urlscan.io logo urlscan.io
SecurityTrails logo

www.ziyu.net Open in urlscan Pro
153.120.58.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pranking5.ziyu.net/
Effective URL: http://www.ziyu.net/pranking.htm
Submission: On October 12 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 28 HTTP transactions. The main IP is 153.120.58.36, located in Osaka, Japan and belongs to SAKURA-A SAKURA Internet Inc., JP. The main domain is www.ziyu.net.
This is the only time www.ziyu.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 133.242.13.91 7684 (SAKURA-A ...)
5 153.120.58.36 7684 (SAKURA-A ...)
9 2a00:1450:400... 15169 (GOOGLE)
1 133.242.8.63 7684 (SAKURA-A ...)
2 6 133.242.86.238 7684 (SAKURA-A ...)
2 4 153.120.58.35 7684 (SAKURA-A ...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
28 8
1    133.242.13.91 (Tokyo, Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
pranking5.ziyu.net
5    153.120.58.36 (Osaka, Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
www.ziyu.net
center.ziyu.net
9    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
1    133.242.8.63 (Tokyo, Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
file.ziyu.net
6    133.242.86.238 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
pranking.ziyu.net
pranking3.ziyu.net
4    153.120.58.35 (Osaka, Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
www.tenki-yoho.com
1    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
4 www.tenki-yoho.com 2 redirects www.ziyu.net
4 pranking3.ziyu.net 2 redirects www.ziyu.net
4 pagead2.googlesyndication.com www.ziyu.net
pagead2.googlesyndication.com
4 www.ziyu.net www.ziyu.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 pranking.ziyu.net www.ziyu.net
pranking.ziyu.net
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 center.ziyu.net www.ziyu.net
1 file.ziyu.net www.ziyu.net
1 pranking5.ziyu.net 1 redirects
0 rp.ziyu.net Failed www.ziyu.net
0 clicktrack4.ziyu.net Failed www.ziyu.net
0 www.houigaku.net Failed www.ziyu.net
0 img.dailyfortune.jp Failed www.ziyu.net
28 17
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.tenki-yoho.com
Let's Encrypt Authority X3		 2020-09-14 -
2020-12-13		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://www.ziyu.net/pranking.htm
Frame ID: A22B8B3C6FDFB0D4161FF883D91820E5
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Frame ID: 8510C83D856BD2D6118D87AA2A91E53D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4119394426771672&output=html&adk=1812271804&adf=3025194257&lmt=1602481668&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ziyu.net%2Fpranking.htm&ea=0&flash=0&pra=5&wgl=1&dt=1602481668243&bpp=12&bdt=66&idt=539&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3547676931&frm=20&pv=2&ga_vid=1662072232.1602481669&ga_sid=1602481669&ga_hid=1713123244&ga_fc=0&iag=0&icsg=680&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067166%2C21067467&oid=3&pvsid=126790167450154&pem=217&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=568
Frame ID: AD4D1832C71510B3B5FB9D726934D835
Requests: 1 HTTP requests in this frame

Frame: http://pranking.ziyu.net/acc.php?pranking
Frame ID: C44BBC158493ABAE9E23BEDF9C4095B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4119394426771672&output=html&h=600&slotname=2689724476&adk=1734174048&adf=1706824535&w=160&fwrn=4&fwrnh=100&lmt=1602481669&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=http%3A%2F%2Fwww.ziyu.net%2Fpranking.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1602481669362&bpp=9&bdt=1185&idt=10&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3547676931&frm=20&pv=1&ga_vid=1662072232.1602481669&ga_sid=1602481669&ga_hid=1713123244&ga_fc=0&iag=0&icsg=10914&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067166%2C21067467&oid=3&pvsid=126790167450154&pem=217&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=W8ddJSILjH&p=http%3A//www.ziyu.net&dtd=18
Frame ID: A2CE6728DBD8FB492DDDEDE6D2E70945
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: BDA60D832DE7C3172B96CB98F5D47A0C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://pranking5.ziyu.net/ HTTP 302
    http://www.ziyu.net/pranking.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

28
Requests

50 %
HTTPS

38 %
IPv6

9
Domains

17
Subdomains

8
IPs

2
Countries

200 kB
Transfer

486 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pranking5.ziyu.net/ HTTP 302
    http://www.ziyu.net/pranking.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://pranking3.ziyu.net/img.php?sample HTTP 302
  • http://pranking3.ziyu.net/rranking.gif
Request Chain 6
  • http://www.tenki-yoho.com/image/88x31.gif HTTP 301
  • https://www.tenki-yoho.com/image/88x31.gif
Request Chain 11
  • http://pranking3.ziyu.net/img.php?testing HTTP 302
  • http://pranking3.ziyu.net/rranking.gif
Request Chain 22
  • http://www.tenki-yoho.com/image/arrow_u.gif HTTP 301
  • https://www.tenki-yoho.com/image/arrow_u.gif

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pranking.htm
www.ziyu.net/
Redirect Chain
  • http://pranking5.ziyu.net/
  • http://www.ziyu.net/pranking.htm
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
153.120.58.36 Osaka, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
5df75e696727e4e9090a7193d49065a238a20a0e504e7599cbcdb7197d418d4e

Request headers

Host
www.ziyu.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Mon, 12 Oct 2020 05:47:48 GMT
Content-Type
text/html; charset=SJIS-win
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 12 Oct 2020 05:47:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
http://www.ziyu.net/pranking.htm
www.css
www.ziyu.net/ 		1 KB
829 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.ziyu.net/www.css
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
153.120.58.36 Osaka, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b9a33b46863fdc9b57575e69032de5467d96d9075a7a773b612ef6c31e8ca2ae

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 08 Feb 2014 08:36:09 GMT
Server
nginx
ETag
W/"52f5ec79-570"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 05:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45810
x-xss-protection
0
server
cafe
etag
4194128766866836437
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Oct 2020 05:47:48 GMT
sub_title.gif
www.ziyu.net/image/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ziyu.net/image/sub_title.gif
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
153.120.58.36 Osaka, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
5b728df681ae4f97fd07a85b8a9dc9681189876f0136afd6ae502058612e6718

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:48 GMT
Last-Modified
Tue, 05 Jan 2010 18:06:44 GMT
Server
nginx
ETag
"4b437fb4-2b74"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11124
rranking.gif
file.ziyu.net/ 		140 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://file.ziyu.net/rranking.gif
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
133.242.8.63 Tokyo, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
72e11d9423ef0915ff134f1f59f7aadabfc5214d52a817ff8a5f5e036fb05bac

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:48 GMT
Last-Modified
Sun, 06 Mar 2011 07:53:53 GMT
Server
nginx
ETag
"4d733d91-8c"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140
pranking.js
pranking.ziyu.net/sample/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pranking.ziyu.net/sample/pranking.js
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
133.242.86.238 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afa6013c87d4387ab5e95b73d09f1186af44ba03fa3203ffbb9572c575aa398f

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:49 GMT
Last-Modified
Sun, 18 Oct 2009 23:57:26 GMT
Server
nginx
ETag
"4adbab66-cf0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3312
rranking.gif
pranking3.ziyu.net/
Redirect Chain
  • http://pranking3.ziyu.net/img.php?sample
  • http://pranking3.ziyu.net/rranking.gif
140 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pranking3.ziyu.net/rranking.gif
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
133.242.86.238 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
72e11d9423ef0915ff134f1f59f7aadabfc5214d52a817ff8a5f5e036fb05bac

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:49 GMT
Last-Modified
Sat, 12 Sep 2009 09:47:43 GMT
Server
nginx
ETag
"4aab6e3f-8c"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140

Redirect headers

Location
/rranking.gif
Date
Mon, 12 Oct 2020 05:47:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
88x31.gif
www.tenki-yoho.com/image/
Redirect Chain
  • http://www.tenki-yoho.com/image/88x31.gif
  • https://www.tenki-yoho.com/image/88x31.gif
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tenki-yoho.com/image/88x31.gif
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.120.58.35 Osaka, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
14b765554f19b2796101f4a71170e5ebecde271d7ff18d44729cf3566a0b8e9c

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:50 GMT
Last-Modified
Fri, 13 Feb 2009 07:53:37 GMT
Server
nginx
ETag
"49952701-9c7"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2503

Redirect headers

Location
https://www.tenki-yoho.com/image/88x31.gif
Date
Mon, 12 Oct 2020 05:47:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
88x31.gif
www.ziyu.net/image/fc2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ziyu.net/image/fc2/88x31.gif
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
153.120.58.36 Osaka, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
5331ef92b69a2e4ae3f93c2b0ba94eda7020518085764f0607863b849fe8c2dd

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:48 GMT
Last-Modified
Tue, 05 Jan 2010 18:06:48 GMT
Server
nginx
ETag
"4b437fb8-62d"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1581
88x31.gif
img.dailyfortune.jp/banner/ 		0
0
88x31.gif
www.houigaku.net/ 		0
0
1.js
clicktrack4.ziyu.net/js/ 		0
0
rranking.gif
pranking3.ziyu.net/
Redirect Chain
  • http://pranking3.ziyu.net/img.php?testing
  • http://pranking3.ziyu.net/rranking.gif
140 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pranking3.ziyu.net/rranking.gif
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
133.242.86.238 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
72e11d9423ef0915ff134f1f59f7aadabfc5214d52a817ff8a5f5e036fb05bac

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:49 GMT
Last-Modified
Sat, 12 Sep 2009 09:47:43 GMT
Server
nginx
ETag
"4aab6e3f-8c"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140

Redirect headers

Location
/rranking.gif
Date
Mon, 12 Oct 2020 05:47:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
jslogin.php
center.ziyu.net/ 		192 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
http://center.ziyu.net/jslogin.php
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Server
153.120.58.36 Osaka, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
fd56107b510590f5acddf8cbccdcd39e65d85ae347a1cbcfe1d1eec8290cfcd8

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:47:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/ 		230 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 05:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88664
x-xss-protection
0
server
cafe
etag
2239360983930794775
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Oct 2020 05:47:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/ Frame 8510 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201007/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ziyu.net/pranking.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ziyu.net/pranking.htm

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sun, 11 Oct 2020 17:34:09 GMT
expires
Sun, 25 Oct 2020 17:34:09 GMT
content-type
text/html; charset=UTF-8
etag
7382719332125555894
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4731
x-xss-protection
0
age
44019
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ziyu.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Oct 2020 05:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ziyu.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Oct 2020 05:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AD4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4119394426771672&output=html&adk=1812271804&adf=3025194257&lmt=1602481668&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ziyu.net%2Fpranking.htm&ea=0&flash=0&pra=5&wgl=1&dt=1602481668243&bpp=12&bdt=66&idt=539&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3547676931&frm=20&pv=2&ga_vid=1662072232.1602481669&ga_sid=1602481669&ga_hid=1713123244&ga_fc=0&iag=0&icsg=680&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067166%2C21067467&oid=3&pvsid=126790167450154&pem=217&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=568
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4119394426771672&output=html&adk=1812271804&adf=3025194257&lmt=1602481668&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.ziyu.net%2Fpranking.htm&ea=0&flash=0&pra=5&wgl=1&dt=1602481668243&bpp=12&bdt=66&idt=539&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3547676931&frm=20&pv=2&ga_vid=1662072232.1602481669&ga_sid=1602481669&ga_hid=1713123244&ga_fc=0&iag=0&icsg=680&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067166%2C21067467&oid=3&pvsid=126790167450154&pem=217&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=568
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ziyu.net/pranking.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ziyu.net/pranking.htm

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Oct 2020 05:47:48 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 12-Oct-2020 06:02:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 05:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602243746703548"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Mon, 12 Oct 2020 05:47:48 GMT
acc.php
pranking.ziyu.net/ Frame C44B 		16 B
249 B 		Document
General
Check archive.org
Download Go to
Full URL
http://pranking.ziyu.net/acc.php?pranking
Requested by
Host: pranking.ziyu.net
URL: http://pranking.ziyu.net/sample/pranking.js
Protocol
HTTP/1.1
Server
133.242.86.238 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Request headers

Host
pranking.ziyu.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.ziyu.net/pranking.htm
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ziyu.net/pranking.htm

Response headers

Server
nginx
Date
Mon, 12 Oct 2020 05:47:49 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
pv.php
rp.ziyu.net/ 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame A2CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4119394426771672&output=html&h=600&slotname=2689724476&adk=1734174048&adf=1706824535&w=160&fwrn=4&fwrnh=100&lmt=1602481669&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=http%3A%2F%2Fwww.ziyu.net%2Fpranking.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1602481669362&bpp=9&bdt=1185&idt=10&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3547676931&frm=20&pv=1&ga_vid=1662072232.1602481669&ga_sid=1602481669&ga_hid=1713123244&ga_fc=0&iag=0&icsg=10914&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067166%2C21067467&oid=3&pvsid=126790167450154&pem=217&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=W8ddJSILjH&p=http%3A//www.ziyu.net&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4119394426771672&output=html&h=600&slotname=2689724476&adk=1734174048&adf=1706824535&w=160&fwrn=4&fwrnh=100&lmt=1602481669&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=http%3A%2F%2Fwww.ziyu.net%2Fpranking.htm&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1602481669362&bpp=9&bdt=1185&idt=10&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3547676931&frm=20&pv=1&ga_vid=1662072232.1602481669&ga_sid=1602481669&ga_hid=1713123244&ga_fc=0&iag=0&icsg=10914&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1045&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067166%2C21067467&oid=3&pvsid=126790167450154&pem=217&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=W8ddJSILjH&p=http%3A//www.ziyu.net&dtd=18
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ziyu.net/pranking.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ziyu.net/pranking.htm

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Oct 2020 05:47:49 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUnxDndo3Jyk4x0OGH0bIq7W_DfFoSD7u0CJ9JTRi0ku4Zpt3w5AbBpIeeOS; expires=Sat, 06-Nov-2021 05:47:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
arrow_u.gif
www.tenki-yoho.com/image/
Redirect Chain
  • http://www.tenki-yoho.com/image/arrow_u.gif
  • https://www.tenki-yoho.com/image/arrow_u.gif
150 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tenki-yoho.com/image/arrow_u.gif
Requested by
Host: www.ziyu.net
URL: http://www.ziyu.net/pranking.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
153.120.58.35 Osaka, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b4719f73b1347a4301abd8a23a27fa27b5aacf685a0239aed79ac18aa43ecb9d

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 05:48:02 GMT
Last-Modified
Mon, 09 Feb 2009 12:37:48 GMT
Server
nginx
ETag
"4990239c-96"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
150

Redirect headers

Location
https://www.tenki-yoho.com/image/arrow_u.gif
Date
Mon, 12 Oct 2020 05:48:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201007&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21df7b37bbfbf1cc58745f359452d5757e0eac2a070bb2faf099b0daf5efc9b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Oct 2020 05:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6472
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 05:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Mon, 12 Oct 2020 05:48:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame BDA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ziyu.net/pranking.htm
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.ziyu.net/pranking.htm

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Mon, 12 Oct 2020 05:03:18 GMT
expires
Tue, 12 Oct 2021 05:03:18 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2684
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201007&jk=126790167450154&bg=!YGOlY0PNAAWqWepuqlhVFAT9nJNu4AIAAABPUgAAAA0KAea_p6gq2ya7ldmSLrxICEWgPXwFWsoETMEo9VCcqW4ZNWvU3BjYJ-7gsMCSotfBMrwKxGvRtXQy4sdBV49VxeIb1aQ-9kCkO7B_I8LQdhTRlyxDf_cS08bdTw6QfJbnWfy0MemGt8JEfBuFb8np3F44EIBbAmOUJfkyiSZ3fK3m4jYH8AjWVBidZUwcxce7zJkDfxTscPPLnYERszThmrJAZjY1eBz2FR8o9ZlRtEnt9FhLM3EO8fVVWoQryPmJ9KBM1GKGoA3eOjheR475G_Wx_PsBuUwTx-e1PLfS6uOIQi82mA0fWEUmDFEuf8OP2e9KBl6YDZXM6wVTGntnRvJy9Lu9YKeghe6-AJgNfNr6EfAlYm5TJcnOnNKgiyGLddoPTaGiWCNyhZ0NzYfsNYm5lGEg0ault8oKuuEYkGZOplhF5v3RWFtAFAk3NW8F4EGodNbHM35Z3AMZg9uE-4l_NjHkOi2savxKkofbhvpSbdHxAt_gCl9KW0zpA47rzGSvDip0pjF_p_nFqDH4VNeluvfhtbECMKp3MEJ5f6NfWmooTcLx2wdjgIsbMqiLGL-KTl30S-yfL13fDl19GFgK39q2fHXN-lf7nA5emEi_Wd_MVS1a3g9xR9xTUsI3Ebilmoh4xsCZAaR9MuiogMwjoDhXrHFC_i84C7jXq5LCHiXe2atWVBw2ap_q6CHnaFvzuobveY3EpxEbQuqlErE7iQxf98sIAmKukV4euCtRSs5jQ7inKSjPM8YeYMqexlMzRIqqm6gB-mHSkB2HSsdean_N9vAYVcmoAIQG33DXt1LquXxhTRB0VjGmyNGQZuTCZ3XBjJMSqsBeQ-Xl1kYSzhT9aIfNlag0FTpHuRT8PRMoVO9rMvZdbrEpE1PlM_XWTKe8A62ujSkBMt4UGe37PzdCW_Ip1IupXvG_aqbf9_TdJBvipgBd0wEwRZ8i9oosByNoIKovwiU5HRumTc1lGi-5HC7hRLsTTtSwiCrG4PruttONoNqnY36_YsOk_OAEYDHa27NDdB847AfqV47CIHHwzhPHtNfgv-IVK_8l9d2_ZwimmR4l-3sEmDUg0iUjvcBqov34ElGUHKv3EtsDienAlxrKSRGDDML5-n38gGXvZOXn8QHcN1XxugLdm1EQxmSTklU8YkwfPYiadqz7RWumbYf4Gm520KOoTO64UccQ7gVfFmN1am-Lmdk
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ziyu.net/pranking.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Oct 2020 05:48:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.dailyfortune.jp
URL
http://img.dailyfortune.jp/banner/88x31.gif
Domain
www.houigaku.net
URL
http://www.houigaku.net/88x31.gif
Domain
clicktrack4.ziyu.net
URL
http://clicktrack4.ziyu.net/js/1.js
Domain
rp.ziyu.net
URL
http://rp.ziyu.net/pv.php?pranking&http://file.ziyu.net/non.gif

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| trustedTypes object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| _gfp_p_ number| google_lpabyc number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
center.ziyu.net
clicktrack4.ziyu.net
file.ziyu.net
googleads.g.doubleclick.net
img.dailyfortune.jp
pagead2.googlesyndication.com
pranking.ziyu.net
pranking3.ziyu.net
pranking5.ziyu.net
rp.ziyu.net
tpc.googlesyndication.com
www.googletagservices.com
www.houigaku.net
www.tenki-yoho.com
www.ziyu.net
clicktrack4.ziyu.net
img.dailyfortune.jp
rp.ziyu.net
www.houigaku.net
133.242.13.91
133.242.8.63
133.242.86.238
153.120.58.35
153.120.58.36
2a00:1450:4001:801::2002
2a00:1450:4001:809::2001
2a00:1450:4001:81a::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
14b765554f19b2796101f4a71170e5ebecde271d7ff18d44729cf3566a0b8e9c
21df7b37bbfbf1cc58745f359452d5757e0eac2a070bb2faf099b0daf5efc9b0
5331ef92b69a2e4ae3f93c2b0ba94eda7020518085764f0607863b849fe8c2dd
5b728df681ae4f97fd07a85b8a9dc9681189876f0136afd6ae502058612e6718
5df75e696727e4e9090a7193d49065a238a20a0e504e7599cbcdb7197d418d4e
72e11d9423ef0915ff134f1f59f7aadabfc5214d52a817ff8a5f5e036fb05bac
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
afa6013c87d4387ab5e95b73d09f1186af44ba03fa3203ffbb9572c575aa398f
b4719f73b1347a4301abd8a23a27fa27b5aacf685a0239aed79ac18aa43ecb9d
b9a33b46863fdc9b57575e69032de5467d96d9075a7a773b612ef6c31e8ca2ae
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
fd56107b510590f5acddf8cbccdcd39e65d85ae347a1cbcfe1d1eec8290cfcd8