urlscan.io logo urlscan.io
SecurityTrails logo

hskreading.com Open in urlscan Pro
104.21.90.81  Public Scan

Go To Rescan Add Verdict Report
URL: https://hskreading.com/
Submission: On April 07 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 104.21.90.81, located in and belongs to CLOUDFLARENET, US. The main domain is hskreading.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time hskreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 104.21.90.81 13335 (CLOUDFLAR...)
1 142.250.186.104 15169 (GOOGLE)
1 1 138.199.37.225 60068 (CDN77 ^_^)
2 45.76.1.8 20473 (AS-CHOOPA)
2 192.0.76.3 2635 (AUTOMATTIC)
4 142.250.181.227 15169 (GOOGLE)
2 142.250.186.78 15169 (GOOGLE)
18 6
7    104.21.90.81 (None, )

ASN13335 (CLOUDFLARENET, US)
hskreading.com
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
1    138.199.37.225 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-225.bunnyinfra.net
sp-ao.shortpixel.ai
2    45.76.1.8 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: mandarinspot.com
mandarinspot.com
api.mandarinspot.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
2    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
7 hskreading.com
hskreading.com
408 KB
4 gstatic.com
fonts.gstatic.com
94 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2973
pixel.wp.com — Cisco Umbrella Rank: 2697
3 KB
2 mandarinspot.com
mandarinspot.com
api.mandarinspot.com
14 KB
1 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 22178
696 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
44 KB
18 7
Domain Requested by
7 hskreading.com hskreading.com
4 fonts.gstatic.com hskreading.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 pixel.wp.com hskreading.com
1 api.mandarinspot.com mandarinspot.com
1 stats.wp.com hskreading.com
1 mandarinspot.com hskreading.com
1 sp-ao.shortpixel.ai 1 redirects
1 www.googletagmanager.com hskreading.com
18 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
mandarinspot.com
R3		 2023-02-05 -
2023-05-06		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hskreading.com/
Frame ID: 953934855B924C7CA34BD9C17EBEF04B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chinese Reading and Comprehension - HSKReading.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

6
IPs

3
Countries

584 kB
Transfer

2351 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://hskreading.com/wp-content/uploads/2019/02/HSK-READING-logo-comprehension-three.png HTTP 302
  • https://hskreading.com/wp-content/uploads/2019/02/HSK-READING-logo-comprehension-three.png

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hskreading.com/ 		37 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hskreading.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.90.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.4
Resource Hash
a3889dd87652327539270cd57022207331ed326906d8009b8f55b0eaba65ff86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2407, public
cf-cache-status
DYNAMIC
cf-ray
7b412ed73c6b35d9-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 07 Apr 2023 09:18:24 GMT
expires
Fri, 07 Apr 2023 09:58:32 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Fri, 07 Apr 2023 08:58:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FoT0SnfOYN%2FGwBio0rTrMbBdNgWauls%2FMwye%2FpI5CausEWfEBhoZ8XWWKCXiT2EoOb4jhXskgMDGx6MRBu1E%2BLB17%2B53qDIzOo7MsCsDWDlm%2F8ums%2FL0yxbaJsqgcZdKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Cookie
x-powered-by
W3 Total Cache/2.2.4
autoptimize_26fbce1d9976c5feaca5bcebf94804f8.css
hskreading.com/wp-content/cache/autoptimize/css/ 		258 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hskreading.com/wp-content/cache/autoptimize/css/autoptimize_26fbce1d9976c5feaca5bcebf94804f8.css
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.90.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.3
Resource Hash
1f0e55066b6b22ff4582c562583c9d68f399de951eddecc37ef2eee2fa82a965

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 09:18:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42156
cf-polished
origSize=264226
x-powered-by
W3 Total Cache/2.2.3
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 05 Apr 2023 09:07:22 GMT
server
cloudflare
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr33TLF9R2jINERa%2FwMsNmrH0Nqcg8xkrtPJnulZ3CZcGmBOEkVH9%2FZbldZqAMG8ggt7ypPwujEsrsFpylp0MeED3BLBEGQWuZzbacoOki%2F5zrBahobMGunmYoGLeZkc3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000, immutable
cf-ray
7b412eda8f6235d9-WAW
expires
Tue, 26 Mar 2024 21:35:48 GMT
8fe13048cceae6741dc36b9fe4122aa6.min.css
hskreading.com/wp-content/uploads/fusion-styles/ 		1 MB
139 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.90.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.3
Resource Hash
cc5a379db7e7bb66059bb8f0ad358321346c2ae4c7329c6dd66faf55438e0cf7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 09:18:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7921749
x-powered-by
W3 Total Cache/2.2.3
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Mar 2021 07:59:10 GMT
server
cloudflare
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RH8Xrefvi37QhYLF2hZOfdro4OXmp7%2Bd5f6WSaT0gHaXbG%2BsDt31MLJQsJTBXg41B8Cu3Y3OKGrVXr6GCLidWeqZPcVZvD39B2RsPvqgHpUAnYvuBeIKCszVC2LL8IgYyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7b412eda8f6335d9-WAW
expires
Fri, 05 Jan 2024 16:49:14 GMT
jquery.min.js
hskreading.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hskreading.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.90.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.3
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 09:18:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50165
x-powered-by
W3 Total Cache/2.2.3
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2023 19:55:50 GMT
server
cloudflare
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svAx2omqPrPyPI%2FNhMB5eXKNkLo2oZSpHIzu5spmeO2X%2BzvOueWLPjCYGf1UTAMOmGYWpPeRaYZ7633SXgeLbP737a19KTa9zco5JTqaXhzbQykIC3Qy4IPoojbD2lMIwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
7b412eda8f6435d9-WAW
expires
Fri, 05 Apr 2024 19:22:18 GMT
js
www.googletagmanager.com/gtag/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-86837432-2
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
08eba34ed36c63dec1d20f183b4f245e23752e5821bf688b4bb9c559302edd46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 09:18:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44997
x-xss-protection
0
last-modified
Fri, 07 Apr 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Apr 2023 09:18:24 GMT
HSK-READING-logo-comprehension-three.png
hskreading.com/wp-content/uploads/2019/02/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://hskreading.com/wp-content/uploads/2019/02/HSK-READING-logo-comprehension-three.png
  • https://hskreading.com/wp-content/uploads/2019/02/HSK-READING-logo-comprehension-three.png
30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hskreading.com/wp-content/uploads/2019/02/HSK-READING-logo-comprehension-three.png
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
H3
Server
104.21.90.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.3
Resource Hash
1ad48c5573d7a35e72ab5a9464a7bc014f70ecece0fd95f1ea42a04c8b410f90

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 09:18:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14926071
x-powered-by
W3 Total Cache/2.2.3
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30948
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Feb 2019 13:50:42 GMT
server
cloudflare
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95vjA9kgAVhA120HGKgma7FskrI3HRBhT3aHa3wHOx%2FI9q5zahHzboGdyksTY%2BV9zO4ypTavRHLgk1lrNYT8EAKuPxtLiH9jWR0cavLvIMj0nqwL9EkJ7%2B5mBtlaihjakw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b412edcceb45012-WAW
expires
Mon, 16 Oct 2023 15:10:33 GMT

Redirect headers

date
Fri, 07 Apr 2023 09:18:24 GMT
cdn-edgestorageid
1055
cdn-cachedat
04/06/2023 19:06:13
cdn-pullzone
257218
cdn-tag
0; Domain: hskreading.com; 302
content-length
0
pragma
cache
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://hskreading.com/wp-content/uploads/2019/02/HSK-READING-logo-comprehension-three.png
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-requestid
48f9df7f47585436b84d86c9964e0466
cdn-requestcountrycode
PL
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
302
cdn-requestpullsuccess
True
mandarinspot.min.js
mandarinspot.com/static/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandarinspot.com/static/mandarinspot.min.js
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.76.1.8 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
mandarinspot.com
Software
nginx/1.20.1 /
Resource Hash
9fca48693e99853e3538a1f633fe896ac712a86d0f727186ce30a0708a5c9907

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 07 Apr 2023 09:18:24 GMT
Last-Modified
Sun, 19 Feb 2023 03:26:22 GMT
Server
nginx/1.20.1
ETag
"63f196de-2975"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10613
e-202314.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202314.js
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT hhn
date
Fri, 07 Apr 2023 09:18:24 GMT
content-encoding
br
server
nginx
etag
W/"62f6b688-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 31 Mar 2024 01:58:02 GMT
autoptimize_545c02399bce9ab7484603bdb82d1444.js
hskreading.com/wp-content/cache/autoptimize/js/ 		497 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hskreading.com/wp-content/cache/autoptimize/js/autoptimize_545c02399bce9ab7484603bdb82d1444.js
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.90.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.3
Resource Hash
a070d4921e1b1c1bde68f3d13ad01f172cb7f18cd46e3e1fa0e73a7fd1d5809c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 09:18:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
691301
cf-polished
origSize=509220
x-powered-by
W3 Total Cache/2.2.3
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 09:13:08 GMT
server
cloudflare
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSrp91Lu9c8OtKX6rysMO8kMsvXey%2FKwfdlap9C2ueB%2B1hlExZjEMdh4fZNwXhML9WD0SfDiB%2FKT4uT%2B%2Byg7RKBjNKGCPLBWqvZKbFd4TB9A2IKZB5nT3dTNceCljHBukQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000, immutable
cf-ray
7b412edbadf55012-WAW
expires
Fri, 29 Mar 2024 09:16:43 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: hskreading.com
URL: https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Origin
https://hskreading.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 10:31:13 GMT
x-content-type-options
nosniff
age
254831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14380
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 10:31:13 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: hskreading.com
URL: https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Origin
https://hskreading.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 11:06:01 GMT
x-content-type-options
nosniff
age
252743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19172
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 11:06:01 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: hskreading.com
URL: https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Origin
https://hskreading.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 11:53:15 GMT
x-content-type-options
nosniff
age
249909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 11:53:15 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: hskreading.com
URL: https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Origin
https://hskreading.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 12:36:26 GMT
x-content-type-options
nosniff
age
247318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16256
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 12:36:26 GMT
icomoon.woff
hskreading.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		20 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hskreading.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by
Host: hskreading.com
URL: https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.90.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/2.2.3
Resource Hash
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4

Request headers

Referer
https://hskreading.com/wp-content/uploads/fusion-styles/8fe13048cceae6741dc36b9fe4122aa6.min.css?ver=3.3
Origin
https://hskreading.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 09:18:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7903753
x-powered-by
W3 Total Cache/2.2.3
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Mar 2021 19:57:21 GMT
server
cloudflare
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmuA9VXYvDzeL00Z0kov0xHQw6Pnr3pT8xe%2B0%2Fw0VHvEzoaRhyoDQTkxOl%2F%2BcQ2QMqINMwI4AQS7jWh2qVEYbq5c3%2BBkdm%2F5MjNecCV4dEzaoQLhvmhudY0U5hx5IIRkNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=31536000
cf-ray
7b412edbce055012-WAW
expires
Fri, 05 Jan 2024 21:49:11 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-86837432-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 07 Apr 2023 08:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4392
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 07 Apr 2023 10:05:12 GMT
d14c78cf79dcbd5f74ce7173734edb70a2277e5b
api.mandarinspot.com/cache/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mandarinspot.com/cache/d14c78cf79dcbd5f74ce7173734edb70a2277e5b
Requested by
Host: mandarinspot.com
URL: https://mandarinspot.com/static/mandarinspot.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.76.1.8 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
mandarinspot.com
Software
nginx/1.20.1 /
Resource Hash
b676a3ff0f17216a770fe80c12332a854edb0017c80be3e56d6a029491e7bd89

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 07 Apr 2023 09:18:25 GMT
Server
nginx/1.20.1
Mspot-Flags
0
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Mspot-Flags
Cache-Control
public,max-age=604800
Connection
keep-alive
Content-Length
3495
Access-Control-Request-Headers
Content-type,Content-length
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=149979418&post=501&tz=0&srv=hskreading.com&j=1%3A12.0&host=hskreading.com&ref=&fcp=836&rand=0.9945500836930434
Requested by
Host: hskreading.com
URL: https://hskreading.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://hskreading.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 07 Apr 2023 09:18:24 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=145141057&t=pageview&_s=1&dl=https%3A%2F%2Fhskreading.com%2F&ul=en-us&de=UTF-8&dt=Chinese%20Reading%20and%20Comprehension%20-%20HSKReading.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2058881678&gjid=1650868256&cid=364377303.1680859105&tid=UA-86837432-2&_gid=1031076675.1680859105&_r=1&gtm=457e3430&jsscut=1&z=1026287694
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hskreading.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 07 Apr 2023 09:18:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hskreading.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless undefined| $ function| jQuery object| doc function| gtag object| dataLayer function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| mandarinspot object| _stq function| st_go function| linktracker_init object| wpcom function| bgExpandCollapsedContent function| bgExpandCollapsedContentAction function| bgSelectedEffect object| cssua object| fusionBgImageVars object| fusionAnimationsVars function| fusionSetMobileAnimationData function| fusionSetAnimationData object| fusionJSVars object| fusion object| fusionLightboxVideoVars object| fusionEqualHeightVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| onYouTubeIframeAPIReady function| vimeoReady function| fusionInitVimeoPlayers object| fusionVideoGeneralVars object| fusionTimeout undefined| prevCallback function| insertParam function| registerYoutubePlayers function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| onPlayerReady function| ytVidId function| playVideoAndPauseOthers function| fusionYouTubeTimeout function| getWaypointOffset object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| fusionInitTooltips object| fusionBlogVars function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| avadaLiveSearchVars function| avadaLiveSearch object| avadaCommentVars object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider object| fusionRecentPostsVars object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaElasticSliderVars object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| getWaypointTopOffset object| avadaSidebarsVars function| fusionReSettStickySidebarStatus function| setStickySidebarStatus function| calcStickySidebarOffset function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| checkHoverTouchState object| fusionVideoVars function| fusionCalcColumnEqualHeights string| BG_SHCE_USE_EFFECTS string| BG_SHCE_TOGGLE_SPEED string| BG_SHCE_TOGGLE_OPTIONS string| BG_SHCE_TOGGLE_EFFECT object| addComment object| Modernizr function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| Waypoint object| browserPrefixes function| EventEmitter object| eventie function| imagesLoaded object| _fusionImageParallaxImages function| YTReady function| onYouTubePlayerAPIReady object| avadaLightBox object| $ilInstances object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| fusionEqualHeightsCids string| responsiveTypeElements string| fusionBaseFontSize number| lastYPosition boolean| scrollDisabled number| adminBarHeight object| gaplugins object| gaGlobal object| gaData number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| fusionVimeoPlayers boolean| mobileMenuSepAdded

3 Cookies

Domain/Path Name / Value
.hskreading.com/ Name: _ga
Value: GA1.2.364377303.1680859105
.hskreading.com/ Name: _gid
Value: GA1.2.1031076675.1680859105
.hskreading.com/ Name: _gat_gtag_UA_86837432_2
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mandarinspot.com
fonts.gstatic.com
hskreading.com
mandarinspot.com
pixel.wp.com
sp-ao.shortpixel.ai
stats.wp.com
www.google-analytics.com
www.googletagmanager.com
104.21.90.81
138.199.37.225
142.250.181.227
142.250.186.104
142.250.186.78
192.0.76.3
45.76.1.8
08eba34ed36c63dec1d20f183b4f245e23752e5821bf688b4bb9c559302edd46
1ad48c5573d7a35e72ab5a9464a7bc014f70ecece0fd95f1ea42a04c8b410f90
1f0e55066b6b22ff4582c562583c9d68f399de951eddecc37ef2eee2fa82a965
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9fca48693e99853e3538a1f633fe896ac712a86d0f727186ce30a0708a5c9907
a070d4921e1b1c1bde68f3d13ad01f172cb7f18cd46e3e1fa0e73a7fd1d5809c
a3889dd87652327539270cd57022207331ed326906d8009b8f55b0eaba65ff86
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b676a3ff0f17216a770fe80c12332a854edb0017c80be3e56d6a029491e7bd89
cc5a379db7e7bb66059bb8f0ad358321346c2ae4c7329c6dd66faf55438e0cf7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1