urlscan.io logo urlscan.io
SecurityTrails logo

www.citswd.com Open in urlscan Pro
47.244.229.7  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.citswd.com/news/28546.html
Submission: On September 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 47.244.229.7, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is www.citswd.com.
This is the only time www.citswd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 47.244.229.7 45102 (ALIBABA-C...)
1 112.34.113.148 9808 (CHINAMOBI...)
3 12 47.245.108.8 45102 (ALIBABA-C...)
2 103.235.46.191 55967 (BAIDU Bei...)
2 2409:8c14:f13... 9808 (CHINAMOBI...)
1 2409:8c20:5c6... 56046 (CMNET-JIA...)
1 182.61.201.94 38365 (BAIDU Bei...)
1 103.235.46.245 55967 (BAIDU Bei...)
26 9
8    47.244.229.7 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
www.citswd.com
1    112.34.113.148 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
push.zhanzhang.baidu.com
12    47.245.108.8 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
pay.83823.net
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    2409:8c14:f13:1201:3::3e7 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
s13.cnzz.com
c.cnzz.com
1    2409:8c20:5c64:2000::5 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)
z7.cnzz.com
1    182.61.201.94 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
api.share.baidu.com
1    103.235.46.245 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
api.map.baidu.com
Apex Domain
Subdomains		 Transfer
12 83823.net
pay.83823.net
146 KB
8 citswd.com
www.citswd.com
50 KB
5 baidu.com
push.zhanzhang.baidu.com — Cisco Umbrella Rank: 129717
hm.baidu.com — Cisco Umbrella Rank: 9975
api.share.baidu.com — Cisco Umbrella Rank: 92455
api.map.baidu.com — Cisco Umbrella Rank: 17422
13 KB
3 cnzz.com
s13.cnzz.com — Cisco Umbrella Rank: 278408
z7.cnzz.com
c.cnzz.com — Cisco Umbrella Rank: 75751
6 KB
26 4
Domain Requested by
12 pay.83823.net 3 redirects www.citswd.com
pay.83823.net
8 www.citswd.com www.citswd.com
2 hm.baidu.com www.citswd.com
1 api.map.baidu.com pay.83823.net
1 api.share.baidu.com www.citswd.com
1 c.cnzz.com s13.cnzz.com
1 z7.cnzz.com s13.cnzz.com
1 s13.cnzz.com www.citswd.com
1 push.zhanzhang.baidu.com www.citswd.com
26 9

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com
Subject Issuer Validity Valid
pay.83823.net
TrustAsia RSA DV TLS CA G2		 2022-12-17 -
2023-12-17		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-01-28 -
2024-02-29		 a year crt.sh

This page contains 1 frames:

Primary Page: http://www.citswd.com/news/28546.html
Frame ID: 283EA13A38DF17B8FD9A19D87F0F9254
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

《小蛮腰》歌词 — 萧忆情

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

42 %
HTTPS

25 %
IPv6

4
Domains

9
Subdomains

9
IPs

3
Countries

213 kB
Transfer

401 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://pay.83823.net/pay/statics/ab.min.js HTTP 301
  • https://pay.83823.net/pay/statics/ab.min.js
Request Chain 16
  • http://pay.83823.net/pay/statics/pc-b1.js?1693839600 HTTP 301
  • https://pay.83823.net/pay/statics/pc-b1.js?1693839600
Request Chain 21
  • http://pay.83823.net/pay/statics/img/pay.jpg HTTP 301
  • https://pay.83823.net/pay/statics/img/pay.jpg

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 28546.html
www.citswd.com/news/ 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Server
47.244.229.7 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
8238461f3b2ac2006b896316f58df0bdfbbdaa41b3f4f86ea84ac0ca4da8ac15

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 15:34:19 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
common.css
www.citswd.com/statics/css/css_wm/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.citswd.com/statics/css/css_wm/common.css
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Server
47.244.229.7 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
de263d3cb19240bab9884bcb02bf62008cb8980480bf6a307c11376027418a04

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/news/28546.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2019 10:00:52 GMT
Server
nginx
ETag
W/"5dd66054-1ea3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
jquery.min.js
www.citswd.com/statics/js/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.citswd.com/statics/js/jquery.min.js
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Server
47.244.229.7 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
a360fd56076c9b4f48b0fc3d57d1f607fce84c43648c328f23c60b94f4fb4b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/news/28546.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jun 2014 15:22:02 GMT
Server
nginx
ETag
W/"53a9979a-1698c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
base.js
www.citswd.com/statics/js/js_wm/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.citswd.com/statics/js/js_wm/base.js
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Server
47.244.229.7 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ecc5b9c486fc15d5f09fb800413082151fe2e9d10e19bdb1ac9ff715a7bade53

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/news/28546.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Dec 2021 09:22:09 GMT
Server
nginx
ETag
W/"61cecbc1-7a4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
uaredirect.js
www.citswd.com/statics/js/js_wm/ 		818 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.citswd.com/statics/js/js_wm/uaredirect.js
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Server
47.244.229.7 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
6d549dd1f3c1156783bc705c8a58f72836a164180d547c6f73295a962cd02606

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/news/28546.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:19 GMT
Last-Modified
Fri, 13 Jul 2018 11:35:40 GMT
Server
nginx
ETag
"5b488e8c-332"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
818
logo.gif
www.citswd.com/statics/images/images_wm/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.citswd.com/statics/images/images_wm/logo.gif
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Server
47.244.229.7 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
bf2b4886d93fa71ab9b5c51ea1c8b9baa1121b822072336caa0285160d0ced26

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/news/28546.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:19 GMT
Last-Modified
Sat, 21 Nov 2020 06:50:46 GMT
Server
nginx
ETag
"5fb8b8c6-1960"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6496
api.php
www.citswd.com/ 		111 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.citswd.com/api.php?op=count&id=28546&modelid=1
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Server
47.244.229.7 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
5c4153a9d18adae413dcf41e843ca0d92e27b192203207642f959f31a9699d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/news/28546.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:19 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Connection
keep-alive
push.js
push.zhanzhang.baidu.com/ 		281 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/statics/js/js_wm/base.js
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
Content-Type
text/javascript
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
227
Expires
Tue, 03 Sep 2024 15:34:22 GMT
cpt3.js
pay.83823.net/pay/statics/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.83823.net/pay/statics/cpt3.js
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/statics/js/js_wm/base.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
066cc1d7c1eeec4a43c535f868d2372540664633dc00cc039db282e447de7acb

Request headers

Referer
http://www.citswd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 04 Sep 2023 15:34:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Dec 2021 09:16:51 GMT
Server
nginx
ETag
W/"61ceca83-6ec"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
bg.gif
www.citswd.com/statics/images/images_wm/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.citswd.com/statics/images/images_wm/bg.gif
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/statics/css/css_wm/common.css
Protocol
HTTP/1.1
Server
47.244.229.7 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
455cc18822598f7f7594a0c5f16acf6d7642554ed7425ceebfd9a955a5d0ccec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/statics/css/css_wm/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:19 GMT
Last-Modified
Thu, 21 Nov 2019 09:58:36 GMT
Server
nginx
ETag
"5dd65fcc-847"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2119
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?b9182dfe6626d795db3df2b927868b50
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
7153db50b8636bef16b59a0311ed00be6318d048af1ab20ae3ff2276c78adff6
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:21 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
7c6f7db9f7b75ca64d6bdd47f0b09f8f
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11254
z_stat.php
s13.cnzz.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s13.cnzz.com/z_stat.php?id=1275092092&web_id=1275092092
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/statics/js/js_wm/base.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2409:8c14:f13:1201:3::3e7 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
ee0213e48b0e3d80b044041de3172cb83fdda61f4c316777298c7d91fcf617ed

Request headers

Referer
http://www.citswd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 04 Sep 2023 15:29:55 GMT
via
cache47.l2cn3032[0,0,304-0,H], cache65.l2cn3032[1,0], cache26.cn6251[32,39,200-0,H], cache12.cn6251[41,0]
content-encoding
gzip
age
267
x-swift-cachetime
33
x-cache
HIT TCP_REFRESH_HIT dirn:9:257284520
x-swift-savetime
Mon, 04 Sep 2023 15:34:22 GMT
content-length
4779
server
Tengine
etag
W/"3863048883808959225"
vary
accept-encoding
ali-swift-global-savetime
1693841395
content-type
application/javascript
cache-control
public, max-age=300
timing-allow-origin
*
eagleid
78c967a016938416619717867e
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=795531480&si=b9182dfe6626d795db3df2b927868b50&v=1.3.0&lv=1&sn=24052&r=0&ww=1600&u=http%3A%2F%2Fwww.citswd.com%2Fnews%2F28546.html&tt=%E3%80%8A%E5%B0%8F%E8%9B%AE%E8%85%B0%E3%80%8B%E6%AD%8C%E8%AF%8D%20%E2%80%94%20%E8%90%A7%E5%BF%86%E6%83%85
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 15:34:21 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
stat.htm
z7.cnzz.com/ 		2 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://z7.cnzz.com/stat.htm?id=1275092092&r=&lg=en-us&ntime=none&cnzz_eid=1743539579-1693841662-&showp=1600x1200&p=http%3A%2F%2Fwww.citswd.com%2Fnews%2F28546.html&t=%E3%80%8A%E5%B0%8F%E8%9B%AE%E8%85%B0%E3%80%8B%E6%AD%8C%E8%AF%8D%20%E2%80%94%20%E8%90%A7%E5%BF%86%E6%83%85&umuuid=18a60d4a1163b6-091b7cbd490e84-603b525b-1d4c00-18a60d4a117f28&h=1
Requested by
Host: s13.cnzz.com
URL: https://s13.cnzz.com/z_stat.php?id=1275092092&web_id=1275092092
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2409:8c20:5c64:2000::5 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:34:25 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
c.js
c.cnzz.com/ 		880 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/c.js?web_id=1275092092&t=z
Requested by
Host: s13.cnzz.com
URL: https://s13.cnzz.com/z_stat.php?id=1275092092&web_id=1275092092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2409:8c14:f13:1201:3::3e7 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
fed572c762d3dd2977e68121c19a8d19e24c35d4938ac6d9626300146e96928f

Request headers

Referer
http://www.citswd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 04 Sep 2023 15:29:55 GMT
via
cache23.l2cn3032[0,0,304-0,H], cache1.l2cn3032[0,0], cache1.cn6251[57,58,200-0,H], cache12.cn6251[60,0]
content-encoding
gzip
age
267
x-swift-cachetime
54
x-cache
HIT TCP_REFRESH_HIT dirn:9:255070507
x-swift-savetime
Mon, 04 Sep 2023 15:34:22 GMT
content-length
573
server
Tengine
etag
W/"1206371130415125862"
vary
accept-encoding
ali-swift-global-savetime
1693841395
content-type
text/plain; charset=utf-8
cache-control
public, max-age=321
timing-allow-origin
*
eagleid
78c967a016938416626894145e
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://www.citswd.com/news/28546.html
Requested by
Host: www.citswd.com
URL: http://www.citswd.com/news/28546.html
Protocol
HTTP/1.1
Server
182.61.201.94 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:23 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
ab.min.js
pay.83823.net/pay/statics/
Redirect Chain
  • http://pay.83823.net/pay/statics/ab.min.js
  • https://pay.83823.net/pay/statics/ab.min.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.83823.net/pay/statics/ab.min.js
Protocol
HTTP/1.1
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
32e97c99e10cf0df492ccc7a2a99993b775c34458cf84a8ce91ebbfdb70490fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 04:33:09 GMT
Server
nginx
ETag
W/"61bac185-127d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive

Redirect headers

Location
https://pay.83823.net/pay/statics/ab.min.js
Date
Mon, 04 Sep 2023 15:34:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
pc-b1.js
pay.83823.net/pay/statics/
Redirect Chain
  • http://pay.83823.net/pay/statics/pc-b1.js?1693839600
  • https://pay.83823.net/pay/statics/pc-b1.js?1693839600
42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.83823.net/pay/statics/pc-b1.js?1693839600
Protocol
HTTP/1.1
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c45d7c3abe71c571e7e330c80530f83c387db15313d03462b36c82996a7135ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Sep 2022 08:26:39 GMT
Server
nginx
ETag
W/"6317043f-a8cd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive

Redirect headers

Location
https://pay.83823.net/pay/statics/pc-b1.js?1693839600
Date
Mon, 04 Sep 2023 15:34:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
jquery.min.js
pay.83823.net/pay/statics/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.83823.net/pay/statics/jquery.min.js
Requested by
Host: pay.83823.net
URL: http://pay.83823.net/pay/statics/pc-b1.js?1693839600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 04:33:09 GMT
Server
nginx
ETag
W/"61bac185-169d9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
js.cookie.min.js
pay.83823.net/pay/statics/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.83823.net/pay/statics/js.cookie.min.js
Requested by
Host: pay.83823.net
URL: http://pay.83823.net/pay/statics/pc-b1.js?1693839600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0b1aa0b9443038da4da13a9cf13dff08098a9c2f6c56d1016b7e23dfaf8707ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 04:33:09 GMT
Server
nginx
ETag
W/"61bac185-643"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
ip
api.map.baidu.com/location/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://api.map.baidu.com/location/ip?callback=jQuery191011442668340696538_1693841664472&ak=0NFUGF8540eD5nDbKS0haWnQzLChxaXG&coor=gcj02&_=1693841664473
Requested by
Host: pay.83823.net
URL: https://pay.83823.net/pay/statics/jquery.min.js
Protocol
HTTP/1.1
Server
103.235.46.245 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
free
pay.83823.net/v1/trade/qr/ 		0
0
pay.jpg
pay.83823.net/pay/statics/img/
Redirect Chain
  • http://pay.83823.net/pay/statics/img/pay.jpg
  • https://pay.83823.net/pay/statics/img/pay.jpg
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.83823.net/pay/statics/img/pay.jpg
Protocol
HTTP/1.1
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3af186f5193574292d7adb756d93e450636acbc2d615a8d3727480edb0b0272e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:25 GMT
Last-Modified
Thu, 16 Dec 2021 04:33:09 GMT
Server
nginx
ETag
"61bac185-2ebe"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11966

Redirect headers

Location
https://pay.83823.net/pay/statics/img/pay.jpg
Date
Mon, 04 Sep 2023 15:34:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
zhifu_cg.png
pay.83823.net/pay/statics/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.83823.net/pay/statics/img/zhifu_cg.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
53479a2ff1d7ad9071459e47a71db1888803bd8b209da39565a9653650fbacfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:25 GMT
Last-Modified
Thu, 16 Dec 2021 04:33:09 GMT
Server
nginx
ETag
"61bac185-2ac6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10950
wxzhifu_load.gif
pay.83823.net/pay/statics/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.83823.net/pay/statics/img/wxzhifu_load.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0e43992370321958a17ffe60e71f09913507890473b3605bc989c974d73a4dfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:25 GMT
Last-Modified
Thu, 16 Dec 2021 04:33:09 GMT
Server
nginx
ETag
"61bac185-2d9f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11679
jiahaoyou.jpg
pay.83823.net/pay/statics/img/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.83823.net/pay/statics/img/jiahaoyou.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.245.108.8 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
80359fb65cb7f3a5cc1d0ea13b3e92441da06af4e702ca271ed26ec1aed7b8a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.citswd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 15:34:25 GMT
Last-Modified
Mon, 15 Aug 2022 15:35:32 GMT
Server
nginx
ETag
"62fa67c4-101a6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65958

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pay.83823.net
URL
http://pay.83823.net/v1/trade/qr/free?title=%E3%80%8A%E5%B0%8F%E8%9B%AE%E8%85%B0%E3%80%8B%E6%AD%8C%E8%AF%8D+%E2%80%94+%E8%90%A7%E5%BF%86%E6%83%85&city=&longitude=&latitude=&k=0.8844687613720783

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| sh function| search function| s1 function| s2 function| s3 function| s4 function| s5 function| s6 function| s7 function| s8 function| s9 function| s10 function| tj function| uaredirect function| isSubdomain function| include_js object| _hmt boolean| _bdhm_loaded_b9182dfe6626d795db3df2b927868b50 object| mini_tangram_log_55m4m3 object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1275092092 function| _typeof function| ABTest object| ABTestUtils function| hashCode function| log function| setCookie function| getsec function| getCookie function| isPhoneNumber function| timestampToTime number| times string| domain_name string| BRANCH string| BRANCH_ID undefined| scan object| scan_list string| clipboard_qrimg string| zhezhao string| qr undefined| buystate undefined| setState number| price number| yprice number| goods number| expires boolean| is_paying boolean| been_block object| copyEle object| marksEle undefined| copyAlertTimeout string| city string| longitude string| latitude string| title string| cookieKey string| tradeHost string| loadQrImg string| referer string| style string| payAlert function| login function| rechargeMoney function| old_user_rechargemoney function| register function| Cookies undefined| jQuery191011442668340696538_1693841664472

6 Cookies

Domain/Path Name / Value
www.citswd.com/news/28546.html Name: abjs_ab_test
Value: a
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: C80860F5AADD71B4
.www.citswd.com/ Name: Hm_lvt_b9182dfe6626d795db3df2b927868b50
Value: 1693841662
.www.citswd.com/ Name: Hm_lpvt_b9182dfe6626d795db3df2b927868b50
Value: 1693841662
.citswd.com/ Name: UM_distinctid
Value: 18a60d4a1163b6-091b7cbd490e84-603b525b-1d4c00-18a60d4a117f28
www.citswd.com/ Name: CNZZDATA1275092092
Value: 1743539579-1693841662-%7C1693841662

8 Console Messages

Source Level URL
Text
javascript warning URL: http://www.citswd.com/statics/js/js_wm/base.js(Line 42)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pay.83823.net/pay/statics/cpt3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.citswd.com/statics/js/js_wm/base.js(Line 42)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pay.83823.net/pay/statics/cpt3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.citswd.com/statics/js/js_wm/base.js(Line 53)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s13.cnzz.com/z_stat.php?id=1275092092&web_id=1275092092, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.citswd.com/statics/js/js_wm/base.js(Line 53)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s13.cnzz.com/z_stat.php?id=1275092092&web_id=1275092092, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s13.cnzz.com/z_stat.php?id=1275092092&web_id=1275092092
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1275092092&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s13.cnzz.com/z_stat.php?id=1275092092&web_id=1275092092
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1275092092&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: http://www.citswd.com/news/28546.html
Message:
Access to XMLHttpRequest at 'http://pay.83823.net/v1/trade/qr/free?title=%E3%80%8A%E5%B0%8F%E8%9B%AE%E8%85%B0%E3%80%8B%E6%AD%8C%E8%AF%8D+%E2%80%94+%E8%90%A7%E5%BF%86%E6%83%85&city=&longitude=&latitude=&k=0.8844687613720783' from origin 'http://www.citswd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://pay.83823.net/v1/trade/qr/free?title=%E3%80%8A%E5%B0%8F%E8%9B%AE%E8%85%B0%E3%80%8B%E6%AD%8C%E8%AF%8D+%E2%80%94+%E8%90%A7%E5%BF%86%E6%83%85&city=&longitude=&latitude=&k=0.8844687613720783
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.map.baidu.com
api.share.baidu.com
c.cnzz.com
hm.baidu.com
pay.83823.net
push.zhanzhang.baidu.com
s13.cnzz.com
www.citswd.com
z7.cnzz.com
pay.83823.net
103.235.46.191
103.235.46.245
112.34.113.148
182.61.201.94
2409:8c14:f13:1201:3::3e7
2409:8c20:5c64:2000::5
47.244.229.7
47.245.108.8
066cc1d7c1eeec4a43c535f868d2372540664633dc00cc039db282e447de7acb
0b1aa0b9443038da4da13a9cf13dff08098a9c2f6c56d1016b7e23dfaf8707ae
0e43992370321958a17ffe60e71f09913507890473b3605bc989c974d73a4dfc
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
32e97c99e10cf0df492ccc7a2a99993b775c34458cf84a8ce91ebbfdb70490fd
3af186f5193574292d7adb756d93e450636acbc2d615a8d3727480edb0b0272e
455cc18822598f7f7594a0c5f16acf6d7642554ed7425ceebfd9a955a5d0ccec
53479a2ff1d7ad9071459e47a71db1888803bd8b209da39565a9653650fbacfb
5c4153a9d18adae413dcf41e843ca0d92e27b192203207642f959f31a9699d3d
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6d549dd1f3c1156783bc705c8a58f72836a164180d547c6f73295a962cd02606
7153db50b8636bef16b59a0311ed00be6318d048af1ab20ae3ff2276c78adff6
80359fb65cb7f3a5cc1d0ea13b3e92441da06af4e702ca271ed26ec1aed7b8a8
8238461f3b2ac2006b896316f58df0bdfbbdaa41b3f4f86ea84ac0ca4da8ac15
a360fd56076c9b4f48b0fc3d57d1f607fce84c43648c328f23c60b94f4fb4b4d
bf2b4886d93fa71ab9b5c51ea1c8b9baa1121b822072336caa0285160d0ced26
c45d7c3abe71c571e7e330c80530f83c387db15313d03462b36c82996a7135ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de263d3cb19240bab9884bcb02bf62008cb8980480bf6a307c11376027418a04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc5b9c486fc15d5f09fb800413082151fe2e9d10e19bdb1ac9ff715a7bade53
ee0213e48b0e3d80b044041de3172cb83fdda61f4c316777298c7d91fcf617ed
fed572c762d3dd2977e68121c19a8d19e24c35d4938ac6d9626300146e96928f