urlscan.io logo urlscan.io
SecurityTrails logo

www.ryedu.net Open in urlscan Pro
103.90.137.19  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ryedu.net/
Submission: On September 30 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 59 HTTP transactions. The main IP is 103.90.137.19, located in Hong Kong and belongs to ITACE-AS-AP Itace International Limited, HK. The main domain is www.ryedu.net.
TLS certificate: Issued by TrustAsia TLS RSA CA on October 17th 2019. Valid for: a year.
This is the only time www.ryedu.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 103.90.137.19 134705 (ITACE-AS-...)
2 222.188.8.250 4134 (CHINANET-...)
2 103.235.46.191 55967 (BAIDU Bei...)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 42.81.8.133 58542 (CHINATELE...)
1 113.105.172.35 134763 (CT-DONGGU...)
2 111.206.37.189 4808 (CHINA169-...)
1 203.119.206.97 37963 (CNNIC-ALI...)
1 2600:9000:215... 16509 (AMAZON-02)
2 183.232.231.117 9808 (CMNET-GD ...)
1 2600:9000:21f... 16509 (AMAZON-02)
1 180.163.251.231 4812 (CHINANET-...)
2 2a00:1450:400... 15169 (GOOGLE)
59 15
29    103.90.137.19 (Hong Kong)

ASN134705 (ITACE-AS-AP Itace International Limited, HK)
www.ryedu.net
2    222.188.8.250 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
s96.cnzz.com
c.cnzz.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
10    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    42.81.8.133 (China)

ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN)
r.99waiyu.com
y.99waiyu.com
1    113.105.172.35 (Dongguan, China)

ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN)
cpro.baidustatic.com
2    111.206.37.189 (Beijing, China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
push.zhanzhang.baidu.com
api.share.baidu.com
1    203.119.206.97 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
hzs5.cnzz.com
1    2600:9000:2156:8000:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)
jspassport.ssl.qhimg.com
2    183.232.231.117 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)
pos.baidu.com
1    2600:9000:21f3:b000:11:1b7a:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ssl.qhres.com
1    180.163.251.231 (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)
s.360.cn
2    2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
29 www.ryedu.net www.ryedu.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com www.ryedu.net
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 pos.baidu.com r.99waiyu.com
2 r.99waiyu.com www.ryedu.net
r.99waiyu.com
2 hm.baidu.com www.ryedu.net
1 y.99waiyu.com r.99waiyu.com
1 s.360.cn www.ryedu.net
1 s.ssl.qhres.com jspassport.ssl.qhimg.com
1 api.share.baidu.com www.ryedu.net
1 jspassport.ssl.qhimg.com www.ryedu.net
1 hzs5.cnzz.com www.ryedu.net
1 c.cnzz.com s96.cnzz.com
1 push.zhanzhang.baidu.com www.ryedu.net
1 cpro.baidustatic.com r.99waiyu.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 s96.cnzz.com www.ryedu.net
0 ers.baidu.com Failed www.ryedu.net
59 20
Subject Issuer Validity Valid
www.ryedu.net
TrustAsia TLS RSA CA		 2019-10-17 -
2020-10-16		 a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-02-04 -
2021-02-04		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-04-02 -
2021-07-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
r.99waiyu.com
TrustAsia TLS RSA CA		 2020-07-26 -
2021-07-26		 a year crt.sh
*.ssl.qhimg.com
WoTrus OV SSL CA		 2020-02-11 -
2022-05-11		 2 years crt.sh
*.ssl.qhres.com
WoTrus OV SSL CA		 2020-02-11 -
2022-05-11		 2 years crt.sh
*.s.360.cn
WoSign OV SSL CA		 2019-10-25 -
2022-01-25		 2 years crt.sh
y.99waiyu.com
TrustAsia TLS RSA CA		 2020-07-26 -
2021-07-26		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.ryedu.net/
Frame ID: 6FD206D8989186ABE07C2753E8B6BFFF
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html
Frame ID: 6C8D24B842B0C4AD8EB05EA9135EDD33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4459819273790500&output=html&h=90&slotname=4432004766&adk=2832756288&adf=3920042449&w=960&fwrn=4&lmt=1601423322&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=960x90_0ads_al&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1601440395156&bpp=14&bdt=952&idt=72&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1883167886858&frm=20&pv=2&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=40635&dssz=12&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=duqvhDsQ70&p=https%3A//www.ryedu.net&dtd=92
Frame ID: 18296E189B3347B0C05E3F36C5331099
Requests: 1 HTTP requests in this frame

Frame: https://pos.baidu.com/s?wid=200&hei=200&di=u2596078&ltu=https%3A%2F%2Fwww.ryedu.net%2F&psi=d5e1fbdc16389d46a075de0c283e94ab&dc=3&ti=www.xjj7.com%2Cxjj6789.com%2C%E7%94%B5%E8%AF%9D%E3%80%90159-O691-6666%E3%80%91%E5%A4%96%E8%AF%AD%E7%88%B1%E5%A5%BD%E8%80%85%20%3E%3E%20%E9%A6%96%E9%A1%B5&ps=1040x320&drs=1&pcs=1600x1200&pss=1600x1751&cfv=0&cpl=0&chi=2&cce=true&cec=GBK&tlm=1601423322&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1601440399&dtm=HTML_POST&tpr=1601440398497&ari=2&ant=0&exps=110257,110009,111000,112027,110011&prot=2&dis=0&dai=1&dri=0
Frame ID: FFFD8047371DC553170F2BD1F3B77FC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4459819273790500&output=html&adk=1812271804&adf=3025194257&lmt=1601423322&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.ryedu.net%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1601440398961&bpp=7&bdt=4758&idt=7&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=18
Frame ID: 5A4A5BA697EF42789BB50DF225794B68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4459819273790500&output=html&h=240&adk=2650350224&adf=2163609677&w=202&fwrn=4&fwrnh=100&lmt=1601423322&rafmt=1&to=qs&pwprc=3930113159&psa=1&guci=1.2.0.0.2.2.0.0&format=202x240&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1601440399120&bpp=1&bdt=4916&idt=-M&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al%2C0x0&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=26&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rM4MvgYPS0&p=https%3A//www.ryedu.net&dtd=19
Frame ID: 0A1F8E364049259904C6EB251E4DE66D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4459819273790500&output=html&h=240&adk=2650350224&adf=3311922677&w=202&fwrn=4&fwrnh=100&lmt=1601423322&rafmt=1&to=qs&pwprc=3930113159&psa=1&guci=1.2.0.0.2.2.0.0&format=202x240&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1601440399120&bpp=1&bdt=4916&idt=0&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al%2C0x0%2C202x240&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=26&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zEqYMloRU9&p=https%3A//www.ryedu.net&dtd=23
Frame ID: 5AA275E3F9694FB6024D22092B9B4273
Requests: 1 HTTP requests in this frame

Frame: https://pos.baidu.com/wh/o.htm?ltr=
Frame ID: E9A17572541E0CB4AA7C2C64A5ED9F99
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: F553A98004AE82865159B9F052023329
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

59
Requests

95 %
HTTPS

36 %
IPv6

12
Domains

20
Subdomains

15
IPs

4
Countries

440 kB
Transfer

853 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://ers.baidu.com/app/s.js?siteId=8258542&goTop=1 HTTP 0
  • http://ers.baidu.com/

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ryedu.net/ 		106 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
573d6d5ae2eab76b2444f6802654820d4792722eea6b2ca339844b2e0432157c

Request headers

Host
www.ryedu.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 29 Sep 2020 23:48:42 GMT
Accept-Ranges
bytes
ETag
"029acfbb96d61:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Wed, 30 Sep 2020 04:33:14 GMT
Content-Length
15878
index.css
www.ryedu.net/Skin/Education/ 		26 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ryedu.net/Skin/Education/index.css
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cb86fcda6b3b6df59fa2f54679e912305eafe0f3f2e1cfb41b83b47b32af8351

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:14 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:11 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"f93086be23b2d31:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
26570
uaredirect.js
www.ryedu.net/ 		819 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ryedu.net/uaredirect.js
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8e1cac245a9daa0ff3a9e12ad5ff809822d35742803f040960531fffff3131f8

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Mon, 05 Sep 2016 23:56:53 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"c0f1192dd17d21:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
819
logo1.gif
www.ryedu.net/Skin/Education/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/images/logo1.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8f0f88369de507912de09b65c2d1ec1aa144ed8842c1f2deb675e7fd218aa39c

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:02 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"f68825b923b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
8838
User_Login.gif
www.ryedu.net/Skin/Education/images/ 		329 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/images/User_Login.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
22ffcd04cbff08d33a27eac7b8639314b86808cebb8a47f37ed518ef96a258a2

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:08 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"e79c9bc23b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
329
g9.js
www.ryedu.net/ad/ 		644 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ryedu.net/ad/g9.js
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0392d8a275caeff23eb89569f81be0b48ef3113a69240a6a90f3419f4068f29f

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 15 Nov 2019 09:54:22 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"ea777a89a9bd51:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
644
flash.js
www.ryedu.net/flash/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ryedu.net/flash/flash.js
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c37ece779331ca813d463db30b99d5470fddda291a47eeded817457d2d577973

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 02 Mar 2018 03:27:39 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"623bd46ad6b1d31:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2239
20070117091933719.jpg
www.ryedu.net/Soft/UploadSoftPic/200701/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Soft/UploadSoftPic/200701/20070117091933719.jpg
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
abd93625311ef8b3484cc5015d6d645d186b8a06cad6064017d5339d27c14f7c

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:50:30 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"b526eab25b2d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4371
2015010707443968.jpg
www.ryedu.net/Soft/UploadSoftPic/201501/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Soft/UploadSoftPic/201501/2015010707443968.jpg
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
86a6ea17c248ae4190eca822ad44098376b1aac59bdb72eefc6934bbce52cf7f

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:51:14 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"5711372625b2d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
12987
2015010707392164.jpg
www.ryedu.net/Soft/UploadSoftPic/201501/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Soft/UploadSoftPic/201501/2015010707392164.jpg
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
86ff84f75cf6c8c319cb250990e046168b4b8bc708f5c2690c25d88c0559deee

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:51:14 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"526132625b2d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
20642
2014101308075589.jpg
www.ryedu.net/Soft/UploadSoftPic/201410/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Soft/UploadSoftPic/201410/2014101308075589.jpg
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a97e6525fae7f22b009dc3b0f006695e6d9959a14ab203bab1da7c5ec258c71d

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:51:13 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"9a118c2525b2d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
32969
2014101308003502.jpg
www.ryedu.net/Soft/UploadSoftPic/201410/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Soft/UploadSoftPic/201410/2014101308003502.jpg
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b676f61f093d36e4713426812af9b8ae2ee74e9de57fe7fdd479fbe23fd08093

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:51:13 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"bf8f552525b2d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
37967
2014092609082465.jpg
www.ryedu.net/Soft/UploadSoftPic/201409/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Soft/UploadSoftPic/201409/2014092609082465.jpg
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
093020ae45a352f82881dfc732444847ff0c113d3ba8da8da1b67eebe3449045

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:51:12 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"3b8c22425b2d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
6677
2014091609314086.jpg
www.ryedu.net/Soft/UploadSoftPic/201409/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Soft/UploadSoftPic/201409/2014091609314086.jpg
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d7ec6e734004928dfb2befb2ad7d1467b8018ec0d28d28911902f9ebe49af6cb

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:51:11 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"eaf2642425b2d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
10252
20.js
www.ryedu.net/ad/ 		138 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ryedu.net/ad/20.js
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
efa33cde6ac7ad0563fd7759c6927ee9eb2241001e6e13c8554489533a9552ed

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Sun, 03 Nov 2019 02:02:49 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"7dc71bcbea91d51:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
138
2016060409021665.png
www.ryedu.net/syy/Uploads_20/201606/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/syy/Uploads_20/201606/2016060409021665.png
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:17 GMT
Last-Modified
Sat, 04 Jun 2016 01:02:16 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"36f2bebcfcbdd11:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
19256
z_stat.php
s96.cnzz.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s96.cnzz.com/z_stat.php?id=370537&web_id=370537
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.188.8.250 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
a22ad0b31178c00424ea5e9994314dea15166fbe9487cf3402a10b9565ecd7ca

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Sep 2020 04:22:55 GMT
content-encoding
gzip
age
620
x-powered-by
PHP/5.5.25
x-cache
MISS TCP_REFRESH_MISS dirn:-2:-2
status
200
x-swift-cachetime
4780
x-swift-savetime
Wed, 30 Sep 2020 04:33:15 GMT
content-length
4080
last-modified
Wed, 30 Sep 2020 04:22:55 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1568525886
content-type
application/javascript
via
cache41.l2cn1807[0,200-0,H], cache20.l2cn1807[0,0], cache20.cn2024[8,200-0,M], cache7.cn2024[9,0]
cache-control
max-age=5400,s-maxage=5400
timing-allow-origin
*
eagleid
debc08cf16014403957288027e
hm.js
hm.baidu.com/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?09b0ffce9c2c8c699d86fc807d6dc112
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
2643fea261bb148e2183d5f615683b1ebe60c041102218e04c8443cd3f2d9190
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Content-Encoding
gzip
Server
apache
Etag
afd8924f3ecd9e93feca698be4372e7e
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14898
bodyBg.gif
www.ryedu.net/Skin/Education/Images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/bodyBg.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8a85d176a7675f815ba70e9e1328eb77823ba519e1dacb542fd85a04cb1bc770

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 02 Mar 2018 12:40:54 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"ededa1b423b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1030
topBg.gif
www.ryedu.net/Skin/Education/Images/ 		159 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/topBg.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
708b9b81382fb2b241a450e51d6f423603ee313cbc6381326c958d14d580e86c

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:07 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"9c1d6dbc23b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
159
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		128 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/ad/g9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f2dcfc1e72824387d9851a2c96a5b20848ac6fb25ab481bbd305c3f2315a7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Sep 2020 04:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45183
x-xss-protection
0
server
cafe
etag
17680645947560749777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Sep 2020 04:33:15 GMT
menuBg.gif
www.ryedu.net/Skin/Education/Images/ 		328 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/menuBg.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ea2a32163252479c3f628919c2dc2b9de3320e7d8ff6861d64de60dffd8bf614

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:02 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"246e4eb923b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
328
noticeBg.gif
www.ryedu.net/Skin/Education/Images/ 		210 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/noticeBg.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c3a82986e76c821869df31a5a8192c5170eb173bdaf4af14c3bc50d6d4b8902a

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"e6ba4eba23b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
210
notice.gif
www.ryedu.net/Skin/Education/Images/ 		615 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/notice.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
daaa9b06072df7985e948b4a0e0cabbc01e3ead730f9bf9dcbfa900800361e20

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:04 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"284724ba23b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
615
tabBg.gif
www.ryedu.net/Skin/Education/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/images/tabBg.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0a838c2785cfff94bddd8cb7fde422208e485e9e1f2aba2ab509e0fcdced7b95

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:06 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"bd8a1bb23b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
7585
tab_01.gif
www.ryedu.net/Skin/Education/images/ 		55 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/images/tab_01.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
badadb5aabb0d2bc50509bca209731e3cf638c4b2e71a5dde58ca76a3c0a2d4a

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:06 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"543d75bb23b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
55
newsBg.gif
www.ryedu.net/Skin/Education/Images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/newsBg.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1da98a89571bb7d49c88929e59e5b095c776dd7ed9594b321e52898fc8c0e7a4

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:15 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:03 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"d748cbb923b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
9013
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ 		229 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Sep 2020 04:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87867
x-xss-protection
0
server
cafe
etag
4255136095123681698
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Sep 2020 04:33:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/ Frame 6C8D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200924/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ryedu.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ryedu.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 29 Sep 2020 19:21:11 GMT
expires
Tue, 13 Oct 2020 19:21:11 GMT
content-type
text/html; charset=UTF-8
etag
17942277541989656716
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4728
x-xss-protection
0
age
33124
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ryedu.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Sep 2020 04:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ryedu.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Sep 2020 04:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1829 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4459819273790500&output=html&h=90&slotname=4432004766&adk=2832756288&adf=3920042449&w=960&fwrn=4&lmt=1601423322&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=960x90_0ads_al&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1601440395156&bpp=14&bdt=952&idt=72&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1883167886858&frm=20&pv=2&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=40635&dssz=12&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=duqvhDsQ70&p=https%3A//www.ryedu.net&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4459819273790500&output=html&h=90&slotname=4432004766&adk=2832756288&adf=3920042449&w=960&fwrn=4&lmt=1601423322&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=960x90_0ads_al&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1601440395156&bpp=14&bdt=952&idt=72&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1883167886858&frm=20&pv=2&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=40635&dssz=12&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=duqvhDsQ70&p=https%3A//www.ryedu.net&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ryedu.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ryedu.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 30 Sep 2020 04:33:15 GMT
server
cafe
content-length
6078
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 30-Sep-2020 04:48:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Sep 2020 04:33:15 GMT
cache-control
private
indexTitleBg.gif
www.ryedu.net/Skin/Education/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/images/indexTitleBg.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
15ba3f518c1a9c717877f9bba77800cfa4e15bf681a0d081673e3474685a9446

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:40:57 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"804a85b623b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2084
leftBoxTitleBg.jpg
www.ryedu.net/Skin/Education/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/images/leftBoxTitleBg.jpg
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
9747cc9de578a8ba426819a7cc4f2ad778020209bd7bb8b26c5c79042a23b3cf

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:40:59 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"bba93eb723b2d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
10046
book.gif
www.ryedu.net/Skin/Education/Images/ 		389 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/book.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
90eb07ea81c55340c510c2fc584e509f210170d4675b3de508c7a835b498b7d8

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:16 GMT
Last-Modified
Fri, 02 Mar 2018 12:40:55 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"7abac5b423b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
389
lm.js
r.99waiyu.com/source/p/resource/k/zhsj/production/q/source/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.99waiyu.com/source/p/resource/k/zhsj/production/q/source/lm.js
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/ad/20.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.81.8.133 , China, ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
506e46c6a2ffe5de6b02c1afe09fd91071d1834dec3d4e2e102f9b76794a1d54

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 30 Sep 2020 04:33:17 GMT
content-encoding
gzip
last-modified
Tue, 22 Sep 2020 16:32:01 GMT
server
yunjiasu
yjs-cachestatus
HIT
yjs-id
95dec28b3d022cf6-115
p3p
CP=" OTI DSP COR IVA OUR IND COM "
status
200
cache-control
public, max-age=14400
content-type
text/javascript; charset=utf-8
content-length
1650
expires
Wed, 30 Sep 2020 08:33:17 GMT
/
ers.baidu.com/
Redirect Chain
  • https://ers.baidu.com/app/s.js?siteId=8258542&goTop=1
  • http://ers.baidu.com/
0
0
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=112160947&si=09b0ffce9c2c8c699d86fc807d6dc112&v=1.2.76&lv=1&sn=27137&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.ryedu.net%2F&tt=www.xjj7.com%2Cxjj6789.com%2C%E7%94%B5%E8%AF%9D%E3%80%90159-O691-6666%E3%80%91%E5%A4%96%E8%AF%AD%E7%88%B1%E5%A5%BD%E8%80%85%20%3E%3E%20%E9%A6%96%E9%A1%B5
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Sep 2020 04:33:16 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
kgimcr.js
r.99waiyu.com/ 		90 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.99waiyu.com/kgimcr.js
Requested by
Host: r.99waiyu.com
URL: https://r.99waiyu.com/source/p/resource/k/zhsj/production/q/source/lm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.81.8.133 , China, ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
c0ff8b19388d1a1f5f98191956e68d13db349df91f4d9a12d9c4d6eeb36e817b

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Sep 2020 04:33:18 GMT
content-encoding
gzip
last-modified
Tue, 22 Sep 2020 16:05:17 GMT
server
yunjiasu
yjs-cachestatus
HIT
yjs-id
95dec28d6d5d2cf6-115
p3p
CP=" OTI DSP COR IVA OUR IND COM "
status
200
cache-control
public, max-age=14400
content-type
text/javascript; charset=utf-8
content-length
30085
expires
Wed, 30 Sep 2020 08:33:18 GMT
pr.js
cpro.baidustatic.com/cpro/ui/ 		255 B
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpro.baidustatic.com/cpro/ui/pr.js
Requested by
Host: r.99waiyu.com
URL: https://r.99waiyu.com/source/p/resource/k/zhsj/production/q/source/lm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
113.105.172.35 Dongguan, China, ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
f012f754c1f5e78fb4b99e0b0fc3f56297c1654488072f7a39bcb3ef37b58c14

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ohc-file-size
-1
timing-allow-origin
*
date
Wed, 30 Sep 2020 04:33:18 GMT
ohc-cache-hit
dg3ct64 [4], xactcache64 [1], qdix239 [2]
last-modified
Fri, 25 Sep 2020 08:40:43 GMT
server
JSP3/2.0.14
age
3532
etag
W/"5f6dad0b-ff"
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-encoding
gzip
expires
Wed, 30 Sep 2020 04:34:26 GMT
push.js
push.zhanzhang.baidu.com/ 		281 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
227
Expires
Thu, 30 Sep 2021 04:33:18 GMT
core.php
c.cnzz.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=370537&t=z
Requested by
Host: s96.cnzz.com
URL: https://s96.cnzz.com/z_stat.php?id=370537&web_id=370537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.188.8.250 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
909b3bd6aadf40662ab790dc6134240644642d0d4901f992afaaba1a75974192

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 30 Sep 2020 04:21:11 GMT
content-encoding
gzip
age
727
x-powered-by
PHP/5.5.25
x-cache
MISS TCP_REFRESH_MISS dirn:-2:-2
status
200
x-swift-cachetime
173
x-swift-savetime
Wed, 30 Sep 2020 04:33:18 GMT
content-length
1656
last-modified
Wed, 30 Sep 2020 04:21:11 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1601439671
content-type
application/javascript
via
cache26.l2cn1807[0,200-0,H], cache20.l2cn1807[0,0], cache20.cn2024[7,200-0,M], cache7.cn2024[8,0]
timing-allow-origin
*
eagleid
debc08cf16014403982521044e
expires
Wed, 30 Sep 2020 04:36:11 GMT
stat.htm
hzs5.cnzz.com/ 		2 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hzs5.cnzz.com/stat.htm?id=370537&r=&lg=en-us&ntime=none&cnzz_eid=115651518-1601439775-&showp=1600x1200&p=https%3A%2F%2Fwww.ryedu.net%2F&t=www.xjj7.com%2Cxjj6789.com%2C%E7%94%B5%E8%AF%9D%E3%80%90159-O691-666...&umuuid=174dd493b2066-04bce99e507bc8-1b396256-1d4c00-174dd493b21a66&h=1&rnd=1662133799
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.119.206.97 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 30 Sep 2020 04:33:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
link.gif
www.ryedu.net/Skin/Education/Images/ 		390 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/link.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0a9340a96e5a63d498fd10817a10545c7d2e282012fb153f6e81e826ffd6fcc2

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:18 GMT
Last-Modified
Fri, 02 Mar 2018 12:41:00 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"3a10efb723b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
390
footBg.gif
www.ryedu.net/Skin/Education/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ryedu.net/Skin/Education/Images/footBg.gif
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/Skin/Education/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
103.90.137.19 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b2c65dd4cf32dd387a9088f1140bffe7ba837da03004818c1a53779971baec4f

Request headers

Referer
https://www.ryedu.net/Skin/Education/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:18 GMT
Last-Modified
Fri, 02 Mar 2018 12:40:56 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"ea8c0b523b2d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2943
11.0.1.js
jspassport.ssl.qhimg.com/ 		105 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jspassport.ssl.qhimg.com/11.0.1.js?03892ce6a21652c167716f9a849bacc4
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8000:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 30 Sep 2020 04:33:18 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
kcs-via
REVALIDATED from w-fc02.lato;MISS from w-sc02.lato
last-modified
Tue, 01 Aug 2017 05:52:02 GMT
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=600
x-amz-cf-id
-BVjkvLIPckbB7wRLgTgh1JPbWdLZZluCbmajoOSohR4dI2g4uV7Kw==
expires
Wed, 30 Sep 2020 04:43:18 GMT
Cookie set s
pos.baidu.com/ Frame FFFD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/s?wid=200&hei=200&di=u2596078&ltu=https%3A%2F%2Fwww.ryedu.net%2F&psi=d5e1fbdc16389d46a075de0c283e94ab&dc=3&ti=www.xjj7.com%2Cxjj6789.com%2C%E7%94%B5%E8%AF%9D%E3%80%90159-O691-6666%E3%80%91%E5%A4%96%E8%AF%AD%E7%88%B1%E5%A5%BD%E8%80%85%20%3E%3E%20%E9%A6%96%E9%A1%B5&ps=1040x320&drs=1&pcs=1600x1200&pss=1600x1751&cfv=0&cpl=0&chi=2&cce=true&cec=GBK&tlm=1601423322&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1601440399&dtm=HTML_POST&tpr=1601440398497&ari=2&ant=0&exps=110257,110009,111000,112027,110011&prot=2&dis=0&dai=1&dri=0
Requested by
Host: r.99waiyu.com
URL: https://r.99waiyu.com/kgimcr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.232.231.117 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
pos.baidu.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ryedu.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ryedu.net/

Response headers

Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8827
Content-Type
text/html;charset=UTF-8
Date
Wed, 30 Sep 2020 04:33:19 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Wed Sep 30 12:33:19 2020
P3p
CP=" OTI DSP COR IVA OUR IND COM " CP=" OTI DSP COR IVA OUR IND COM "
Pragma
no-cache
Server
nginx
Set-Cookie
BAIDUID=2281E14AB7982BBB0CDF663C89A35DD7:FG=1; expires=Thu, 30-Sep-51 04:33:19 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
X-Xss-Protection
0
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.share.baidu.com/s.gif?l=https://www.ryedu.net/
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:19 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
ab77b6ea7f3fbf79.js
s.ssl.qhres.com/ssl/ 		478 B
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ssl.qhres.com/ssl/ab77b6ea7f3fbf79.js
Requested by
Host: jspassport.ssl.qhimg.com
URL: https://jspassport.ssl.qhimg.com/11.0.1.js?03892ce6a21652c167716f9a849bacc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b000:11:1b7a:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 04 Sep 2020 02:07:34 GMT
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
x-qstatic-hit
1
kcs-via
HIT from w-fc02.lato;MISS from w-sc02.lato
age
2255144
x-cache
Hit from cloudfront
status
200
content-length
478
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"6a5b3175a87e4950"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
pcwyybuE8isbQXdbmwihupkRzrXCDYDM0_WibSUPBGQxZcuCqjT1Cw==
expires
Mon, 02 Sep 2030 02:07:34 GMT
zz.gif
s.360.cn/so/ 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.360.cn/so/zz.gif?url=https%3A%2F%2Fwww.ryedu.net%2F&sid=03892ce6a21652c167716f9a849bacc4&token=0/3t8e9n2.cued6eay2r1.6w5w2wc/1/
Requested by
Host: www.ryedu.net
URL: https://www.ryedu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.251.231 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 30 Sep 2020 04:33:19 GMT
Last-Modified
Thu, 01 Aug 2019 13:00:40 GMT
Server
nginx/1.14.2
ETag
"5d42e278-0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5A4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4459819273790500&output=html&adk=1812271804&adf=3025194257&lmt=1601423322&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.ryedu.net%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1601440398961&bpp=7&bdt=4758&idt=7&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4459819273790500&output=html&adk=1812271804&adf=3025194257&lmt=1601423322&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.ryedu.net%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1601440398961&bpp=7&bdt=4758&idt=7&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=18
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ryedu.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ryedu.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 30 Sep 2020 04:33:19 GMT
server
cafe
content-length
805
x-xss-protection
0
set-cookie
IDE=AHWqTUlTunbJYnkFTk_qJfGyl69oF__ae2Aj73HUWp2ZM8B48bQPYz1DpzrCtNat; expires=Mon, 25-Oct-2021 04:33:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Sep 2020 04:33:19 GMT
cache-control
private
auto_ds
y.99waiyu.com/ 		69 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://y.99waiyu.com/auto_ds?frv=yzyp&fek=jC&ejk=D&rtqv=D&ru=B8B&ern=B&fxk=BkiB&rku=jC8jC&xgt=BKDD&nvw=s4403kELkDQkDQ777ki29po5kiyp4kDQ&gzru=CCBBCC&fdx=D&ehx=B&ruu=CHBB8CIGC&ege=RMV&vk=777ki8uuIkinzxkDN8uuHIJKkinzxkDNkPIkKFkMGkPJkLQkKOkPEkJBkKBCGKjZHKCjHHHHkPEkJBkKCkPGkLFkKHkPJkLQkLOkPIkJJkMCkPGkLGkMOkPJkJBkJGkDBkEPkEPkDBkPKkLHkKHkPKkLCkMG&vrt=CHBCFFBEKJFKI&fvo=LcbZiUaZY_&fed=iiimlto5i5ytzyinlwwmlnv&ruk=oGpCqmonCHEJKoFHlBIGopBnDJEpKFlm&gpw=pynzotyr&ut=CHBB8CDBB&ftk=B&reu=CHBB8CDBB&fku=B&we=CHBB8CDBB&vep=CHBCFFBEKJ&vut=B&fck=B&gef=C&cpv=B&fe=F&ftu=C&eeg=425p&ctk=D&fk=B&vno=CHBCFDEEDD&ty=CDBB
Requested by
Host: r.99waiyu.com
URL: https://r.99waiyu.com/kgimcr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.81.8.133 , China, ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
18a11932f741c1537d8dfce7dfb5aa38a958524fb05e4314f175cd004f01b605
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Sep 2020 04:33:20 GMT
content-encoding
gzip
last-modified
Wed Sep 30 12:33:20 2020
server
yunjiasu
yjs-id
95dec2a11d102cf8-115
p3p
CP=" OTI DSP COR IVA OUR IND COM "
status
200
cache-control
post-check=0, pre-check=0
content-type
application/javascript;charset=UTF-8
content-length
88
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0A1F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4459819273790500&output=html&h=240&adk=2650350224&adf=2163609677&w=202&fwrn=4&fwrnh=100&lmt=1601423322&rafmt=1&to=qs&pwprc=3930113159&psa=1&guci=1.2.0.0.2.2.0.0&format=202x240&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1601440399120&bpp=1&bdt=4916&idt=-M&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al%2C0x0&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=26&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rM4MvgYPS0&p=https%3A//www.ryedu.net&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4459819273790500&output=html&h=240&adk=2650350224&adf=2163609677&w=202&fwrn=4&fwrnh=100&lmt=1601423322&rafmt=1&to=qs&pwprc=3930113159&psa=1&guci=1.2.0.0.2.2.0.0&format=202x240&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1601440399120&bpp=1&bdt=4916&idt=-M&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al%2C0x0&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=26&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rM4MvgYPS0&p=https%3A//www.ryedu.net&dtd=19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ryedu.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlTunbJYnkFTk_qJfGyl69oF__ae2Aj73HUWp2ZM8B48bQPYz1DpzrCtNat
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ryedu.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 30 Sep 2020 04:33:19 GMT
server
cafe
content-length
23592
x-xss-protection
0
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 5AA2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4459819273790500&output=html&h=240&adk=2650350224&adf=3311922677&w=202&fwrn=4&fwrnh=100&lmt=1601423322&rafmt=1&to=qs&pwprc=3930113159&psa=1&guci=1.2.0.0.2.2.0.0&format=202x240&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1601440399120&bpp=1&bdt=4916&idt=0&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al%2C0x0%2C202x240&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=26&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zEqYMloRU9&p=https%3A//www.ryedu.net&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5671925933713171045/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5671925933713171045/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP_s-7CGkOwCFYi63god1J0MFA&gqi=jwp0X4isCdDZ7_UPvNq-mAE&layout=/sadbundle/%24csp%253Der3%24/5671925933713171045/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4459819273790500&output=html&h=240&adk=2650350224&adf=3311922677&w=202&fwrn=4&fwrnh=100&lmt=1601423322&rafmt=1&to=qs&pwprc=3930113159&psa=1&guci=1.2.0.0.2.2.0.0&format=202x240&url=https%3A%2F%2Fwww.ryedu.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1601440399120&bpp=1&bdt=4916&idt=0&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90_0ads_al%2C0x0%2C202x240&nras=1&correlator=1883167886858&frm=20&pv=1&ga_vid=2104342178.1601440395&ga_sid=1601440395&ga_hid=1518856290&ga_fc=0&iag=0&icsg=17614748672&dssz=26&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=1496&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067105%2C21067570%2C44725623&psts=AGkb-H9Ii0HiRgfSZ__gF1DIQ8W6Ez6yXuY3U0nVhYnfLGE0nlYFAARKdg&pvsid=4279807484611240&pem=865&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zEqYMloRU9&p=https%3A//www.ryedu.net&dtd=23
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ryedu.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlTunbJYnkFTk_qJfGyl69oF__ae2Aj73HUWp2ZM8B48bQPYz1DpzrCtNat
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ryedu.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5671925933713171045/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5671925933713171045/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP_s-7CGkOwCFYi63god1J0MFA&gqi=jwp0X4isCdDZ7_UPvNq-mAE&layout=/sadbundle/%24csp%253Der3%24/5671925933713171045/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 30 Sep 2020 04:33:19 GMT
server
cafe
content-length
37367
x-xss-protection
0
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6af37cb3993b1d50097f7c37855a056465c30a79d56e7ce1b7aa951ee9f4b84e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Sep 2020 04:33:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6454
x-xss-protection
0
o.htm
pos.baidu.com/wh/ Frame E9A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/wh/o.htm?ltr=
Requested by
Host: r.99waiyu.com
URL: https://r.99waiyu.com/kgimcr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.232.231.117 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
pos.baidu.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ryedu.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ryedu.net/

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
553
Content-Type
text/html
Date
Wed, 30 Sep 2020 04:33:21 GMT
Etag
"5eec79a0-229"
Last-Modified
Fri, 19 Jun 2020 08:38:56 GMT
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Sep 2020 04:33:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Wed, 30 Sep 2020 04:33:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame F553 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ryedu.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ryedu.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 30 Sep 2020 03:54:56 GMT
expires
Thu, 30 Sep 2021 03:54:56 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2305
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=4279807484611240&bg=!SkmlSVFY8_4Zjn6owoACAAAAclIAAAARCgHXX7Y04AMc5ZCXQRZ09qxwANxgcHQprG0QnzqmkvbFpnsIeEZNJTwPXv6oKhd_FaMyyXObEI3YNOxSfvOzQL3cvaaLsmtRNWD8HOkbjuhYg0MNhsGKV777whJbHaAnx6KnbqeJnHWbJ5zjYt6ZnIhWEZgQ_KfOLwoQgD-Xg-gZytT9gLbVE6Rp16NYBkzL7B-2HiVZeIfx8QgW7eR6FVHyAKD9UTt0un7lz4oVSksl4s4u4XhpZjjiBJkPLYvXsxn2nUQknMZcX3_r4DA3Kplj3fwfNwdteTqMIVJth7lqEdMibUn9OvCQ5uW8yhGbyxBzQosEPhXuirTVZUSZgxnwlF4KGfndbcLvZ-zWynfA0LkB831wEhYwrmJnQwdeaqDqsj1LZ4DGTiOQwH-CCi6Gd_zAGKd7s3Nl3KaCsu2ptUxeLM8rdjSjp4ch3X-V7TPE7o2KX9-bzSWaQaS-r6HfQUdUBPArjWLFDXbrAzGMiFMVWGtvUbPcMASrXEG0vgip5QPANxXtYitILCwAOLxDs0Q6Ml07zpFRe6Y29jCnWKXx3Drh_h0Cz6xQdouzoaPXhTX1u8vfcKftfcwCPU7rhXtpXtirrJSokVxFxEBiryLzAxkazLnSmQGmr80kr_IfeUh4yXD7W5o-cOoVN_kIjNqaSyijKAvgHU36Ib_twj4OWIHMbS1Ce_5Tu82riuatNQN_owCQARzu3e1R1ERjzGJtYSEfmyiLxZ8ai1uQPXLMqQM5AZxNKdJNWzk1yed3Hbh2oI1BaoP_KLmfptjeo73I2qrmg3fY7qjz8V1rrQs6D60_8YNqXrVLaZBWw4JVgDa6Kq2AhkYleKTDQtT1W9axAMljMugyOHkljqpLNoFFlsoDxOuTv67ie9tqxR8wYJWisjMtjVBskHv7GenV7lyw1dwOwKuyRRZTtrm9TuCUNQLGjn0BuQvnfJ_7Dns5F4BQUgE0VPGeo6L9F2TrmJvg_TV7eIuNcmKvat9vtjcCbJOYupwGZHnjGrZ5Bw-u7iMETuYqyMl-t-JkURZep-98y5--kXneRNqaD78w1clty1ujdtFe7MJ4i7byp-dy7PDtovLVqduzkhJ4gzcbt3GqaWkkmP6uEbe2V4HLyxs0VQfuCNwIow6YQZK0koba4Un0_XGhfzzPHz5T_ii9BfWa-5mYK2mNySNiiHiCAL8
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ryedu.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Sep 2020 04:33:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ers.baidu.com
URL
http://ers.baidu.com/

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| nTabs function| uaredirect function| isSubdomain object| _hmt object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| cindx string| images string| links string| texts number| focus_width number| focus_height number| text_height boolean| _bdhm_loaded_09b0ffce9c2c8c699d86fc807d6dc112 object| mini_tangram_log_94hlwr object| __delivery_global_ object| ___delivery___global___counter___ object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_370537 object| cnzz_image_1985858474 object| ___baidu_union object| BAIDU_SSP__info function| ___adblockplus_ function| ___baidu_union_callback number| BAIDU_DUP2_pageFirstRequestTime object| cpro_id object| cproArray object| cpro_mobile_slot object| BAIDU_DUP object| BAIDU_CLB_SLOT_ID function| BAIDU_CLB_fillSlot function| BAIDU_CLB_singleFillSlot function| BAIDU_CLB_fillSlotWithSize function| BAIDU_CLB_fillSlotAsync function| BAIDU_CLB_prepareMoveSlot function| BAIDU_CLB_setConfig function| BAIDU_CLB_addOrientation function| BAIDU_CLB_addSlot function| BAIDU_CLB_enableAllSlots function| BAIDU_CLB_preloadSlots function| BAIDU_DUP_addSlotStatusCallback object| slotbydup object| storage number| time object| __baidu_dup_jobruner object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlTunbJYnkFTk_qJfGyl69oF__ae2Aj73HUWp2ZM8B48bQPYz1DpzrCtNat
.ryedu.net/ Name: Hm_lvt_09b0ffce9c2c8c699d86fc807d6dc112
Value: 1601440397
www.ryedu.net/ Name: CNZZDATA370537
Value: cnzz_eid%3D115651518-1601439775-%26ntime%3D1601439775
.ryedu.net/ Name: UM_distinctid
Value: 174dd493b2066-04bce99e507bc8-1b396256-1d4c00-174dd493b21a66
.ryedu.net/ Name: Hm_lpvt_09b0ffce9c2c8c699d86fc807d6dc112
Value: 1601440397

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.share.baidu.com
c.cnzz.com
cpro.baidustatic.com
ers.baidu.com
googleads.g.doubleclick.net
hm.baidu.com
hzs5.cnzz.com
jspassport.ssl.qhimg.com
pagead2.googlesyndication.com
pos.baidu.com
push.zhanzhang.baidu.com
r.99waiyu.com
s.360.cn
s.ssl.qhres.com
s96.cnzz.com
tpc.googlesyndication.com
www.ryedu.net
y.99waiyu.com
ers.baidu.com
103.235.46.191
103.90.137.19
111.206.37.189
113.105.172.35
180.163.251.231
183.232.231.117
203.119.206.97
222.188.8.250
2600:9000:2156:8000:0:e2b1:a380:93a1
2600:9000:21f3:b000:11:1b7a:9b00:93a1
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2001
2a00:1450:4001:81f::2002
42.81.8.133
0392d8a275caeff23eb89569f81be0b48ef3113a69240a6a90f3419f4068f29f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
093020ae45a352f82881dfc732444847ff0c113d3ba8da8da1b67eebe3449045
0a838c2785cfff94bddd8cb7fde422208e485e9e1f2aba2ab509e0fcdced7b95
0a9340a96e5a63d498fd10817a10545c7d2e282012fb153f6e81e826ffd6fcc2
15ba3f518c1a9c717877f9bba77800cfa4e15bf681a0d081673e3474685a9446
18a11932f741c1537d8dfce7dfb5aa38a958524fb05e4314f175cd004f01b605
1da98a89571bb7d49c88929e59e5b095c776dd7ed9594b321e52898fc8c0e7a4
22ffcd04cbff08d33a27eac7b8639314b86808cebb8a47f37ed518ef96a258a2
2643fea261bb148e2183d5f615683b1ebe60c041102218e04c8443cd3f2d9190
3f2dcfc1e72824387d9851a2c96a5b20848ac6fb25ab481bbd305c3f2315a7f7
506e46c6a2ffe5de6b02c1afe09fd91071d1834dec3d4e2e102f9b76794a1d54
573d6d5ae2eab76b2444f6802654820d4792722eea6b2ca339844b2e0432157c
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6af37cb3993b1d50097f7c37855a056465c30a79d56e7ce1b7aa951ee9f4b84e
708b9b81382fb2b241a450e51d6f423603ee313cbc6381326c958d14d580e86c
777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb
86a6ea17c248ae4190eca822ad44098376b1aac59bdb72eefc6934bbce52cf7f
86ff84f75cf6c8c319cb250990e046168b4b8bc708f5c2690c25d88c0559deee
8a85d176a7675f815ba70e9e1328eb77823ba519e1dacb542fd85a04cb1bc770
8e1cac245a9daa0ff3a9e12ad5ff809822d35742803f040960531fffff3131f8
8f0f88369de507912de09b65c2d1ec1aa144ed8842c1f2deb675e7fd218aa39c
909b3bd6aadf40662ab790dc6134240644642d0d4901f992afaaba1a75974192
90eb07ea81c55340c510c2fc584e509f210170d4675b3de508c7a835b498b7d8
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
9747cc9de578a8ba426819a7cc4f2ad778020209bd7bb8b26c5c79042a23b3cf
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513
a22ad0b31178c00424ea5e9994314dea15166fbe9487cf3402a10b9565ecd7ca
a97e6525fae7f22b009dc3b0f006695e6d9959a14ab203bab1da7c5ec258c71d
abd93625311ef8b3484cc5015d6d645d186b8a06cad6064017d5339d27c14f7c
b2c65dd4cf32dd387a9088f1140bffe7ba837da03004818c1a53779971baec4f
b676f61f093d36e4713426812af9b8ae2ee74e9de57fe7fdd479fbe23fd08093
badadb5aabb0d2bc50509bca209731e3cf638c4b2e71a5dde58ca76a3c0a2d4a
c0ff8b19388d1a1f5f98191956e68d13db349df91f4d9a12d9c4d6eeb36e817b
c37ece779331ca813d463db30b99d5470fddda291a47eeded817457d2d577973
c3a82986e76c821869df31a5a8192c5170eb173bdaf4af14c3bc50d6d4b8902a
cb86fcda6b3b6df59fa2f54679e912305eafe0f3f2e1cfb41b83b47b32af8351
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7ec6e734004928dfb2befb2ad7d1467b8018ec0d28d28911902f9ebe49af6cb
daaa9b06072df7985e948b4a0e0cabbc01e3ead730f9bf9dcbfa900800361e20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2a32163252479c3f628919c2dc2b9de3320e7d8ff6861d64de60dffd8bf614
efa33cde6ac7ad0563fd7759c6927ee9eb2241001e6e13c8554489533a9552ed
f012f754c1f5e78fb4b99e0b0fc3f56297c1654488072f7a39bcb3ef37b58c14
f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2