urlscan.io logo urlscan.io
SecurityTrails logo

orisafuser.jp Open in urlscan Pro
202.32.158.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://orisafuser.jp/
Effective URL: http://orisafuser.jp/
Submission: On September 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 202.32.158.53, located in Kita-ku, Japan and belongs to IIJ Internet Initiative Japan Inc., JP. The main domain is orisafuser.jp.
This is the only time orisafuser.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 202.32.158.53 2497 (IIJ Inter...)
1 195.181.175.49 60068 (CDN77 ^_^)
2 195.181.174.7 60068 (CDN77 ^_^)
4 178.79.227.178 22822 (LLNW)
1 195.181.175.55 60068 (CDN77 ^_^)
5 5 3.113.241.215 16509 (AMAZON-02)
3 143.204.178.104 16509 (AMAZON-02)
1 104.244.98.63 63210 (FC2-INC-2)
3 44.228.23.61 16509 (AMAZON-02)
2 142.250.27.139 15169 (GOOGLE)
1 142.250.102.154 15169 (GOOGLE)
1 142.250.102.103 15169 (GOOGLE)
1 142.250.102.94 15169 (GOOGLE)
21 12
2    202.32.158.53 (Kita-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
orisafuser.jp
1    195.181.175.49 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-47.cdn77.com
blog-imgs-116.fc2.com
2    195.181.174.7 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-1.cdn77.com
blog-imgs-96.fc2.com
4    178.79.227.178 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-178.vie.llnw.net
static.fc2.com
blogthumbnail.fc2.com
1    195.181.175.55 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-53.cdn77.com
blog-imgs-123.fc2.com
5    3.113.241.215 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-241-215.ap-northeast-1.compute.amazonaws.com
pckaden.blogmura.com
classic.blogmura.com
3    143.204.178.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-178-104.lhr50.r.cloudfront.net
b.blogmura.com
1    104.244.98.63 (United States)

ASN63210 (FC2-INC-2, US)
admin.blog.fc2.com
3    44.228.23.61 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-23-61.us-west-2.compute.amazonaws.com
analyzer54.fc2.com
2    142.250.27.139 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f139.1e100.net
www.google-analytics.com
1    142.250.102.154 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.102.103 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f103.1e100.net
www.google.com
1    142.250.102.94 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f94.1e100.net
www.google.de
Domain Requested by
4 pckaden.blogmura.com 4 redirects
3 analyzer54.fc2.com orisafuser.jp
analyzer54.fc2.com
3 b.blogmura.com orisafuser.jp
3 static.fc2.com orisafuser.jp
2 www.google-analytics.com orisafuser.jp
www.google-analytics.com
2 blog-imgs-96.fc2.com orisafuser.jp
2 orisafuser.jp 1 redirects
1 www.google.de orisafuser.jp
1 www.google.com orisafuser.jp
1 stats.g.doubleclick.net www.google-analytics.com
1 admin.blog.fc2.com orisafuser.jp
1 classic.blogmura.com 1 redirects
1 blogthumbnail.fc2.com orisafuser.jp
1 blog-imgs-123.fc2.com orisafuser.jp
1 blog-imgs-116.fc2.com
21 15

This site contains links to these domains. Also see Links.

Domain
blog.fc2.com
pckaden.blogmura.com
classic.blogmura.com
fc2.com
Subject Issuer Validity Valid
*.fc2.com
RapidSSL RSA CA 2018		 2020-05-08 -
2022-07-07		 2 years crt.sh
*.blogmura.com
Amazon		 2021-03-03 -
2022-04-01		 a year crt.sh
*.blog.fc2.com
RapidSSL RSA CA 2018		 2020-02-13 -
2022-04-13		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://orisafuser.jp/
Frame ID: C12411C8EC2428951449C33BB36D00B8
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OrisafUserのblog

Page URL History Show full URLs

  1. https://orisafuser.jp/ HTTP 302
    http://orisafuser.jp/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

21
Requests

67 %
HTTPS

0 %
IPv6

7
Domains

15
Subdomains

12
IPs

3
Countries

110 kB
Transfer

153 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://orisafuser.jp/ HTTP 302
    http://orisafuser.jp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://pckaden.blogmura.com/pureaudio/img/pureaudio88_31.gif HTTP 301
  • https://pckaden.blogmura.com/pureaudio/img/pureaudio88_31.gif HTTP 301
  • https://b.blogmura.com/pckaden/pureaudio/88_31.gif
Request Chain 8
  • http://pckaden.blogmura.com/audio/img/audio88_31.gif HTTP 301
  • https://pckaden.blogmura.com/audio/img/audio88_31.gif HTTP 301
  • https://b.blogmura.com/pckaden/audio/88_31.gif
Request Chain 9
  • https://classic.blogmura.com/listening/img/listening125_41_z_hamster.gif HTTP 301
  • https://b.blogmura.com/classic/listening/125_41_z_hamster.gif

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
orisafuser.jp/
Redirect Chain
  • https://orisafuser.jp/
  • http://orisafuser.jp/
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://orisafuser.jp/
Protocol
HTTP/1.1
Server
202.32.158.53 Kita-ku, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
openresty /
Resource Hash
9de884c64a584a135be01c5048f706dc2ec34577a3c935309cef3f7bb3c71578

Request headers

Host
orisafuser.jp
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Cookie
bloguid=012d871f-1a3f-42bb-92f2-05fcf3463fb9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
openresty
Date
Tue, 14 Sep 2021 01:45:31 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding User-Agent
X-Mc
HIT
Link
<http://blog-imgs-116.fc2.com/o/r/i/orisafuser/css/74718.css>; rel=preload; as=style <http://blog-imgs-96.fc2.com/o/r/i/orisafuser/cfcb1b1d-s.jpg>; rel=preload; as=image
Cache-Control
must-revalidate
Last-Modified
Fri, 10 Sep 2021 19:59:48 GMT
Expires
-1
X-FC2-Cache
Use
X-FC2-DynamicCache
On
Content-Encoding
gzip
X-Ci
c1004n

Redirect headers

server
openresty
date
Tue, 14 Sep 2021 01:45:30 GMT
content-type
text/html; charset=UTF-8
location
http://orisafuser.jp
set-cookie
bloguid=012d871f-1a3f-42bb-92f2-05fcf3463fb9; expires=Wed, 14-Sep-2022 01:45:30 GMT; Max-Age=31536000
x-mc
MISS
x-ci
c1004n
74718.css
blog-imgs-116.fc2.com/o/r/i/orisafuser/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://blog-imgs-116.fc2.com/o/r/i/orisafuser/css/74718.css
Protocol
HTTP/1.1
Server
195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-47.cdn77.com
Software
CDN77-Turbo /
Resource Hash
088fac6e91e2a6588a2c338ef37ef189e094f9338a0a8cc8555ce94d02adb796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Tue, 14 Sep 2021 01:45:31 GMT
Content-Encoding
gzip
X-77-NZT-Ray
YqoECvj5Gts=
Transfer-Encoding
chunked
X-77-Cache
MISS
X-Cache
MISS
Connection
keep-alive
X-77-NZT
AcO1ry8lIDmx
X-Accel-Expires
@1634175931
Last-Modified
Sat, 02 Dec 2017 06:40:47 GMT
Server
CDN77-Turbo
ETag
W/"5a224aef-30fc"
Vary
Accept-Encoding
Content-Type
text/css
s-maxage
2678400
Cache-Control
max-age=2592000
Expires
Thu, 14 Oct 2021 01:45:31 GMT
cfcb1b1d-s.jpg
blog-imgs-96.fc2.com/o/r/i/orisafuser/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://blog-imgs-96.fc2.com/o/r/i/orisafuser/cfcb1b1d-s.jpg
Protocol
HTTP/1.1
Server
195.181.174.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d00ee8989e60ac9b36aad2a74c7830c8ec9e6f66aecb9e5e2d56ddd0a13d378d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Tue, 14 Sep 2021 01:45:31 GMT
X-77-NZT-Ray
vdtGgJcymco=
X-77-Cache
MISS
X-Cache
MISS
Connection
keep-alive
Content-Length
25574
X-77-NZT
AcO1rgWijFqx
X-Accel-Expires
@1634175931
Last-Modified
Sat, 29 Oct 2016 18:08:35 GMT
Server
CDN77-Turbo
ETag
"5814e5a3-63e6"
Content-Type
image/jpeg
s-maxage
2678400
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Expires
Thu, 14 Oct 2021 01:45:31 GMT
120710style.css
static.fc2.com/css_cn/common/headbar/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.fc2.com/css_cn/common/headbar/120710style.css
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.227.178 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-227-178.vie.llnw.net
Software
nginx /
Resource Hash
4f220e6b3568b84e70c3e510b2fe47e233c4fb4388414c70d06c0cd5ce539d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:45:31 GMT
content-encoding
gzip
last-modified
Tue, 14 Mar 2017 02:29:44 GMT
server
nginx
age
543693
vary
Accept-Encoding
content-type
text/css
s-maxage
86400
cache-control
max-age=2592000
access-control-allow-origin
*
content-length
1660
x-llid
5b55044577c28229621e39af9622992a
expires
Thu, 07 Oct 2021 18:43:58 GMT
sh_fc2blogheadbar_logo.png
static.fc2.com/image/headbar/ 		693 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fc2.com/image/headbar/sh_fc2blogheadbar_logo.png
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.227.178 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-227-178.vie.llnw.net
Software
nginx /
Resource Hash
599cd89dc73617ed2deb33ce9cd107ce234e82dadc89cfcdebdab5a38b2b21b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:45:31 GMT
last-modified
Mon, 06 Dec 2010 00:44:07 GMT
server
nginx
age
1154936
content-type
image/png
s-maxage
86400
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-origin
*
content-length
693
x-llid
51fa84ca4d521b82a5d15145470c1b75
expires
Thu, 30 Sep 2021 16:56:35 GMT
cfcb1b1d-s.jpg
blog-imgs-96.fc2.com/o/r/i/orisafuser/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog-imgs-96.fc2.com/o/r/i/orisafuser/cfcb1b1d-s.jpg
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.7 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d00ee8989e60ac9b36aad2a74c7830c8ec9e6f66aecb9e5e2d56ddd0a13d378d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 14 Sep 2021 01:45:31 GMT
x-77-nzt-ray
GClHjxf9zoA=
x-77-cache
MISS
x-cache
MISS
content-length
25574
x-77-nzt
AcO1rgUQykDB
x-accel-expires
@1634175931
last-modified
Sat, 29 Oct 2016 18:08:35 GMT
server
CDN77-Turbo
etag
"5814e5a3-63e6"
content-type
image/jpeg
s-maxage
2678400
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 01:45:31 GMT
201xxxxs.jpg
blog-imgs-123.fc2.com/o/r/i/orisafuser/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog-imgs-123.fc2.com/o/r/i/orisafuser/201xxxxs.jpg
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-53.cdn77.com
Software
CDN77-Turbo /
Resource Hash
298b70b422e6ca93e2b0f9394e5dacab9a63d71b14e23293529efc10c7416366

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 14 Sep 2021 01:45:31 GMT
x-77-nzt-ray
ydCY6clq8Cw=
x-77-cache
MISS
x-cache
MISS
content-length
1195
x-77-nzt
AcO1rzXC2fmx
x-accel-expires
@1634175931
last-modified
Fri, 08 Feb 2019 15:20:19 GMT
server
CDN77-Turbo
etag
"5c5d9e33-4ab"
content-type
image/jpeg
s-maxage
2678400
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 14 Oct 2021 01:45:31 GMT
cfcb1b1d-s.jpg
blogthumbnail.fc2.com/72/96/o/r/i/orisafuser/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogthumbnail.fc2.com/72/96/o/r/i/orisafuser/cfcb1b1d-s.jpg
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.227.178 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-227-178.vie.llnw.net
Software
openresty /
Resource Hash
09427012fe4277ebd32601347b44daf4ad28606ea12fff93966d0f9205c4f225

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:45:32 GMT
s-maxage
2678400
last-modified
Sat, 29 Oct 2016 18:08:35 GMT
server
openresty
x-host-p
t2002
content-type
image/jpeg
access-control-allow-origin
*
x-host-b
t2001
x-llid
c8b08c0892348f4462401dbabe260180
content-length
1518
cache-control
max-age=2592000
expires
Thu, 14 Oct 2021 01:45:31 GMT
88_31.gif
b.blogmura.com/pckaden/pureaudio/
Redirect Chain
  • http://pckaden.blogmura.com/pureaudio/img/pureaudio88_31.gif
  • https://pckaden.blogmura.com/pureaudio/img/pureaudio88_31.gif
  • https://b.blogmura.com/pckaden/pureaudio/88_31.gif
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.blogmura.com/pckaden/pureaudio/88_31.gif
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.178.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-178-104.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0be35d6147abbcede898490d83e92ca17d5c4a81a79dd53fb96c8e6e02964e75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:39:30 GMT
via
1.1 5888b5d9247925eeec6b1cf1ebf8aa8d.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 06:20:03 GMT
server
AmazonS3
age
3481562
etag
"b5c4bde78d3130fe98cc7441210d7ae0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
x-amz-cf-pop
LHR50-C1
accept-ranges
bytes
content-length
1325
x-amz-cf-id
XmyHMbWTQwax3oH_oByYmnQGSIviOL1d0O_hlwDHLbqVRXzCI-RItA==

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 01:45:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-language
de-DE
location
https://b.blogmura.com/pckaden/pureaudio/88_31.gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
content-length
0
x-xss-protection
1; mode=block
expires
0
88_31.gif
b.blogmura.com/pckaden/audio/
Redirect Chain
  • http://pckaden.blogmura.com/audio/img/audio88_31.gif
  • https://pckaden.blogmura.com/audio/img/audio88_31.gif
  • https://b.blogmura.com/pckaden/audio/88_31.gif
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.blogmura.com/pckaden/audio/88_31.gif
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.178.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-178-104.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c26122d75e0c5e026026700110bb7fe3be58fcaa3c7b59a879527ddc2e9d83f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:17:48 GMT
via
1.1 5888b5d9247925eeec6b1cf1ebf8aa8d.cloudfront.net (CloudFront)
last-modified
Fri, 29 Mar 2019 06:19:37 GMT
server
AmazonS3
age
1632465
etag
"49a6b6e8ebd4da768f11e8db66f77b51"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
x-amz-cf-pop
LHR50-C1
accept-ranges
bytes
content-length
1574
x-amz-cf-id
i1xQ-j4DcD4AaOOEzvo7yl5K1DeRgsTU9YAzwYMlHNAVvSVKKg0DZQ==

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 01:45:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-language
de-DE
location
https://b.blogmura.com/pckaden/audio/88_31.gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
content-length
0
x-xss-protection
1; mode=block
expires
0
125_41_z_hamster.gif
b.blogmura.com/classic/listening/
Redirect Chain
  • https://classic.blogmura.com/listening/img/listening125_41_z_hamster.gif
  • https://b.blogmura.com/classic/listening/125_41_z_hamster.gif
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.blogmura.com/classic/listening/125_41_z_hamster.gif
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.178.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-178-104.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
005d684b8c205b7761e6d97e27c96f65c7e303a88dde0840d80b32e580f4fc2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:45:33 GMT
via
1.1 5888b5d9247925eeec6b1cf1ebf8aa8d.cloudfront.net (CloudFront)
last-modified
Wed, 03 Apr 2019 01:37:08 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-C1
etag
"6a1327d2e7ff8befd099cf7510ef2e10"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2724
x-amz-cf-id
qgppoBqJNH2Xoo1QfmujnG3JdsmvIvwYIW573XPwN7sBp3gBtNaJ-w==

Redirect headers

pragma
no-cache
date
Tue, 14 Sep 2021 01:45:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-language
de-DE
location
https://b.blogmura.com/classic/listening/125_41_z_hamster.gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
strict-transport-security
max-age=31536000 ; includeSubDomains
content-length
0
x-xss-protection
1; mode=block
expires
0
dctanalyzer.php
admin.blog.fc2.com/ 		0
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.blog.fc2.com/dctanalyzer.php
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.98.63 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri https://admin.blog.fc2.com/api/csp_report.php
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 01:45:31 GMT
last-modified
Tue, 14 Sep 2021 01:45:th GMT
server
openresty
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-security-policy
frame-ancestors 'self'; report-uri https://admin.blog.fc2.com/api/csp_report.php
content-length
0
x-whom
f1013
expires
Thu, 01 Jan 1970 00:00:00 GMT
processor.php
analyzer54.fc2.com/ana/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://analyzer54.fc2.com/ana/processor.php?uid=2726239
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
HTTP/1.1
Server
44.228.23.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-23-61.us-west-2.compute.amazonaws.com
Software
nginx/1.1.19 /
Resource Hash
32cb762a07a7a1f7c7505c3c1e3590d51d299f875d53bfb71027558a350185ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 01:45:31 GMT
Server
nginx/1.1.19
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
9761
Expires
Mon, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
564
date
Tue, 14 Sep 2021 01:36:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 14 Sep 2021 03:36:07 GMT
3.gif
static.fc2.com/image/clap/number/red/ 		724 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.fc2.com/image/clap/number/red/3.gif
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
HTTP/1.1
Server
178.79.227.178 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-227-178.vie.llnw.net
Software
nginx /
Resource Hash
f360d513fcfcb43d40a01fcdf7b0bb916f33085b63e1f1967a12da304101968e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 01:45:31 GMT
Last-Modified
Fri, 14 Mar 2008 08:00:46 GMT
Server
nginx
Age
222946
Content-Type
image/gif
s-maxage
86400
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
724
X-LLID
aec83581f405fb07ce3ed8e088ad40a2
Expires
Mon, 11 Oct 2021 11:49:45 GMT
analyzer.php
analyzer54.fc2.com/ana/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://analyzer54.fc2.com/ana/analyzer.php?uid=2726239&amp;pid=0&amp;idsess=&amp;ref=&amp;href=http%3A//orisafuser.jp/&amp;wid=1600&amp;hei=1200&amp;col=24&amp;visitor=1-2434507688-1631583931-0-1-1-0&amp;ssl=0
Requested by
Host: analyzer54.fc2.com
URL: http://analyzer54.fc2.com/ana/processor.php?uid=2726239
Protocol
HTTP/1.1
Server
44.228.23.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-23-61.us-west-2.compute.amazonaws.com
Software
nginx/1.1.19 /
Resource Hash
9f769aeda1c71529c008d98f477618282d493c11bafa1167bf9113f8b2c8257c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Sep 2021 01:45:32 GMT
Server
nginx/1.1.19
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
1237
Expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=807691690&t=pageview&_s=1&dl=http%3A%2F%2Forisafuser.jp%2F&ul=en-us&de=UTF-8&dt=OrisafUser%E3%81%AEblog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1001612524&gjid=341109567&cid=406561349.1631583932&tid=UA-87594409-1&_gid=2102164560.1631583932&_r=1&_slc=1&z=40627297
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://orisafuser.jp/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 01:45:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://orisafuser.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-87594409-1&cid=406561349.1631583932&jid=1001612524&gjid=341109567&_gid=2102164560.1631583932&_u=IEBAAEAAAAAAAC~&z=523250017
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://orisafuser.jp/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 14 Sep 2021 01:45:32 GMT
content-type
text/plain
access-control-allow-origin
http://orisafuser.jp
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon18.gif
analyzer54.fc2.com/ana/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://analyzer54.fc2.com/ana/icon18.gif
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
HTTP/1.1
Server
44.228.23.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-23-61.us-west-2.compute.amazonaws.com
Software
nginx/1.1.19 /
Resource Hash
fd2df880b240ec6f9dcf1c37fe7f91e1fce057a53a783cd8ac8b5c7953899bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 01:45:32 GMT
Last-Modified
Wed, 08 Feb 2006 08:30:48 GMT
Server
nginx/1.1.19
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3432
Expires
Thu, 14 Oct 2021 01:45:32 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-87594409-1&cid=406561349.1631583932&jid=1001612524&_u=IEBAAEAAAAAAAC~&z=1678386910
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 01:45:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-87594409-1&cid=406561349.1631583932&jid=1001612524&_u=IEBAAEAAAAAAAC~&z=1678386910
Requested by
Host: orisafuser.jp
URL: http://orisafuser.jp/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://orisafuser.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 01:45:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| GoogleAnalyticsObject function| ga boolean| fc2anaEnableHook object| fc2anaRaiseClickEvent object| fc2anaRaiseClickTimer object| _FC2ANA2726239_0 function| readCookie object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| current object| expire

6 Cookies

Domain/Path Name / Value
orisafuser.jp/ Name: bloguid
Value: 012d871f-1a3f-42bb-92f2-05fcf3463fb9
orisafuser.jp/ Name: fc2_analyzer_2726239
Value: 1-2434507688-1631583931-1631583931-2-2-1631583931
.orisafuser.jp/ Name: _ga
Value: GA1.2.406561349.1631583932
.orisafuser.jp/ Name: _gid
Value: GA1.2.2102164560.1631583932
.orisafuser.jp/ Name: _gat
Value: 1
orisafuser.jp/ Name: FC2ANASESSION2726239
Value: 16894046

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.blog.fc2.com
analyzer54.fc2.com
b.blogmura.com
blog-imgs-116.fc2.com
blog-imgs-123.fc2.com
blog-imgs-96.fc2.com
blogthumbnail.fc2.com
classic.blogmura.com
orisafuser.jp
pckaden.blogmura.com
static.fc2.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
104.244.98.63
142.250.102.103
142.250.102.154
142.250.102.94
142.250.27.139
143.204.178.104
178.79.227.178
195.181.174.7
195.181.175.49
195.181.175.55
202.32.158.53
3.113.241.215
44.228.23.61
005d684b8c205b7761e6d97e27c96f65c7e303a88dde0840d80b32e580f4fc2d
088fac6e91e2a6588a2c338ef37ef189e094f9338a0a8cc8555ce94d02adb796
09427012fe4277ebd32601347b44daf4ad28606ea12fff93966d0f9205c4f225
0be35d6147abbcede898490d83e92ca17d5c4a81a79dd53fb96c8e6e02964e75
298b70b422e6ca93e2b0f9394e5dacab9a63d71b14e23293529efc10c7416366
32cb762a07a7a1f7c7505c3c1e3590d51d299f875d53bfb71027558a350185ca
4f220e6b3568b84e70c3e510b2fe47e233c4fb4388414c70d06c0cd5ce539d8a
599cd89dc73617ed2deb33ce9cd107ce234e82dadc89cfcdebdab5a38b2b21b6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9de884c64a584a135be01c5048f706dc2ec34577a3c935309cef3f7bb3c71578
9f769aeda1c71529c008d98f477618282d493c11bafa1167bf9113f8b2c8257c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c26122d75e0c5e026026700110bb7fe3be58fcaa3c7b59a879527ddc2e9d83f4
d00ee8989e60ac9b36aad2a74c7830c8ec9e6f66aecb9e5e2d56ddd0a13d378d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f360d513fcfcb43d40a01fcdf7b0bb916f33085b63e1f1967a12da304101968e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd2df880b240ec6f9dcf1c37fe7f91e1fce057a53a783cd8ac8b5c7953899bb2