www.39458.com Open in urlscan Pro
23.231.145.253  Public Scan

24 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.39458.com/	119 KB 23 KB	849ms 430ms	Document text/html	23.231.145.253 TAKE2
General Check archive.org Show headers Download Go to Full URL https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.231.145.253 , United States, ASN20248 (TAKE2, US), Reverse DNS Software nginx / Resource Hash 3d804b2ed08ece628bbd0b49104ef6f0a6ddd2ab2fe34a458b2f30f9fc8bc1ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Mon, 04 Jul 2022 08:05:58 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	home.css www.39458.com/static/css/	14 KB 4 KB	193ms 192ms	Stylesheet text/css	23.231.145.253 TAKE2
General Check archive.org Show headers Download Go to Full URL https://www.39458.com/static/css/home.css Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.231.145.253 , United States, ASN20248 (TAKE2, US), Reverse DNS Software nginx / Resource Hash 56fbe2ac8019d9cb1f2d09bc62dcd11385fd375a33ce531b9292926e0d7504ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:58 GMT content-encoding gzip last-modified Thu, 02 Dec 2021 11:05:52 GMT server nginx etag W/"61a8a890-3712" vary Accept-Encoding content-type text/css cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 04 Jul 2022 20:05:58 GMT
GET H2	200	font_2748176_bvpzrxyy7vc.css at.alicdn.com/t/	655 B 1 KB	198ms 7ms	Stylesheet text/css	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://at.alicdn.com/t/font_2748176_bvpzrxyy7vc.css Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 62eda6f792b9f9ed76d8c4f2782adce840121bc3b1c5f6c2aa3616419b3f4ac4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 06 Sep 2021 15:25:45 GMT via cache38.l2ot7-1[0,0,200-0,H], cache20.l2ot7-1[1,0], ens-cache2.de4[0,0,200-0,H], ens-cache5.de4[1,0] x-oss-request-id 613632F959DE0D333815BA7A content-md5 7IJUuTiFQDD3XvR8hIHfmg== age 25980013 x-cache HIT TCP_MEM_HIT dirn:-2:-2 x-swift-cachetime 53602576 x-swift-savetime Sat, 25 Dec 2021 05:49:29 GMT content-length 655 x-oss-object-type Normal last-modified Tue, 17 Aug 2021 15:29:01 GMT server Tengine etag "EC8254B938854030F75EF47C8481DF9A" ali-swift-global-savetime 1630941945 content-type text/css access-control-allow-origin * cache-control max-age=63072000 x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 17814154415006390114 eagleid 2ff62b1d16569219589831856e x-oss-server-time 99
GET H2	200	font_2805178_apwa1emhlkv.css at.alicdn.com/t/	655 B 975 B	199ms 8ms	Stylesheet text/css	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://at.alicdn.com/t/font_2805178_apwa1emhlkv.css Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash a3360c153a6df7158939fc16a17434d1ce87b899452123460a2a8d101390f4b0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 11 Sep 2021 01:24:51 GMT via cache38.l2ot7-1[0,0,200-0,H], cache29.l2ot7-1[0,0], ens-cache7.de4[0,0,200-0,H], ens-cache5.de4[1,0] x-oss-request-id 613C05639DDDB03139FB2E3B content-md5 JZh55uY6dxpD/nA8+sE9Og== age 25598467 x-cache HIT TCP_MEM_HIT dirn:-2:-2 x-swift-cachetime 53984122 x-swift-savetime Sat, 25 Dec 2021 05:49:29 GMT content-length 655 x-oss-object-type Normal last-modified Fri, 10 Sep 2021 15:43:30 GMT server Tengine etag "259879E6E63A771A43FE703CFAC13D3A" ali-swift-global-savetime 1631323491 content-type text/css access-control-allow-origin * cache-control max-age=63072000 x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 11239235565440109175 eagleid 2ff62b1d16569219589831857e x-oss-server-time 2
GET H2	200	jquery-1.10.2.min.js Show response www.39458.com/static/javascripts/	91 KB 36 KB	196ms 195ms	Script application/javascript	23.231.145.253 TAKE2
General Check archive.org Show headers Download Go to Full URL https://www.39458.com/static/javascripts/jquery-1.10.2.min.js Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.231.145.253 , United States, ASN20248 (TAKE2, US), Reverse DNS Software nginx / Resource Hash 6c1a56367032d031feb64ec8dda18f6fc4722d20ccf9391fdad5942e3d46fc31 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:58 GMT content-encoding gzip last-modified Thu, 02 Dec 2021 11:05:53 GMT server nginx etag W/"61a8a891-16b87" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 04 Jul 2022 20:05:58 GMT
GET H2	200	bash.js Show response www.39458.com/static/javascripts/	1 KB 605 B	384ms 383ms	Script application/javascript	23.231.145.253 TAKE2
General Check archive.org Show headers Download Go to Full URL https://www.39458.com/static/javascripts/bash.js Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.231.145.253 , United States, ASN20248 (TAKE2, US), Reverse DNS Software nginx / Resource Hash bd87b277ab23a31f82c177ae878c76ec0f927129a20468de02850ea267d8e4e6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:58 GMT content-encoding gzip last-modified Thu, 02 Dec 2021 11:05:53 GMT server nginx etag W/"61a8a891-56e" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 04 Jul 2022 20:05:58 GMT
GET H2	200	logo.png www.39458.com/static/images/	14 KB 14 KB	193ms 193ms	Image image/png	23.231.145.253 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL https://www.39458.com/static/images/logo.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.231.145.253 , United States, ASN20248 (TAKE2, US), Reverse DNS Software nginx / Resource Hash 639014909c655a425ee7a2333df4c856fc1d7aeea7446637267b1f6b6b7c8658 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT last-modified Sun, 05 Jun 2022 15:19:51 GMT server nginx etag "629cc997-3849" strict-transport-security max-age=31536000 content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 14409 expires Wed, 03 Aug 2022 08:05:59 GMT
GET H2	404	06845124576521969.png ast.zgbqlyy.com/navi/	0 0	627ms 191ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845124576521969.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06845125845798953.png ast.zgbqlyy.com/navi/	0 0	620ms 192ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845125845798953.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06845134360643832.png ast.zgbqlyy.com/navi/	0 0	620ms 192ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845134360643832.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06845134691202433.png ast.zgbqlyy.com/navi/	0 0	620ms 192ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845134691202433.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06845134967367633.png ast.zgbqlyy.com/navi/	0 0	808ms 380ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845134967367633.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06845135806059856.png ast.zgbqlyy.com/navi/	0 0	805ms 378ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845135806059856.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06845136129416013.png ast.zgbqlyy.com/navi/	0 0	589ms 190ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845136129416013.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06845136605233278.png ast.zgbqlyy.com/navi/	0 0	589ms 190ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845136605233278.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06831428620561815.png ast.zgbqlyy.com/navi/	0 0	588ms 189ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06831428620561815.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	404	06845138413812691.png ast.zgbqlyy.com/navi/	0 0	589ms 191ms	Image text/html	103.211.127.188 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL https://ast.zgbqlyy.com/navi/06845138413812691.png Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.211.127.188 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
GET H2	200	9c4a4b7ed6c719945a79752259f06c65.jpg gp.48kkk.us/Public/gp/	63 KB 64 KB	764ms 710ms	Image image/jpeg	2606:4700:20::681a:e98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gp.48kkk.us/Public/gp/9c4a4b7ed6c719945a79752259f06c65.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 934730c022da535e22ebfe7b2f2bb87a020d8ddab5a6c8f1f8589f256ec827b6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT cf-cache-status MISS last-modified Sat, 04 Jun 2022 23:08:01 GMT server cloudflare etag "629be5d1-fc7b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT%2BoUA%2FgeYK7FeMzhpZ%2BklXYHcMgFAgQ5PDAxYDhevTdxdKRgQVtn05sLtf3GBrIgpgZ%2F4vVK9VveAtbp6gSnUF%2Flk%2FfP6y7GuA683TjHiUSWUmmieoAO6V9ijsrrMPK%2FFf6Oa6WBOna"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 72565be57e40badc-MXP content-length 64635 expires Wed, 03 Aug 2022 08:05:59 GMT
GET H2	200	sbx.jpg tutu.finance/xianggang/2022/col/42/	107 KB 108 KB	157ms 22ms	Image image/webp	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tutu.finance/xianggang/2022/col/42/sbx.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c28f912a4682aea9889f835fc5c2c3af2121191e9afac159289af123bf0ac7dc Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 920 x-powered-by ASP.NET content-disposition inline; filename="sbx.webp" content-length 110074 last-modified Mon, 04 Jul 2022 03:55:15 GMT server cloudflare etag "337843de598fd81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5RDNXI48qz82cd7kWcSN5wfm6iB5KyxagbgyCZIdhChiVIyhU9wTGw%2BDA1OT8LIkqCS7PRg77ThtD9ues47JC1fwShQ9wtxDqxCAAc4JS%2BP70BlhEdXE2frkl9yqQjRx7D9UkegIQtrIw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=7200 cf-polished qual=85, origFmt=jpeg, origSize=163547 accept-ranges bytes cf-ray 72565be5fd1b3760-MXP cf-bgj imgq:85,h2pri
GET H2	200	amsbx.jpg tutu.finance/aomen/2022/col/185/	98 KB 99 KB	675ms 540ms	Image image/webp	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tutu.finance/aomen/2022/col/185/amsbx.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5db3da5833fab58477a2ee47f4466af401c85e4aae883d864071ca74d51856c9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET content-disposition inline; filename="amsbx.webp" content-length 100592 last-modified Sun, 03 Jul 2022 16:52:00 GMT server cloudflare etag "4920c936fd8ed81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mznf%2FYO5LOyBZ14l1LLstGw8UL9czJRdgHW%2BgK%2BdxiBFMV4ZgOeptguDsj2c1j%2FvLDEY8qzr2Ym9PM%2FoZX0gkqOBoHOXLy2vBIdgbbskUgIevCP%2B2Q61xafBt9r7i3Os98qbgr6nE5CzTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=7200 cf-polished qual=85, origFmt=jpeg, origSize=142197 accept-ranges bytes cf-ray 72565be5fd1d3760-MXP cf-bgj imgq:85,h2pri
GET H2	200	mhcz.jpg tutu.finance/xianggang/2022/col/42/	32 KB 33 KB	173ms 38ms	Image image/webp	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tutu.finance/xianggang/2022/col/42/mhcz.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ceb16a09e0483d66e12fb07b3005485c5843bd746023c7596445eef6c035b9ec Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 920 x-powered-by ASP.NET content-disposition inline; filename="mhcz.webp" content-length 33056 last-modified Mon, 04 Jul 2022 04:10:05 GMT server cloudflare etag "e181bf15b8fd81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gk6sIS%2F2ezJTOUhoNOAlubMG5sURJiW73ZwjaET3x6qY%2FL9VAmZ00CAYjd0rJl54Xz1%2BXiZMFJUma%2BeQNJD7LNnjdvarlVKepOYU20Y8BHO55UbRxpu9MzkNBCRq%2FvIQLy1qT6C01wYsNQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=7200 cf-polished qual=85, origFmt=jpeg, origSize=62828 accept-ranges bytes cf-ray 72565be5fd1e3760-MXP cf-bgj imgq:85,h2pri
GET H2	200	ammh.jpg tutu.finance/aomen/2022/col/185/	29 KB 29 KB	622ms 515ms	Image image/webp	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tutu.finance/aomen/2022/col/185/ammh.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2ec5eaa0786e4bc2148b0504458b899c5c93ff87d0669711b9188a862dfadba5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET content-disposition inline; filename="ammh.webp" content-length 29766 last-modified Sun, 03 Jul 2022 16:51:54 GMT server cloudflare etag "499d8533fd8ed81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15bcnAMEx1UKD5EBZEhn3yQa3s3oFPj7q3j%2FtSjdsWtH8tIFAorQd4SvJJVTSwvg5Nld2I75H9hsAs9rct%2BoW3lPmHWGF1E2OQQE5JHkJXwOn9iw%2BWcZJfw420mlNjqvLjJ2vTAO5HHDnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=7200 cf-polished qual=85, origFmt=jpeg, origSize=55844 accept-ranges bytes cf-ray 72565be5fd203760-MXP cf-bgj imgq:85,h2pri
GET H2	200	p9.jpg tutu.finance/xianggang/2022/col/42/	317 KB 318 KB	150ms 42ms	Image image/webp	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tutu.finance/xianggang/2022/col/42/p9.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5ed84d2a4ee59c2fdb1ab7a49972e77c02b767e561a9cc45d92521c0357e4f62 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 919 x-powered-by ASP.NET content-disposition inline; filename="p9.webp" content-length 324882 last-modified Mon, 04 Jul 2022 02:41:59 GMT server cloudflare etag "f82313a24f8fd81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BXxoC30z3prnTP76kmwrta6J0tVhqDT6zNwtP7juOWdGoE4eq5Q0re5Z4sgEJixKfXBYIFZ21%2BGI7FuYWDedEqq5lBjnzMOWbY0ARU6CoPRRcPF%2FshhUh1U0WDiy0OrslAxoXKBJy%2Fa0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=7200 cf-polished qual=85, origFmt=jpeg, origSize=746314 accept-ranges bytes cf-ray 72565be5fd213760-MXP cf-bgj imgq:85,h2pri
GET H2	200	ampgt.jpg tutu.finance/aomen/2022/col/185/	406 KB 407 KB	1254ms 1146ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tutu.finance/aomen/2022/col/185/ampgt.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b4bc654a5f652d437f1283666a77cb1025339ef887a90dea7e2232909d33d03b Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:06:00 GMT vary Accept-Encoding cf-cache-status MISS last-modified Sun, 03 Jul 2022 13:57:54 GMT server cloudflare x-powered-by ASP.NET etag "cfdd39e4e48ed81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POv%2BaAttqNkvaJwEKELm2sUKQLdilUFCwEYMe4vzoSccg4HfwdhApSIlSOF9e4VH8ANkpqfEP7a%2FuPCdyvOPV2J0r9gLtKD1fmskd%2FeClIyLahNe8HO%2BVoLjvQSmcpP3UAwrJV9CkTkaPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=7200 accept-ranges bytes cf-ray 72565be5fd1f3760-MXP content-length 415667
GET H2	200	pt06.jpg tutu.finance/xianggang/2022/col/42/	156 KB 157 KB	26ms 25ms	Image image/webp	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tutu.finance/xianggang/2022/col/42/pt06.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ac58ae8f391db0add69789483ef49acacc901832fafbd201c558c80d28de1fa7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 919 x-powered-by ASP.NET content-disposition inline; filename="pt06.webp" content-length 159846 last-modified Sun, 03 Jul 2022 14:09:27 GMT server cloudflare etag "1688281e68ed81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCyWGJKikuckHc%2BtZ3R1fqEHlxhBXYzgc6SQ9YcylDBmhrocCaSQAePU%2FR7glXn49aOYMoIILWINIOWoLj57vvGQgpAhlWl6THVQMGW%2B2pXo4Dtq4hYl9heNLXH5zCIRHIAlRdp5v7RxSA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=7200 cf-polished qual=85, origFmt=jpeg, origSize=252005 accept-ranges bytes cf-ray 72565be64d6c3760-MXP cf-bgj imgq:85,h2pri
GET H2	200	pt06.jpg tutu.finance/aomen/2022/col/185/	223 KB 224 KB	1173ms 1172ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tutu.finance/aomen/2022/col/185/pt06.jpg Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 388cdbc21fa89ac55ef77f9698d09a58a5c6eab8385e84688ca459db9bc86b66 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:06:00 GMT vary Accept-Encoding cf-cache-status MISS last-modified Sun, 03 Jul 2022 14:36:03 GMT server cloudflare x-powered-by ASP.NET etag "c08ebf38ea8ed81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej5rZ8VcoOrnRarzMvbh8qklim3ONnZR%2F3dCtAMTe5bnRERLXjM6o3QV%2B7Zwkt79NTK%2F6mIx9Iy3kwPIxFzJiPEPFnIZDSZMN5xZro%2FivH9jokl7gqkc0c64RHcbM%2Bhu4qVvaHoZnNe82w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=7200 accept-ranges bytes cf-ray 72565be64d6d3760-MXP content-length 228316
GET		wx.js www.jckqyy.com/	0 0
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	30 KB 12 KB	1962ms 410ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?f7101b31c2dbea53f67858cd97721df2 Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 7f2af2a82fef78ca5e174506ed3ef91d98e8694660f0d53b27ba35b597997543 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 08:06:01 GMT Content-Encoding gzip Server apache Etag adcb8ae5fdbd479a35f07b196b117f67 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 11293
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	30 KB 12 KB	1974ms 420ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?6ef9603bc7ef53dc5a1c7af6c9aa6ef0 Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 4bda6dc47837793d881377995a81f037e17165c3b474d3e08a1592b0135e849c Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Mon, 04 Jul 2022 08:06:01 GMT Content-Encoding gzip Server apache Etag 7cbb7a10aefdcadcfc7c3e9cc3ff2e81 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 11294
GET		common.js www.jckqyy.com/	0 0
GET H2	200	amkj.html Show response le2.cc/p/ Frame 0387	43 KB 19 KB	879ms 446ms	Document text/html	103.214.166.20 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL https://le2.cc/p/amkj.html Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.214.166.20 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash 7c298d4e893b0ee53dae8e4e3fe22c0d749f3186433d6119094f719a9f424761 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.39458.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Mon, 04 Jul 2022 08:05:59 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	iding.png www.39458.com/static/images/	3 KB 3 KB	192ms 191ms	Image image/png	23.231.145.253 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL https://www.39458.com/static/images/iding.png Requested by Host: www.39458.com URL: https://www.39458.com/static/css/home.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.231.145.253 , United States, ASN20248 (TAKE2, US), Reverse DNS Software nginx / Resource Hash 0f74b10abecb5ba04030eac696954e4e9ac1f4849c221ccfff70816ad3152518 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/static/css/home.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT last-modified Thu, 02 Dec 2021 11:05:53 GMT server nginx etag "61a8a891-a05" strict-transport-security max-age=31536000 content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2565 expires Wed, 03 Aug 2022 08:05:59 GMT
GET H2	200	font_2805178_apwa1emhlkv.woff2 at.alicdn.com/t/	1 KB 2 KB	20ms 7ms	Font font/woff2	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://at.alicdn.com/t/font_2805178_apwa1emhlkv.woff2?t=1631288610255 Requested by Host: at.alicdn.com URL: https://at.alicdn.com/t/font_2805178_apwa1emhlkv.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash c5be37ef9a57cff2a5fd92363a81fc1c445b62b143e32b8aaa891b0bb5d3bd34 Request headers Referer https://at.alicdn.com/t/font_2805178_apwa1emhlkv.css Origin https://www.39458.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 11 Sep 2021 01:24:53 GMT via cache23.l2ot7-1[0,0,200-0,H], cache25.l2ot7-1[0,0], ens-cache3.de4[0,0,200-0,H], ens-cache8.de4[1,0] x-oss-request-id 613C0565E3367F3535703323 content-md5 qEahladBcbkhWbKX5r43hg== age 25598466 x-cache HIT TCP_MEM_HIT dirn:10:139782183 x-swift-cachetime 22016123 x-swift-savetime Sat, 25 Dec 2021 05:49:30 GMT content-length 1264 x-oss-object-type Normal last-modified Fri, 10 Sep 2021 15:43:30 GMT server Tengine etag "A846A195A74171B92159B297E6BE3786" ali-swift-global-savetime 1631323493 content-type font/woff2 access-control-allow-origin * cache-control max-age=63072000 x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 5667995947281400352 eagleid 2ff62b2016569219592035936e x-oss-server-time 62
GET		push.js zz.bdstatic.com/linksubmit/	0 0
GET H2	200	bbb.gif www.39458.com/static/images/	4 KB 4 KB	192ms 192ms	Image image/gif	23.231.145.253 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL https://www.39458.com/static/images/bbb.gif Requested by Host: www.39458.com URL: https://www.39458.com/static/css/home.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.231.145.253 , United States, ASN20248 (TAKE2, US), Reverse DNS Software nginx / Resource Hash 3d412bd3a5fbab906742aa4c3c1546c6edebb870e908c05714499bc26f7b1f87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/static/css/home.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT last-modified Thu, 02 Dec 2021 11:05:53 GMT server nginx etag "61a8a891-1113" strict-transport-security max-age=31536000 content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 4371 expires Wed, 03 Aug 2022 08:05:59 GMT
GET H2	200	icate.png www.39458.com/static/images/	680 B 885 B	194ms 194ms	Image image/png	23.231.145.253 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL https://www.39458.com/static/images/icate.png Requested by Host: www.39458.com URL: https://www.39458.com/static/css/home.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.231.145.253 , United States, ASN20248 (TAKE2, US), Reverse DNS Software nginx / Resource Hash 606916abb88fd814da43597b9528484125819c18b567a60ccceb60f8ce66f5a6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/static/css/home.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:05:59 GMT last-modified Thu, 02 Dec 2021 11:05:53 GMT server nginx etag "61a8a891-2a8" strict-transport-security max-age=31536000 content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 680 expires Wed, 03 Aug 2022 08:05:59 GMT
GET H2	200	jquery183.js Show response le2.cc/static/index/js/ Frame 0387	91 KB 37 KB	194ms 194ms	Script application/javascript	103.214.166.20 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL https://le2.cc/static/index/js/jquery183.js Requested by Host: le2.cc URL: https://le2.cc/p/amkj.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.214.166.20 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash d3a9caa7eebc914c861dd7fb50145903d27ac6f52b18320eba2f3d313867a577 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://le2.cc/p/amkj.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:06:00 GMT content-encoding gzip last-modified Sat, 08 Aug 2020 10:01:50 GMT server nginx etag W/"5f2e780e-16d7d" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Mon, 04 Jul 2022 20:06:00 GMT
GET H2	200	bm_am.js Show response le2.cc/kj/ Frame 0387	82 B 295 B	189ms 189ms	XHR application/javascript	103.214.166.20 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL https://le2.cc/kj/bm_am.js?_=1656921960503 Requested by Host: le2.cc URL: https://le2.cc/static/index/js/jquery183.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.214.166.20 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash 814db11b806e1657849cd9164cdfb540c8568c31afa2af3e68e52ba7fe6f306c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://le2.cc/p/amkj.html X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 08:06:00 GMT last-modified Sun, 03 Jul 2022 13:43:35 GMT server nginx etag "62c19d07-52" strict-transport-security max-age=31536000 content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 82 expires Mon, 04 Jul 2022 20:06:00 GMT
GET DATA	200 OK	truncated / Frame 0387	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1836a0027a45c7aa22fcec0954babdbea21e9fd686f13b7581e8cce9c5224eff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 0387	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 33197024b06f488a6590409fdd724a85913851d54dba51a2ec5f8bf823a1011e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	394ms 394ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1568953569&si=f7101b31c2dbea53f67858cd97721df2&v=1.2.94&lv=1&sn=557&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.39458.com%2F&tt=2022%E6%BE%B3%E9%97%A8%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%20-%20%E6%9C%80%E5%A5%BD%E3%80%81%E6%9C%80%E5%BF%AB%E3%80%81%E6%9C%80%E5%85%A8%E7%9A%84%E8%B5%84%E6%96%99%E7%BD%91%E7%AB%99 Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Date Mon, 04 Jul 2022 08:06:02 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	410ms 410ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1591089077&si=6ef9603bc7ef53dc5a1c7af6c9aa6ef0&v=1.2.94&lv=1&sn=557&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.39458.com%2F&tt=2022%E6%BE%B3%E9%97%A8%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%20-%20%E6%9C%80%E5%A5%BD%E3%80%81%E6%9C%80%E5%BF%AB%E3%80%81%E6%9C%80%E5%85%A8%E7%9A%84%E8%B5%84%E6%96%99%E7%BD%91%E7%AB%99 Requested by Host: www.39458.com URL: https://www.39458.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.39458.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Date Mon, 04 Jul 2022 08:06:02 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.jckqyy.com

URL

http://www.jckqyy.com/wx.js

Domain

www.jckqyy.com

URL

http://www.jckqyy.com/common.js

Domain

zz.bdstatic.com

URL

https://zz.bdstatic.com/linksubmit/push.js

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| _hmt boolean| _bdhm_loaded_f7101b31c2dbea53f67858cd97721df2 object| mini_tangram_log_oyihzy boolean| _bdhm_loaded_6ef9603bc7ef53dc5a1c7af6c9aa6ef0 object| mini_tangram_log_kaf1jw

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.39458.com/	1969-12-31 23:59:59	Name: CMS_Session_ID Value: s71i2njkkn8an1ggbho8o5i5ri
			.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 9C63103DEA0FA121
			.www.39458.com/	1970-01-20 13:00:57	Name: Hm_lvt_f7101b31c2dbea53f67858cd97721df2 Value: 1656921962
			.www.39458.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f7101b31c2dbea53f67858cd97721df2 Value: 1656921962
			.www.39458.com/	1970-01-20 13:00:57	Name: Hm_lvt_6ef9603bc7ef53dc5a1c7af6c9aa6ef0 Value: 1656921962
			.www.39458.com/	1969-12-31 23:59:59	Name: Hm_lpvt_6ef9603bc7ef53dc5a1c7af6c9aa6ef0 Value: 1656921962

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845124576521969.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845125845798953.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845134360643832.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845134691202433.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845134967367633.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845135806059856.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845136129416013.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845136605233278.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06831428620561815.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845138413812691.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure script 'http://www.jckqyy.com/wx.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.39458.com/ Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure script 'http://www.jckqyy.com/common.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845124576521969.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845125845798953.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845134360643832.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845134691202433.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845134967367633.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845135806059856.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845136129416013.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845136605233278.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06831428620561815.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.39458.com/(Line 101) Message: Mixed Content: The page at 'https://www.39458.com/' was loaded over HTTPS, but requested an insecure element 'http://ast.zgbqlyy.com/navi/06845138413812691.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://ast.zgbqlyy.com/navi/06831428620561815.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845136129416013.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845136605233278.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845138413812691.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845124576521969.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845125845798953.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845134691202433.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845134360643832.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845135806059856.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ast.zgbqlyy.com/navi/06845134967367633.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ast.zgbqlyy.com
at.alicdn.com
gp.48kkk.us
hm.baidu.com
le2.cc
tutu.finance
www.39458.com
www.jckqyy.com
zz.bdstatic.com
www.jckqyy.com
zz.bdstatic.com
103.211.127.188
103.214.166.20
103.235.46.191
163.181.56.192
23.231.145.253
2606:4700:20::681a:e98
2606:4700:20::681a:ebf
0f74b10abecb5ba04030eac696954e4e9ac1f4849c221ccfff70816ad3152518
1836a0027a45c7aa22fcec0954babdbea21e9fd686f13b7581e8cce9c5224eff
2ec5eaa0786e4bc2148b0504458b899c5c93ff87d0669711b9188a862dfadba5
33197024b06f488a6590409fdd724a85913851d54dba51a2ec5f8bf823a1011e
388cdbc21fa89ac55ef77f9698d09a58a5c6eab8385e84688ca459db9bc86b66
3d412bd3a5fbab906742aa4c3c1546c6edebb870e908c05714499bc26f7b1f87
3d804b2ed08ece628bbd0b49104ef6f0a6ddd2ab2fe34a458b2f30f9fc8bc1ea
4bda6dc47837793d881377995a81f037e17165c3b474d3e08a1592b0135e849c
56fbe2ac8019d9cb1f2d09bc62dcd11385fd375a33ce531b9292926e0d7504ea
5db3da5833fab58477a2ee47f4466af401c85e4aae883d864071ca74d51856c9
5ed84d2a4ee59c2fdb1ab7a49972e77c02b767e561a9cc45d92521c0357e4f62
606916abb88fd814da43597b9528484125819c18b567a60ccceb60f8ce66f5a6
62eda6f792b9f9ed76d8c4f2782adce840121bc3b1c5f6c2aa3616419b3f4ac4
639014909c655a425ee7a2333df4c856fc1d7aeea7446637267b1f6b6b7c8658
6c1a56367032d031feb64ec8dda18f6fc4722d20ccf9391fdad5942e3d46fc31
7c298d4e893b0ee53dae8e4e3fe22c0d749f3186433d6119094f719a9f424761
7f2af2a82fef78ca5e174506ed3ef91d98e8694660f0d53b27ba35b597997543
814db11b806e1657849cd9164cdfb540c8568c31afa2af3e68e52ba7fe6f306c
934730c022da535e22ebfe7b2f2bb87a020d8ddab5a6c8f1f8589f256ec827b6
a3360c153a6df7158939fc16a17434d1ce87b899452123460a2a8d101390f4b0
ac58ae8f391db0add69789483ef49acacc901832fafbd201c558c80d28de1fa7
b4bc654a5f652d437f1283666a77cb1025339ef887a90dea7e2232909d33d03b
bd87b277ab23a31f82c177ae878c76ec0f927129a20468de02850ea267d8e4e6
c28f912a4682aea9889f835fc5c2c3af2121191e9afac159289af123bf0ac7dc
c5be37ef9a57cff2a5fd92363a81fc1c445b62b143e32b8aaa891b0bb5d3bd34
ceb16a09e0483d66e12fb07b3005485c5843bd746023c7596445eef6c035b9ec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3a9caa7eebc914c861dd7fb50145903d27ac6f52b18320eba2f3d313867a577
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855