urlscan.io logo urlscan.io
SecurityTrails logo

kabustream.ink Open in urlscan Pro
150.95.144.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://couwer.qpoe.com/okabu/
Effective URL: http://kabustream.ink/archives/10118/
Submission: On September 12 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 17 HTTP transactions. The main IP is 150.95.144.153, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is kabustream.ink.
This is the only time kabustream.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.56.183.95 18978 (ENZUINC-US)
3 150.95.144.153 7506 (INTERQ GM...)
5 2a00:1450:400... 15169 (GOOGLE)
1 117.71.17.144 4134 (CHINANET-...)
5 2a00:1450:400... 15169 (GOOGLE)
1 183.61.180.148 134763 (CT-DONGGU...)
1 203.119.129.115 37963 (CNNIC-ALI...)
1 205.204.101.182 45102 (CNNIC-ALI...)
17 7
1    198.56.183.95 (Los Angeles, United States)

ASN18978 (ENZUINC-US - Enzu Inc, US)
PTR: logytb.suncrafts.cn
couwer.qpoe.com
3    150.95.144.153 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-144-153.a089.g.tyo1.static.cnode.io
kabustream.ink
5    2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    117.71.17.144 (Hefei, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
s11.cnzz.com
5    2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
1    183.61.180.148 (Foshan, China)

ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN)
c.cnzz.com
1    203.119.129.115 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z13.cnzz.com
1    205.204.101.182 (Santa Clara, United States)

ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN)
cnzz.mmstat.com
Domain Requested by
5 pagead2.googlesyndication.com kabustream.ink
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 kabustream.ink kabustream.ink
1 cnzz.mmstat.com kabustream.ink
1 z13.cnzz.com kabustream.ink
1 c.cnzz.com s11.cnzz.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 s11.cnzz.com kabustream.ink
1 couwer.qpoe.com 1 redirects
17 10

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com
Subject Issuer Validity Valid
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-04-13 -
2019-04-14		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-09-05 -
2019-09-06		 a year crt.sh

This page contains 6 frames:

Primary Page: http://kabustream.ink/archives/10118/
Frame ID: C281F5C22DE3CF15CBB068DFCD7EDBA9
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180906/r20180604/zrt_lookup.html
Frame ID: 0DBA16AB9F2B3ACD62BD69AA80EA17E6
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/show_ads_impl.js
Frame ID: C22D889C1A4A425464AF37929E34371B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8456092088448735&output=html&h=200&slotname=2513870248&adk=4227816530&adf=1839787983&w=798&fwrn=4&lmt=1536668118&rafmt=11&guci=1.2.0.0.2.2.0&format=798x200&url=http%3A%2F%2Fkabustream.ink%2Farchives%2F10118%2F&flash=0&wgl=1&adsid=NT&dt=1536736386555&bpp=10&bdt=901&fdt=13&idt=60&shv=r20180906&cbv=r20180604&saldr=aa&abxe=1&correlator=489744473716&frm=20&pv=2&ga_vid=1665487468.1536736387&ga_sid=1536736387&ga_hid=33059751&ga_fc=0&iag=0&icsg=2728&dssz=8&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=ZSgzcnIyhX&p=http%3A//kabustream.ink&dtd=87
Frame ID: BCB33F2238E0E598740B2ECBC5258CAD
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/show_ads_impl.js
Frame ID: DBB28B7AA7FBD4073A6926DDF271C98E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8456092088448735&output=html&h=200&slotname=2513870248&adk=4227816530&adf=1171094417&w=798&fwrn=4&lmt=1536668118&rafmt=11&guci=1.2.0.0.2.2.0&format=798x200&url=http%3A%2F%2Fkabustream.ink%2Farchives%2F10118%2F&flash=0&wgl=1&adsid=NT&dt=1536736386568&bpp=6&bdt=914&fdt=85&idt=87&shv=r20180906&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=798x200&correlator=489744473716&frm=20&pv=1&ga_vid=1665487468.1536736387&ga_sid=1536736387&ga_hid=33059751&ga_fc=0&iag=0&icsg=10920&dssz=9&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=wctuhdhsZC&p=http%3A//kabustream.ink&dtd=91
Frame ID: 82BEBF8D9CE8FFFDA6BBA55036FF4C91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://couwer.qpoe.com/okabu/ HTTP 301
    http://kabustream.ink/archives/10118/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

17
Requests

65 %
HTTPS

25 %
IPv6

8
Domains

10
Subdomains

7
IPs

4
Countries

167 kB
Transfer

708 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://couwer.qpoe.com/okabu/ HTTP 301
    http://kabustream.ink/archives/10118/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kabustream.ink/archives/10118/
Redirect Chain
  • http://couwer.qpoe.com/okabu/
  • http://kabustream.ink/archives/10118/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kabustream.ink/archives/10118/
Protocol
HTTP/1.1
Server
150.95.144.153 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
v150-95-144-153.a089.g.tyo1.static.cnode.io
Software
Apache /
Resource Hash
c8b24ea297909267fc9afdf27afd7657eea5dc67e1c48eb6a7fd0b1a73a384b8

Request headers

Host
kabustream.ink
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C281F5C22DE3CF15CBB068DFCD7EDBA9

Response headers

Date
Wed, 12 Sep 2018 07:13:05 GMT
Server
Apache
Upgrade
h2
Connection
Upgrade, close
Last-Modified
Tue, 11 Sep 2018 12:15:18 GMT
ETag
"e6f-575976d5cb11a-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1812
Content-Type
text/html

Redirect headers

Server
nginx
Date
Wed, 12 Sep 2018 07:13:04 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.45
Location
http://kabustream.ink/archives/10118/
bootstrap.min.css
kabustream.ink/ 		141 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://kabustream.ink/bootstrap.min.css
Requested by
Host: kabustream.ink
URL: http://kabustream.ink/archives/10118/
Protocol
HTTP/1.1
Server
150.95.144.153 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
v150-95-144-153.a089.g.tyo1.static.cnode.io
Software
Apache /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kabustream.ink
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://kabustream.ink/archives/10118/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 07:13:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jun 2018 02:03:57 GMT
Server
Apache
ETag
"235ed-56def946525a1-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
20560
style.css
kabustream.ink/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://kabustream.ink/style.css
Requested by
Host: kabustream.ink
URL: http://kabustream.ink/archives/10118/
Protocol
HTTP/1.1
Server
150.95.144.153 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
v150-95-144-153.a089.g.tyo1.static.cnode.io
Software
Apache /
Resource Hash
a237fedcdf796cf3a9090318323b4ea779826cdad1e553e9a75703aa1e421c9c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kabustream.ink
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://kabustream.ink/archives/10118/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 07:13:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Apr 2018 01:49:55 GMT
Server
Apache
ETag
"22c3-5692445dfb439-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
2421
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kabustream.ink
URL: http://kabustream.ink/archives/10118/
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
368fa15135a47f8e90a4982bbd166d22adf7c34cccc932012b9fdc56d8b4a847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 12 Sep 2018 07:13:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17214069610325178934
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
27322
X-XSS-Protection
1; mode=block
Expires
Wed, 12 Sep 2018 07:13:06 GMT
z_stat.php
s11.cnzz.com/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s11.cnzz.com/z_stat.php?id=1260475355&web_id=1260475355
Requested by
Host: kabustream.ink
URL: http://kabustream.ink/archives/10118/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
117.71.17.144 Hefei, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2029fe007bbd8ed9d4cfc56fa60f48298712d62be0ea3ca593f18ec6af7c8244

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 06:59:02 GMT
via
cache3.l2ne1[0,200-0,H], cache39.l2ne1[0,0], kunlun9.cn207[0,200-0,H], kunlun9.cn207[0,0]
last-modified
Wed, 12 Sep 2018 06:59:02 GMT
server
Tengine
age
845
x-cache
HIT TCP_MEM_HIT dirn:-2:-2 mlen:-1
content-type
application/javascript
status
200
cache-control
max-age=5400,s-maxage=5400
x-swift-cachetime
5258
x-swift-savetime
Wed, 12 Sep 2018 07:01:24 GMT
timing-allow-origin
*
content-length
11735
eagleid
7547118915367363872343977e
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kabustream.ink
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 Sep 2018 07:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kabustream.ink
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 Sep 2018 07:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-8456092088448735.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		473 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8456092088448735.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
35ebc0622033180197bc3c7db310fe56815f0851d89ecb9af025a6de188a1a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 07:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Sep 2018 21:17:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
230
x-xss-protection
1; mode=block
expires
Wed, 12 Sep 2018 19:13:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180906/r20180604/ Frame 0DBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180906/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180906/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://kabustream.ink/archives/10118/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C281F5C22DE3CF15CBB068DFCD7EDBA9
Referer
http://kabustream.ink/archives/10118/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 06 Sep 2018 22:07:25 GMT
expires
Thu, 20 Sep 2018 22:07:25 GMT
content-type
text/html; charset=UTF-8
etag
18162506661661110595
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6931
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
464741
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/ Frame C22D 		198 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
00a858a993db0afd586b28bf4141d475497cc7cb2d41e193dd012a48f891c0dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 12 Sep 2018 07:13:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17773623188620879711
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
74741
X-XSS-Protection
1; mode=block
Expires
Wed, 12 Sep 2018 07:13:06 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BCB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8456092088448735&output=html&h=200&slotname=2513870248&adk=4227816530&adf=1839787983&w=798&fwrn=4&lmt=1536668118&rafmt=11&guci=1.2.0.0.2.2.0&format=798x200&url=http%3A%2F%2Fkabustream.ink%2Farchives%2F10118%2F&flash=0&wgl=1&adsid=NT&dt=1536736386555&bpp=10&bdt=901&fdt=13&idt=60&shv=r20180906&cbv=r20180604&saldr=aa&abxe=1&correlator=489744473716&frm=20&pv=2&ga_vid=1665487468.1536736387&ga_sid=1536736387&ga_hid=33059751&ga_fc=0&iag=0&icsg=2728&dssz=8&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=ZSgzcnIyhX&p=http%3A//kabustream.ink&dtd=87
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8456092088448735&output=html&h=200&slotname=2513870248&adk=4227816530&adf=1839787983&w=798&fwrn=4&lmt=1536668118&rafmt=11&guci=1.2.0.0.2.2.0&format=798x200&url=http%3A%2F%2Fkabustream.ink%2Farchives%2F10118%2F&flash=0&wgl=1&adsid=NT&dt=1536736386555&bpp=10&bdt=901&fdt=13&idt=60&shv=r20180906&cbv=r20180604&saldr=aa&abxe=1&correlator=489744473716&frm=20&pv=2&ga_vid=1665487468.1536736387&ga_sid=1536736387&ga_hid=33059751&ga_fc=0&iag=0&icsg=2728&dssz=8&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=ZSgzcnIyhX&p=http%3A//kabustream.ink&dtd=87
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://kabustream.ink/archives/10118/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C281F5C22DE3CF15CBB068DFCD7EDBA9
Referer
http://kabustream.ink/archives/10118/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 12 Sep 2018 07:13:06 GMT
server
cafe
cache-control
private
content-length
13626
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Wed, 12-Sep-2018 07:28:06 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Wed, 12 Sep 2018 07:13:06 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
632a0d3a3c471cb1dab245a6f0cebdf8be4f4664e5ccbb8d413d0aab335c89e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 06 Sep 2018 22:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27044
x-xss-protection
1; mode=block
server
cafe
etag
12392303422442158015
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 Sep 2018 22:12:46 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/ Frame DBB2 		198 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
00a858a993db0afd586b28bf4141d475497cc7cb2d41e193dd012a48f891c0dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Wed, 12 Sep 2018 07:13:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
17773623188620879711
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
74741
X-XSS-Protection
1; mode=block
Expires
Wed, 12 Sep 2018 07:13:06 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 82BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8456092088448735&output=html&h=200&slotname=2513870248&adk=4227816530&adf=1171094417&w=798&fwrn=4&lmt=1536668118&rafmt=11&guci=1.2.0.0.2.2.0&format=798x200&url=http%3A%2F%2Fkabustream.ink%2Farchives%2F10118%2F&flash=0&wgl=1&adsid=NT&dt=1536736386568&bpp=6&bdt=914&fdt=85&idt=87&shv=r20180906&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=798x200&correlator=489744473716&frm=20&pv=1&ga_vid=1665487468.1536736387&ga_sid=1536736387&ga_hid=33059751&ga_fc=0&iag=0&icsg=10920&dssz=9&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=wctuhdhsZC&p=http%3A//kabustream.ink&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180906/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8456092088448735&output=html&h=200&slotname=2513870248&adk=4227816530&adf=1171094417&w=798&fwrn=4&lmt=1536668118&rafmt=11&guci=1.2.0.0.2.2.0&format=798x200&url=http%3A%2F%2Fkabustream.ink%2Farchives%2F10118%2F&flash=0&wgl=1&adsid=NT&dt=1536736386568&bpp=6&bdt=914&fdt=85&idt=87&shv=r20180906&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=798x200&correlator=489744473716&frm=20&pv=1&ga_vid=1665487468.1536736387&ga_sid=1536736387&ga_hid=33059751&ga_fc=0&iag=0&icsg=10920&dssz=9&mdo=0&mso=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=wctuhdhsZC&p=http%3A//kabustream.ink&dtd=91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://kabustream.ink/archives/10118/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C281F5C22DE3CF15CBB068DFCD7EDBA9
Referer
http://kabustream.ink/archives/10118/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 12 Sep 2018 07:13:06 GMT
server
cafe
cache-control
private
content-length
13600
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Wed, 12-Sep-2018 07:28:06 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Wed, 12 Sep 2018 07:13:06 GMT
core.php
c.cnzz.com/ 		995 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1260475355&t=z
Requested by
Host: s11.cnzz.com
URL: https://s11.cnzz.com/z_stat.php?id=1260475355&web_id=1260475355
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.61.180.148 Foshan, China, ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1716dad558dfca8595599cafb403d45552357e5f6f9df5aa85d5fdf58b78d1e

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 12 Sep 2018 07:13:08 GMT
via
cache8.l2cn41[249,200-0,M], cache18.l2cn41[250,0], kunlun6.cn116[252,200-0,M], kunlun8.cn116[253,0]
last-modified
Wed, 12 Sep 2018 07:13:08 GMT
server
Tengine
x-swift-cachetime
900
x-cache
MISS TCP_REFRESH_MISS dirn:11:106017511 mlen:-1
content-type
application/javascript
status
200
x-swift-savetime
Wed, 12 Sep 2018 07:13:08 GMT
timing-allow-origin
*
content-length
995
eagleid
7793970815367363880483800e
expires
Wed, 12 Sep 2018 07:28:08 GMT
stat.htm
z13.cnzz.com/ 		2 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z13.cnzz.com/stat.htm?id=1260475355&r=&lg=en-us&ntime=none&cnzz_eid=730905637-1536735542-&showp=1600x1200&t=9%E6%9C%8811%E6%97%A5%E3%81%AE%E4%BB%8A%E4%BB%95%E8%BE%BC%E3%82%80%E6%80%A5%E9%A8%B0%E6%A0%AA%20%E2%80%93%20Stream%E6%8A%95%E8%B3%87%E9%80%9F%E5%A0%B1&umuuid=165cca06125b28-0b131b889470d1-17366952-1d4c00-165cca061266ec&h=1&rnd=1716017185
Requested by
Host: kabustream.ink
URL: http://kabustream.ink/archives/10118/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.119.129.115 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 07:13:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Tengine
Connection
close
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
9.gif
cnzz.mmstat.com/ 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=1343453099
Requested by
Host: kabustream.ink
URL: http://kabustream.ink/archives/10118/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.204.101.182 Santa Clara, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://kabustream.ink/archives/10118/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Sep 2018 07:13:08 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| adsbygoogle object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1260475355 object| cnzz_image_1616159710 object| cnzz_image_1649094338

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUl5oAYES8uulJ2ZzhezuJeyAmiWcZAZmPPEPdsTcyDo_cvGaRrF7-BG1XWQ
kabustream.ink/ Name: CNZZDATA1260475355
Value: 730905637-1536735542-%7C1536735542
.kabustream.ink/ Name: UM_distinctid
Value: 165cca06125b28-0b131b889470d1-17366952-1d4c00-165cca061266ec