a355"
X-Cache-Status
HIT
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
tg.js
js.2042l.xyz/qz/ 		97 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/qz/tg.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
0f4b4b600524b66a2d26b4af767d8e03b6bfc4fb6c2c65bed511dc32b61cd96c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 May 2024 15:43:42 GMT
Server
cdn
ETag
"61-6187ffbaba728-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115
lm.js
js.2042l.xyz/jk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jk/lm.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
0b89fc0dada307384214b28a398ff8462dac7720731cc2c637b9cbaba7fdb05e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 May 2024 16:26:00 GMT
Server
cdn
ETag
"782-6190d63d98c9e-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
889
hm.js
hm.baidu.com/ 		0
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?3d96da2d9ce8e4420628ed84d22e2834
Requested by
Host: js.2042l.xyz
URL: https://js.2042l.xyz/jk/lm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:27 GMT
Strict-Transport-Security
max-age=172800
Server
apache
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?a83e83f7873b1e4dac101a08f7678a4b
Requested by
Host: js.2042l.xyz
URL: https://js.2042l.xyz/jk/lm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
3cedcdd59af342b157be066555f2fc1625d70ed0e59dae7996846ab0e2fa711b
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:27 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
46be820fadf984670170802ec8320f1b
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11262
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?699158e7463f5692d2d2df4b552df628
Requested by
Host: js.2042l.xyz
URL: https://js.2042l.xyz/jk/lm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
a2fb457b214faf7730dd151c0b0cab0276159937725b104f57e5523ef7fac92b
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:27 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
950c280a9dd3b1c3ad733967b5d2c660
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11261
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?bc59a122864bf8c2c54ba782535a1272
Requested by
Host: js.2042l.xyz
URL: https://js.2042l.xyz/jk/lm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
5613447c3d39bf395888e16e03e83737408c3d065e47b8439ff66d725fe4a744
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:27 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
64ddf9c91acd6a105d0ce2e3ffb6d49a
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11256
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?65083390cc73815cc721b1b1d5d590e9
Requested by
Host: js.2042l.xyz
URL: https://js.2042l.xyz/jk/lm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
6bb0e5fe8b53fe2c2a9effc4e361300294e047dd7facccfaf0cac6d09ae57cfd
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:27 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
035b8531a27233a93b30d2987e93d0f1
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11265
jklz.js
js.2042l.xyz/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.2042l.xyz/jklz.js
Requested by
Host: qz101.oss-cn-beijing.aliyuncs.com
URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.224.124.123 , United States, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
cdn /
Resource Hash
cd6002eae92c950f5c95086aa385cf9da5a90ac224084385646bccf56a552319

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 21:45:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 May 2024 13:44:20 GMT
Server
cdn
ETag
"1f59-618cec82083f8-gzip"
X-Cache-Status
HIT
Vary
Accept-Encoding
Upgrade
h2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3741
/
wsrv.nl/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/e5f2758cef78373401c50b9c84ba42e76165.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa116fb95d168e8f820feca0db11c15e3445155a74c02bb9b92faf7d9f3f4937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
226105
x-cache-status
MISS
x-upstream-response-length
645107
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
48828
last-modified
Mon, 20 May 2024 04:54:53 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5lXitfyQI%2BASS13fJA7b53njrfMm4PWbh0tz35em300I2Yt65t8dU820PhdlDjBmab1BecQI6Rv6JTOkX1H%2FZfFFDSA%2BVauTt8Wm613EGo%2BeU4Th0UEgijQ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/e5f2758cef78373401c50b9c84ba42e76165.gif>; rel="canonical"
cf-ray
887ffe46c9365fde-SIN
expires
Tue, 20 May 2025 04:54:53 GMT
/
wsrv.nl/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/6d74fa04c4736f4853abdf74e6b169388928.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e4c3e1df262a6dc415ebc55f0f1c353bc96b8d56f4c459061f615f7b38043a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
232953
x-cache-status
MISS
x-upstream-response-length
537683
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
46249
last-modified
Mon, 20 May 2024 04:51:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RDzv09KjVJdpo0dHSuuovmgdwzhIT8stjXprO7erwavxBJq6D7jUt7PCxl44RQxfTV2KkL5ZNQC9nCNyyWXhiq2z2qqmmzI9ZNpCtLg5v%2FdyQZ7iBLuVisq"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/6d74fa04c4736f4853abdf74e6b169388928.gif>; rel="canonical"
cf-ray
887ffe46c9395fde-SIN
expires
Tue, 20 May 2025 04:51:16 GMT
/
wsrv.nl/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240422/material/be23bd48d884d19490c7366ae0a9781d3328.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9acead7df8c013f976cc51002b0aa835a5058cbc3637095f77c4b02067cc7a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
737263
x-cache-status
MISS
x-upstream-response-length
43626
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
8262
last-modified
Mon, 22 Apr 2024 08:47:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZvSr9n6ZssV1rUW3AzgCVj9t8iFAJgQVxYw6fW4bws6q2d97DFhK34HEgnx8Hfezgbkt7TV3A2EPYpjyv5n1FycMWquC7pr5vjJrZY0WzuGGzEoXIXgilYi"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240422/material/be23bd48d884d19490c7366ae0a9781d3328.gif>; rel="canonical"
cf-ray
887ffe46c9375fde-SIN
expires
Tue, 22 Apr 2025 08:47:25 GMT
/
wsrv.nl/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/021abba16b9680fbc47d481768b192747870.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4608e159bb8104c538432bfcdf24f36f8f66121f59118b8e4a211312a8547ac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
233095
x-cache-status
MISS
x-upstream-response-length
49346
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
8149
last-modified
Mon, 20 May 2024 04:51:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyQdABfstoQyfcTZAqOp3DN23A2maOrilHbcfzOpjBteSGqxcI5U4ZZtAZFWdo5qzQoYFUXbEuD32T9GVEEnqvOPm1XO3f%2B5bIQsNmSnUB05j9Sv9jYxwlCY"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/021abba16b9680fbc47d481768b192747870.gif>; rel="canonical"
cf-ray
887ffe46c9405fde-SIN
expires
Tue, 20 May 2025 04:51:16 GMT
/
wsrv.nl/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/0da706481043451438876cba92a55be98849.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d0ed6d8e5d7d930b42c8121be6c5819ed1d3fb7fc726d3285d22851473a61e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
226103
x-cache-status
MISS
x-upstream-response-length
48489
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
4043
last-modified
Mon, 20 May 2024 04:54:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vIahymjCOnLzDLVmS4ONplH7XxFM1dG3%2BliQ4Ggz9%2Fddpts7yVv1Bf9wXvrZ3glAH%2Bvobsrm3UpjbtYVKReNAzcSIgSnonxoG6P47IAm7maKsZ0fyKvDP%2Bbd"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/0da706481043451438876cba92a55be98849.gif>; rel="canonical"
cf-ray
887ffe46c93a5fde-SIN
expires
Tue, 20 May 2025 04:54:52 GMT
/
wsrv.nl/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240521/material/d91b52cc9503571ccf455c65de8f6c275692.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddeb0db92e748acd48fb264d4204608438eff6d1f6aa07e42cd4c65032f91a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117660
x-cache-status
EXPIRED
x-upstream-response-length
530735
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
6448
last-modified
Tue, 21 May 2024 11:37:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UW4RRE7nj499wrdpeZesU6wdoT0tB3vRhFLT6JrOd71l1xfQxUMnEUz6hTFd%2FQuaQ6CPT2WpbsZck%2BItJNQZtZQYOP5hVHH%2FaZfuLUHnVxIcz2DMZzu8pbxr"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240521/material/d91b52cc9503571ccf455c65de8f6c275692.gif>; rel="canonical"
cf-ray
887ffe46c93f5fde-SIN
expires
Wed, 21 May 2025 11:37:10 GMT
/
wsrv.nl/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/aae0d9a47d4735bb8e6c1a1480d12e429084.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dd38b069146cb386dba9e46b10ae5cce8d118a2bfe397355fd2b9f0d751606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213109
x-cache-status
HIT
x-upstream-response-length
167849
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
31630
last-modified
Mon, 20 May 2024 09:46:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S79%2Fk4514CkwzY21TzgLq%2BM23uhaf3Qf5YWKwLvchQsL0jhzMPYnB1hsD5twp1n4jI9hboyxvspGCL47lw3uCBFPunvAhzH46Gjgn%2F48UzZWrefsHAdAh4hu"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/aae0d9a47d4735bb8e6c1a1480d12e429084.gif>; rel="canonical"
cf-ray
887ffe46c93b5fde-SIN
expires
Tue, 20 May 2025 09:44:44 GMT
/
wsrv.nl/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240523/material/00c91cf3f92ba8b3426972e0f6cf3321102.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31a495940c6b2717db3b063321501574f93f668ae898fc2808bd6361fab9265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8606
x-cache-status
HIT
x-upstream-response-length
36658
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
20999
last-modified
Wed, 22 May 2024 19:14:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKqMcR3LKPfMIYcDqcCGHFEchL0hDP4OXff6yt%2FxoKMDAXrA83Xu6SghC6pW3SEUl%2BmYznBPiPWZornPR3VfT%2FBlKgKEhutmITmIqkkno8V8AD3zZ%2B0kXOqN"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240523/material/00c91cf3f92ba8b3426972e0f6cf3321102.gif>; rel="canonical"
cf-ray
887ffe46c93d5fde-SIN
expires
Thu, 22 May 2025 19:14:42 GMT
/
wsrv.nl/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240422/material/3bdc261bbedb25168564f35a64e82ca63601.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e8a73ed873ee43984004b6373c838dfa418ef26789ae776dfd6bce0363575de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
789997
x-cache-status
MISS
x-upstream-response-length
84218
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
44571
last-modified
Thu, 09 May 2024 04:46:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2ZIpf4%2BlfbukA0LEucjbkpsu3CNoWCi6uOqKFg%2FCxdtkX3QZiwtTDCbQSzihznV%2FXlOi2%2Ft5jIztXC6Ysx9vPmwGhaGa7NVhUwmJ%2F6unrRlE1NMTVE31Bjh"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240422/material/3bdc261bbedb25168564f35a64e82ca63601.gif>; rel="canonical"
cf-ray
887ffe46e94f5fde-SIN
expires
Fri, 09 May 2025 04:46:37 GMT
/
wsrv.nl/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/4e4496bc3e8dd763b46d765c5ec25c976116.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ef47a269cb9b11d24aab31328bcd15187b8f2f82e15ec388107983a170738d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
226102
x-cache-status
EXPIRED
x-upstream-response-length
180784
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
14972
last-modified
Mon, 20 May 2024 05:53:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8I%2B%2B9RLhfQFmCkXfP56CwMMbrWv6%2Bbc7ddNr2lWLiKC6wi3n3SKAwLtC7JyHDUsHounIboJJ8yEkDWSlHk4ZJtZqpf4QOR1VoW%2BUkcRuZf8viFsAJqUUI2Xc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/4e4496bc3e8dd763b46d765c5ec25c976116.gif>; rel="canonical"
cf-ray
887ffe46e9505fde-SIN
expires
Tue, 20 May 2025 05:53:43 GMT
/
wsrv.nl/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/282e59ea044905fbace8447b4d1c16815203.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de9975beea8f0661ca4957a3f9a8fb385017c72ac54a51a4e68c4c80db7a71f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
226103
x-cache-status
HIT
x-upstream-response-length
56493
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
7022
last-modified
Mon, 20 May 2024 06:14:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7zK1aMhpdWZb6qdHPGvR15lSikZ0vyqRy0MNebgoz5F43wU5gtNSRRuvYvfjYk06oQ4VY%2FzKWv%2Bj8H%2Bmeslog%2FnX%2Fxn0RfVVNqhtaxAveKADApH%2F%2FGr4wib"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/282e59ea044905fbace8447b4d1c16815203.gif>; rel="canonical"
cf-ray
887ffe46f9545fde-SIN
expires
Tue, 20 May 2025 06:13:31 GMT
/
wsrv.nl/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/a4cbedb3e33a8e99ce1fea502df668ae1566.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59ef4c9db266ca1d3c03ec26ebe2e40ed5486f79a33ce1b06d46caf0f6a620a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
226103
x-cache-status
MISS
x-upstream-response-length
123887
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
16434
last-modified
Mon, 20 May 2024 04:54:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXwrjEmIWcEZB3v4XaLohKowGC0wIinLwehoBgq5DBEy7oiom333%2FBE4ToL26IEB26jQAeXhw124GdR1Juqx8wWFXhxuEoPtbg%2F7j42o2%2FwssUSe4ZFEfP4G"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/a4cbedb3e33a8e99ce1fea502df668ae1566.gif>; rel="canonical"
cf-ray
887ffe46f9565fde-SIN
expires
Tue, 20 May 2025 04:54:52 GMT
/
wsrv.nl/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/c041bc51e4c125aedc1cb08b8433fe4e836.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d9e802dd4474c48812962cb93fdee821e0d5dfaaf4c8a4f978f7a02bbb9afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
216200
x-cache-status
EXPIRED
x-upstream-response-length
178229
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
17506
last-modified
Mon, 20 May 2024 08:03:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7Bxm%2BZf%2Fc%2FTnwts4lvS7ypQUArZL1m6Ov%2B52Y5CE48yFfvxP7Ea%2Forb6wxoIFLf43unXkDwXo%2F9r3VH8W51%2BIEkLnkWImKPHpGPCY%2BZngiAlee5e8WhflR%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/c041bc51e4c125aedc1cb08b8433fe4e836.gif>; rel="canonical"
cf-ray
887ffe46f9585fde-SIN
expires
Tue, 20 May 2025 08:03:47 GMT
/
wsrv.nl/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wsrv.nl/?url=https://pic.rmb.bdstatic.com/bjh/240520/material/7041e39ae5d2fc61c1c67e5814f8e15d9998.gif
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9711dd6da307f9cd492a3c200315018c65a3bd95f725f777b0e4b093419d10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-images-api
5
date
Wed, 22 May 2024 21:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
226105
x-cache-status
EXPIRED
x-upstream-response-length
380990
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.gif
alt-svc
h3=":443"; ma=86400
content-length
36380
last-modified
Mon, 20 May 2024 05:10:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WsO7UsCfpEEKV61veSgGd%2Fb5k%2BeTlo0F0Qn9bwXDdhx%2BMGHMHM3gxJ9clGNXhhev4Hfr4oqYUrSwK7%2FopMA%2FWW91VqLnHfD%2FqVFHzN%2BUUxXqTKyWHlh6c%2Flf"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://pic.rmb.bdstatic.com/bjh/240520/material/7041e39ae5d2fc61c1c67e5814f8e15d9998.gif>; rel="canonical"
cf-ray
887ffe46f9595fde-SIN
expires
Tue, 20 May 2025 05:10:18 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=zh-sg&lo=0&rnd=944476633&si=699158e7463f5692d2d2df4b552df628&v=1.3.0&lv=1&sn=52678&r=0&ww=1600&u=https%3A%2F%2Fjk.2042w.xyz%2F&tt=JKav
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 22 May 2024 21:45:28 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=zh-sg&lo=0&rnd=1874986587&si=a83e83f7873b1e4dac101a08f7678a4b&v=1.3.0&lv=1&sn=52678&r=0&ww=1600&u=https%3A%2F%2Fjk.2042w.xyz%2F&tt=JKav
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 22 May 2024 21:45:28 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=zh-sg&lo=0&rnd=1268161706&si=bc59a122864bf8c2c54ba782535a1272&v=1.3.0&lv=1&sn=52678&r=0&ww=1600&u=https%3A%2F%2Fjk.2042w.xyz%2F&tt=JKav
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 22 May 2024 21:45:28 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=zh-sg&lo=0&rnd=1851268517&si=65083390cc73815cc721b1b1d5d590e9&v=1.3.0&lv=1&sn=52678&r=0&ww=1600&u=https%3A%2F%2Fjk.2042w.xyz%2F&tt=JKav
Requested by
Host: jk.2042w.xyz
URL: https://jk.2042w.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 22 May 2024 21:45:28 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
lf1-cdn-tos.bytegoofy.com/goofy/ies/douyin_web/public/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lf1-cdn-tos.bytegoofy.com/goofy/ies/douyin_web/public/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1e0:0:3::3f1 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e67348e3ab54fa207e1ce4be78e8399d1b73a794d819a17d8656ea2b17a1109d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://jk.2042w.xyz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 28 Aug 2023 11:15:59 GMT
via
cache1.l2sg3[0,-1,200-0,H], cache22.l2sg3[2,0], ens-cache11.sg17[0,0,200-0,H], ens-cache5.sg17[0,0]
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
content-md5
+DEduFnSXikmTiPbb+pWYw==
age
23192969
x-swift-cachetime
30928011
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-tos-storage-class
STANDARD
server-timing
cdn-cache;desc=HIT,edge;dur=0
x-swift-savetime
Mon, 04 Sep 2023 12:09:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4286
x-tos-request-id
6b8d8dec81efa18464ec81ef-a969084
x-tos-response-time
Mon, 28 Aug 2023 11:15:59 GMT
last-modified
Mon, 07 Aug 2023 07:49:22 GMT
server
Tengine
x-tt-logid
20230828191559B2179CE7BC099F2E5105
etag
"f8311db859d25e29264e23db6fea5663"
ali-swift-global-savetime
1693221359
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=31536000
x-server
goofy
x-tt-trace-host
014322387c291b6b8cc83a2037c502694d87a3becc6b804423b88f2fd003c4b87ca7329fbd92f312bac50d30fe1c1b1fd415399bc9109ab759f53f11e1f098121c1d35ce2abf293541bbb6a79778539b4c1916c65d81edbdec7af40862636d43c8
access-control-request-methods
OPTIONS, HEAD, GET
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
eagleid
a3b5a09917164143287877627e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/aae0d9a47d4735bb8e6c1a1480d12e429084.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/7041e39ae5d2fc61c1c67e5814f8e15d9998.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/c041bc51e4c125aedc1cb08b8433fe4e836.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/e5f2758cef78373401c50b9c84ba42e76165.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/6d74fa04c4736f4853abdf74e6b169388928.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240422/material/3bdc261bbedb25168564f35a64e82ca63601.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240523/material/00c91cf3f92ba8b3426972e0f6cf3321102.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/282e59ea044905fbace8447b4d1c16815203.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/0da706481043451438876cba92a55be98849.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/021abba16b9680fbc47d481768b192747870.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/a4cbedb3e33a8e99ce1fea502df668ae1566.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240520/material/4e4496bc3e8dd763b46d765c5ec25c976116.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240422/material/be23bd48d884d19490c7366ae0a9781d3328.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/240521/material/d91b52cc9503571ccf455c65de8f6c275692.gif

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| H0ST number| csscache function| qzload function| loadScript function| mhcb string| mh_full string| __HOST1 string| __HOST2 string| mb_host string| Link2 string| Link3 string| uuHOST string| uhsot1 string| BHOST string| ky1113 string| tyc12 object| bjhlink string| yjhost undefined| __HOST_yj number| seed boolean| _r string| my23204 string| __MH__ object| myhost2 object| myhost string| __HOST_my object| llcpa_arr object| cap9_arr object| ptgg_arr object| hhas_cpa number| _r3 number| _r4 string| Lk1 string| xs_zb string| AS_cpa string| Link1 string| HS_cpa string| QZ_cpa string| cpa9253 string| zu_cpa string| cpa9251 string| cpa1072 string| jk_cpa string| lz_cpa string| cpa9252 string| GG_cpa string| pt_cpa string| TK_cpa string| LL_cpa string| F2_cpa string| LL_cpa2 string| LL_cpa3 string| F2_pt string| QZ_cpa2 string| TK_cpa2 string| cpa1071 string| TZ_cpa string| TZ_cpa2 string| Link4 string| Link5 string| Link6 string| Link7 string| Link8 string| Link9 string| Link0 string| Link10 string| Link11 string| Link12 string| Link13 string| Link14 string| Link15 string| Link16 string| Link17 string| Link18 string| Link19 string| Link20 string| Link21 string| Link22 string| Link23 string| Link24 string| Link25 string| Link26 string| Link27 string| Link28 string| Link29 string| Link30 string| lk2 string| lk3 string| lk4 string| lk5 string| lk6 string| lk7 string| lk8 string| lk9 string| lk0 string| lk11 string| lk12 string| lk13 string| lk14 string| lk15 string| lk16 string| lk17 string| lk18 string| lk19 string| lks0 string| lks1 string| lks2 string| lks3 string| lks4 string| lks5 string| lks6 string| lks7 string| lks8 string| lks9 string| lks10 string| lks11 string| lks12 string| lks13 string| lks14 string| lks15 string| lks16 string| lks17 string| lks18 string| lks19 string| lks20 string| qz0 string| qz1 string| qz2 string| qz3 string| qz4 string| qz5 string| qz6 string| qz7 string| qz8 string| qz9 string| qz10 string| qz11 string| qz12 string| qz13 string| qz14 string| qz15 string| qz16 string| qz17 string| qz18 string| qz19 string| qz20 string| qz21 string| qz22 string| qz23 string| qz24 object| qz25 object| qz26 object| qz27 string| qz28 string| qz29 string| ppgg_spk1_pic string| ppgg_spk1_link string| lzjk_spk1_link string| ppgg_spk1_text string| ylg_jklz function| qzspk string| AI_PRE string| AI_PRE2 object| lllf_1 object| lllf_2 object| lllf_3 object| lllf_4 object| lllf_5 object| jklz_tb_txt object| jklz_tb_pic object| jklz_tb_lik object| jklzhf_lik object| jklzhf_pic string| x object| maccms function| hfunc function| wenzi_func function| tubiao function| navck object| jQuery1124018225802451969186 object| _hmt function| insert_tj string| spk1link string| _spk number| _ssec boolean| isserch boolean| isplay boolean| isserch2 boolean| isIndex number| c2 number| c1 boolean| _bdhm_loaded_699158e7463f5692d2d2df4b552df628 object| mini_tangram_log_xr28lg boolean| _bdhm_loaded_a83e83f7873b1e4dac101a08f7678a4b object| mini_tangram_log_vgp2vi boolean| _bdhm_loaded_bc59a122864bf8c2c54ba782535a1272 object| mini_tangram_log_x19l7f boolean| _bdhm_loaded_65083390cc73815cc721b1b1d5d590e9 object| mini_tangram_log_teaspt

9 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 035A75222D130387
.jk.2042w.xyz/ Name: Hm_lvt_699158e7463f5692d2d2df4b552df628
Value: 1716414328
.jk.2042w.xyz/ Name: Hm_lpvt_699158e7463f5692d2d2df4b552df628
Value: 1716414328
.jk.2042w.xyz/ Name: Hm_lvt_a83e83f7873b1e4dac101a08f7678a4b
Value: 1716414328
.jk.2042w.xyz/ Name: Hm_lpvt_a83e83f7873b1e4dac101a08f7678a4b
Value: 1716414328
.jk.2042w.xyz/ Name: Hm_lvt_bc59a122864bf8c2c54ba782535a1272
Value: 1716414328
.jk.2042w.xyz/ Name: Hm_lpvt_bc59a122864bf8c2c54ba782535a1272
Value: 1716414328
.jk.2042w.xyz/ Name: Hm_lvt_65083390cc73815cc721b1b1d5d590e9
Value: 1716414328
.jk.2042w.xyz/ Name: Hm_lpvt_65083390cc73815cc721b1b1d5d590e9
Value: 1716414328

19 Console Messages

Source Level URL
Text
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/mh.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jk/hf1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jk/wenzi.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jk/apptubiao.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jk/byym.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jk/yjym.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jk/bqsy.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jk/tg.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/qz/tg.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jk/lm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://qz101.oss-cn-beijing.aliyuncs.com/h.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.2042l.xyz/jklz.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://jk.2042w.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jk.2042w.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jk.2042w.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jk.2042w.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jk.2042w.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jk.2042w.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jk.2042w.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://jk.2042w.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ali-ec.static.yximgs.com
hm.baidu.com
jk.2042w.xyz
js.2042l.xyz
lf1-cdn-tos.bytegoofy.com
pic.rmb.bdstatic.com
qz101.oss-cn-beijing.aliyuncs.com
wsrv.nl
pic.rmb.bdstatic.com
14.215.182.140
163.181.160.226
172.67.219.84
216.224.124.118
216.224.124.123
2404:2280:1e0:0:3::3f1
39.97.203.24
02b8a765b4adb6730768eb72d7c77f08f11c05bea56627a61977e68b3e62912b
04b15b96773c39eacdd4ff687f89710a8b0e27c702628e75f0a36e73ac18411e
08ef47a269cb9b11d24aab31328bcd15187b8f2f82e15ec388107983a170738d
0b89fc0dada307384214b28a398ff8462dac7720731cc2c637b9cbaba7fdb05e
0de9975beea8f0661ca4957a3f9a8fb385017c72ac54a51a4e68c4c80db7a71f
0f4b4b600524b66a2d26b4af767d8e03b6bfc4fb6c2c65bed511dc32b61cd96c
1a5a2d56c9b20526838748cd5e1465f3ac063122880be075174b9d540e388617
1b14bb167976cd4492dafc44a663a8717706da233c52a2f6bd3f9dbba1988c5e
1d18f13473897eb1fb10aea2b7f8dcec453054a9ffba4c7e41cac7cad7c9ef34
219f29828c17f401b7f030fc3aaa1d84fdebfdbf87e312bf4ab909d8a4b4d1f4
24d9e802dd4474c48812962cb93fdee821e0d5dfaaf4c8a4f978f7a02bbb9afe
2b58df2516aac33e4c6719b976cbd63daf763295ea42788ef909373784de6279
314dd991f56730634d0547ddbd75176dc56b5fb98608a2fe49615c3337b1d77b
3653aa4fb1c23b6edd8670449c3b36d6a73ba9fce489fc2b0b7d9f5596529cbf
3af0082f0b9dcad56a726e1ff80af3469b5d99e4b521197712a2c020c0758035
3cedcdd59af342b157be066555f2fc1625d70ed0e59dae7996846ab0e2fa711b
4608e159bb8104c538432bfcdf24f36f8f66121f59118b8e4a211312a8547ac0
5479c7169972191b816dbe3aa49cff0bb7b02ce9890faf1dcc717ccffd798371
5613447c3d39bf395888e16e03e83737408c3d065e47b8439ff66d725fe4a744
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69c70aeddffde0f0a01a1501a55d0ae5af5b1bf35a17f8ca4357a03bd4688a9d
6b3cd69ff85e38fe4a5f937ecc27b022c83653d30eef4757d8cac6ae6a48bd2d
6bb0e5fe8b53fe2c2a9effc4e361300294e047dd7facccfaf0cac6d09ae57cfd
6e4c3e1df262a6dc415ebc55f0f1c353bc96b8d56f4c459061f615f7b38043a1
7b01e12140a6a49f420d000bcaf838c0f21935983fded413704a1a62eef96748
7e8a73ed873ee43984004b6373c838dfa418ef26789ae776dfd6bce0363575de
85c41db2039417c6930d190dd22e1878af2560b3b64307f3578cad70569dbd0d
902e70dcd5abe4d85b9850a79201945cb2f5703ab06d45a96520e90f77d33324
95dd38b069146cb386dba9e46b10ae5cce8d118a2bfe397355fd2b9f0d751606
9acead7df8c013f976cc51002b0aa835a5058cbc3637095f77c4b02067cc7a13
a2fb457b214faf7730dd151c0b0cab0276159937725b104f57e5523ef7fac92b
a4702ab786ace4b8f47cf39359bffe4b5483cd94af54f1e168b2ad6fc1b8ae2e
aa116fb95d168e8f820feca0db11c15e3445155a74c02bb9b92faf7d9f3f4937
abf79ea84b66991fb35aa35285b665f13a07e1a82dba3df88d407de0b55d180b
b31a495940c6b2717db3b063321501574f93f668ae898fc2808bd6361fab9265
b4d0ed6d8e5d7d930b42c8121be6c5819ed1d3fb7fc726d3285d22851473a61e
c3b0ab3ea4613495b2a88330c2d9f6ef5f185c06ec94310d5a0007bdaa07084e
cd6002eae92c950f5c95086aa385cf9da5a90ac224084385646bccf56a552319
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d59ef4c9db266ca1d3c03ec26ebe2e40ed5486f79a33ce1b06d46caf0f6a620a
da9711dd6da307f9cd492a3c200315018c65a3bd95f725f777b0e4b093419d10
ddeb0db92e748acd48fb264d4204608438eff6d1f6aa07e42cd4c65032f91a84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67348e3ab54fa207e1ce4be78e8399d1b73a794d819a17d8656ea2b17a1109d