Submitted URL: http://narasaku.com/signin.php
Effective URL: https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
Submission Tags: krdprod
Submission: On August 03 via api from JP — Scanned from JP

Summary

This website contacted 9 IPs in 1 countries across 8 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3037::ac43:ba03, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0242now.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 22nd 2022. Valid for: a year.
This is the only time 0242now.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 54.91.59.199 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
37 9
Apex Domain
Subdomains
Transfer
18 narasaku.com
narasaku.com
417 KB
2 0242now.xyz
0242now.xyz
86 KB
2 qh88.pro
qh88.pro
34 KB
1 ebooktom.com
total.ebooktom.com
632 B
1 0242.com
0242.com
963 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2902 Failed
252 B
1 tien96.com
tien96.com
482 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1111
8 KB
37 8
Domain Requested by
18 narasaku.com 4 redirects narasaku.com
2 0242now.xyz 0242.com
0242now.xyz
2 qh88.pro narasaku.com
1 total.ebooktom.com 0242now.xyz
1 0242.com narasaku.com
1 api.ipify.org narasaku.com
0242now.xyz
1 tien96.com narasaku.com
1 use.fontawesome.com narasaku.com
37 8

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-22 -
2023-06-22
a year crt.sh
*.qh88.pro
GTS CA 1P5
2022-07-18 -
2022-10-16
3 months crt.sh
*.tien96.com
E1
2022-07-09 -
2022-10-07
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2022-02-07 -
2023-03-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
Frame ID: 903DC0D90ACF3C630AD4589D5226DFEF
Requests: 37 HTTP requests in this frame

Screenshot

Page Title

Code

Page URL History Show full URLs

  1. http://narasaku.com/signin.php HTTP 301
    https://narasaku.com/signin.php Page URL
  2. https://0242.com/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c3... Page URL
  3. https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

54 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

9
IPs

1
Countries

1027 kB
Transfer

2005 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://narasaku.com/signin.php HTTP 301
    https://narasaku.com/signin.php Page URL
  2. https://0242.com/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 Page URL
  3. https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://narasaku.com/signin.php HTTP 301
  • https://narasaku.com/signin.php
Request Chain 12
  • https://narasaku.com/uploads/images/499270.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/cfb1d1302e759a060158679df402afb9.jpg
Request Chain 13
  • https://narasaku.com/uploads/images/4992701.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/fc0b6329804b295cf09e7b779e0c9ea9.jpg
Request Chain 14
  • https://narasaku.com/uploads/images/4992702.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/fc1fa54e2c72a3b2c33fce519dd6660d.jpg
Request Chain 15
  • https://narasaku.com/uploads/images/915534.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/aa9a1226db33e404c7d0ae76881eb890.jpg
Request Chain 16
  • https://narasaku.com/uploads/images/857481.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/265f6770dbc852fdfcc72a53bee6650b.jpg
Request Chain 17
  • https://narasaku.com/uploads/images/880340.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/9e1b2ac590191dcfb66805133d21f6fb.jpg
Request Chain 18
  • https://narasaku.com/uploads/images/679663.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/304cdfb503b8d9b96e47fd910d305913.jpg
Request Chain 19
  • https://narasaku.com/uploads/images/461375.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/38cab99c6f858e7c533d8082086b82d0.jpg
Request Chain 20
  • https://narasaku.com/uploads/images/713254.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/bd918df934190a961dd72f88f0523dc6.jpg
Request Chain 21
  • https://narasaku.com/uploads/images/52374.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/2f989ea50dbe705120912a9d62397367.jpg
Request Chain 24
  • https://narasaku.com/uploads/images/906267.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/f690c4e46065e207fb7a7cfeb5ca535b.jpg
Request Chain 25
  • https://narasaku.com/uploads/images/287898.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/56376f8d6b84d0e9495d40f71118c771.jpg
Request Chain 26
  • https://narasaku.com/uploads/images/461751.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/95001e561ac2fc238c506984cb4111b1.jpg
Request Chain 27
  • https://narasaku.com/uploads/images/115199.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/2cd02e031190faee25dc0092944e6eec.jpg
Request Chain 28
  • https://narasaku.com/uploads/images/464239.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/ea91b60a5587ffae3e11cf437f9c2ae4.jpg
Request Chain 29
  • https://narasaku.com/uploads/images/19814.jpg HTTP 301
  • https://narasaku.com/template/news/youHuaV1/static/picture/9d4301d267422e9399582b934f691097.jpg

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
signin.php
narasaku.com/
Redirect Chain
  • http://narasaku.com/signin.php
  • https://narasaku.com/signin.php
63 KB
14 KB
Document
General
Full URL
https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a514882b19488a83518919e8ce8df9da16450f2e5e260bd0ee6377277c0240

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
734d108c8fc5afcf-NRT
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 03 Aug 2022 06:40:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9BLahUM1z%2BA9mk5B9rDF3qrTB0MR4q7coVQqD9M2ONX8ncpV%2BU1h95K9X7OyVu1OHD12p1fp1PVoezTIe7UD%2B9PPW6eVJgzUIYEF%2FfgOyYpMpm8%2BIhfloTzI9Bm9YhWLN9Q0j5sQnsT8Qg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
734d108c6b4080c3-NRT
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 03 Aug 2022 06:40:55 GMT
Expires
Wed, 03 Aug 2022 07:40:55 GMT
Location
https://narasaku.com/signin.php
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YanZXFic%2FfzyXn%2BCjN3PmsLIQOWIhinnoIVHhoSufA87iLG99nLVQa9xRz5VfswH9mOhIJHO0aXWObB3gx4j1CuPmZKiOHlicUCqbJPHN%2BTqxifHr24M4gxy8cqMp5jGMSX8jn3xLKIOmg%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
narasaku.com/template/news/youHuaV1/static/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/css/style.css
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8837c25245a7d8fd6de05389d03dd549b16fc96962c5a8e390be344092c458d9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 15:08:58 GMT
server
cloudflare
age
2
etag
W/"62bb198a-1a0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEWsrH8ibS53vkcI%2BwbN47z%2Bx1SB%2B8WjzWxVqgd9f%2BgNTNPQQl%2FbiMYd1L26SJEbAyaZ6kj%2FlLXMDU4Iq0ywKEA14WOHYB9rAxSSXgQVS2Hi2ddHMibfHWQhwKKp%2Bcoc5aAo%2FfOZI%2FmwLjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
734d10903dbdafcf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
all.css
use.fontawesome.com/releases/v5.0.8/css/
35 KB
8 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.0.8/css/all.css?ver=5.0.8
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2349130
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GS2XJY11M7991W87
x-amz-id-2
4dQmzDesPEqXQf3Q+xFclWUgKOu1C2JutU5Nh8z/IlU/e4voDEHZGfGFP16Xa1nbUV1/7Z9/MFA=
last-modified
Wed, 30 Jun 2021 15:28:03 GMT
server
cloudflare
etag
W/"265a36ec650d63e307e611cdf14d9b89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqgEQP90%2BbpcTSAOESTCckX26P6STp5U9EcgcSjbnd6KNZyL06IrtGsBU4g3GRS6%2BZQHDvmb92EhGFQADEpSlqCEIylMaNWyXEvJ%2F8Vm%2FXe46rp0feaILzzu1Q7rdN0nPrWZUJyUUQl2GT3AFoU5uDyb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
734d10905f8620b3-NRT
flatsome9dd7.css
narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/css/
169 KB
32 KB
Stylesheet
General
Full URL
https://narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/css/flatsome9dd7.css?ver=3.14.3
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e896f26810fbc8624e7501b76c3a72c3eeeb0149632091d908e4304da12af1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 04:01:14 GMT
server
cloudflare
age
2
etag
W/"6144130a-2a4af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByUSYE2gWMn2iz%2BvYSREj1c%2Bh7DwmMWKakjNsKHbXoEUWBMk8v2Wx%2BpIIwaBXp0b%2FUcTaW5Q4BHKpqpAz3fVtILsJN7F%2F1CPRULpqkwe2ss%2FfOzr6LQZzmD2MrjX67iqgismwHhvXe0IRGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
734d10903dc5afcf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.js
narasaku.com/template/news/youHuaV1/static/js/jquery/
281 KB
84 KB
Script
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/js/jquery/jquery.js
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Jul 2022 09:42:36 GMT
server
cloudflare
age
2
etag
W/"62ca9f0c-4638e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rx%2Bu12D%2BOR8ZK%2BuL%2F7XCGipfiFKTb1XBTe4MN%2BIO5BaVf%2BTvA7cJ5pMSjjePQW5zBoM8qfP4OGBPHC%2FfCmufl8fEbOpr6EpSHmocybRP5eq5D3QC7swLMeZwQKleZXw%2FwGgC99fvXRQ3Djk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
734d10903dc7afcf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.minaf6c.js
narasaku.com/template/news/youHuaV1/static/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/js/jquery/jquery.minaf6c.js
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 15:09:06 GMT
server
cloudflare
age
2
etag
W/"62bb1992-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTwr3xtHKIXiiz80HWc42CcIihGkrKwmCBdO8IEIa%2Bxmar8DwvuEytwHvwidut7uDE3dSZirnc0xVNSR3tJH1q4KuElFxeTgrIBU6Cz%2FeZv4daLVPuASgDFm9sp%2FdcWCmqbG5B9MDL2PAw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
734d10903dc9afcf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.mind617.js
narasaku.com/template/news/youHuaV1/static/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/js/jquery/jquery-migrate.mind617.js
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 15:09:05 GMT
server
cloudflare
age
2
etag
W/"62bb1991-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TNJIDRX24cKYhfhxt2rynJr1dRT76xbJKkgpnVomW%2Bq6o9wgfWy%2FQkxa%2BGpVCwwY%2F6BSh23%2F8ehhaHXl9tNAbpMiSMFCgJfJ4puiWzoVBB%2FCDyLyr%2BwwH%2B1VuwryVaz50iLCa5d8QY6Di8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
734d10903dcaafcf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
flatsome.css
qh88.pro/wp-content/themes/flatsome/assets/css/
169 KB
32 KB
Stylesheet
General
Full URL
https://qh88.pro/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.14.3
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f760533e83acaa8bf1242efd61cc358f88706ca7ddbe5893144fd7e878af1db8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160532
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 Sep 2021 04:01:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sUg1OmY21%2B93xfMKpc5eFghzKZzdkB4ea%2FO00ZC9bJxkSfjqyzkiYYoFQy76%2FVvFK98Ry2oGA6MSA33eBjao4KJTqUQsFxHhwDMOfBGecUr3kYIwaYEqBcdYKzbf9UXr6nSEXUOqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
734d10906e6eaf73-NRT
expires
Mon, 08 Aug 2022 10:05:24 GMT
screen.min.css
qh88.pro/wp-content/plugins/easy-table-of-contents/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://qh88.pro/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160532
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 13 Jul 2021 04:13:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nePOsBb3ycmm9F1q1TWjipK9r3Xxy9Ej2lV0ME0xt46BvrdpmnQPRh6LnuDizRMWdh6qYKIbPQG4QUUWoa8z6XI3nQrQ1LyKUxyQjqmnreruwaDnsO6O%2BYe2IfbzXdN6F%2FuHFwo%2FUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
734d10906e73af73-NRT
expires
Mon, 08 Aug 2022 10:05:24 GMT
style2.css
narasaku.com/template/news/youHuaV1/static/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/css/style2.css
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae85f8263336d0f044f03b5de886daa788bfe33232d1092b8db437f4144e995d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 15:08:59 GMT
server
cloudflare
age
2
etag
W/"62bb198b-5bd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK%2BfjyjN1wS0LcABn0Ryk6n98wVW29jxQHamzBKMh5tbT%2BU6JsNsqc9no82gWfRGX1GID6%2BaR05RZk1F3cT7%2BhNN3gfmChmWjkPu4zVn7pXa9q9%2FGC4mwvChLKFJm8Xv5hLO0ekoubqBmiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
734d10903dc6afcf-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
demoLogo.png
narasaku.com/template/news/youHuaV1/static/images/
70 KB
71 KB
Image
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/images/demoLogo.png
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae14db14c9bae4f773c994d7b4b1083684d0f7566ad557bdee298c98b288d7e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Jun 2022 15:08:57 GMT
server
cloudflare
etag
"62bb1989-118fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1ETG1Us0JmNjP41bHgw5wyBHIp%2BQzoSr%2BSfSVtt%2FVEJKOU%2BcGhMuMrDJ5MRzGDGUN33M99gibTctUjex1KwZZeDgRdwqWM5CXQiaELypoUV5WmXKQbcj4t%2BXR237ilWNbf5PI44BXH2kZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
734d10908bd21d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71933
720x90-1.gif
tien96.com/template/news/temp2/assets/images/
481 KB
482 KB
Image
General
Full URL
https://tien96.com/template/news/temp2/assets/images/720x90-1.gif
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab6decf73fd78e966d432d7f513c86139dba58a2f82b5f504ad850d6a7d8f77

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9656
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
492895
last-modified
Sat, 14 May 2022 14:18:49 GMT
server
cloudflare
etag
"627fba49-7855f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oO4%2FceH0d%2BHFmn3if%2BBjBLH%2F2XeJ55xQw%2BZTcoexi2nzxqISihDLqHt05g14FNfjJ7VTkTL2FAn06bYQqhmdflqQhpcZxBIW5lqs%2F5HlKcoZXWqskilZDDifuZ8WQrEvhwK5QRSqMrks"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
734d1090a88daf94-NRT
expires
Fri, 02 Sep 2022 04:00:00 GMT
cfb1d1302e759a060158679df402afb9.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/499270.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/cfb1d1302e759a060158679df402afb9.jpg
84 KB
84 KB
Image
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/picture/cfb1d1302e759a060158679df402afb9.jpg
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H3
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:57 GMT
cf-cache-status
MISS
last-modified
Sat, 14 May 2022 03:03:52 GMT
server
cloudflare
etag
"627f1c18-14edc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Fpvn%2BDQTOiELxJFLz7VEV0EA9s6UdoHYvK4UYmvtZbkjcc9sfegW4Zv5DI6EYbPFRWvV7RBfejZlQiUT0Nua7mI3zPY6R3oN3BgWH1lYCZJDdMuOVuRGrmz9%2BjVn253mzY0Mi%2BQrPRPLcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
734d10924d7e1d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85724

Redirect headers

date
Wed, 03 Aug 2022 06:40:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMsWncAAcJrTM3FJC5RXGEh9h5THQJzpJjpQ9lwVzrHjxCvbbGBeSlAJIsWHF7mPZbFUnxPvUObg8roElW70kl0mCUdtmDiq1ySoY6GqhVt1%2FlY3wlG0T3sGJO2wK4%2BcsvqfxLYtpk0%2BOxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpg; charset=UTF-8
location
/template/news/youHuaV1/static/picture/cfb1d1302e759a060158679df402afb9.jpg
cache-control
max-age=14400
cf-ray
734d1090abfb1d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fc0b6329804b295cf09e7b779e0c9ea9.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/4992701.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/fc0b6329804b295cf09e7b779e0c9ea9.jpg
0
0

fc1fa54e2c72a3b2c33fce519dd6660d.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/4992702.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/fc1fa54e2c72a3b2c33fce519dd6660d.jpg
0
0

aa9a1226db33e404c7d0ae76881eb890.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/915534.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/aa9a1226db33e404c7d0ae76881eb890.jpg
33 KB
33 KB
Image
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/picture/aa9a1226db33e404c7d0ae76881eb890.jpg
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H3
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:57 GMT
cf-cache-status
MISS
last-modified
Sat, 14 May 2022 02:10:56 GMT
server
cloudflare
etag
"627f0fb0-8240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaQGRmQow3b8kvC0wqYm6S2Cd3IIdMnWZOk%2FOzpOII6heEFiM0coqYjUnZKc3igYdfbpe6k9C3S2b4TNhqtQMOVYH5Ri6g4JaJsaako%2BYX4UmKkyxrS9DM28vA90xBApj3RyiykzjZ1nrf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
734d10924d761d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33344

Redirect headers

date
Wed, 03 Aug 2022 06:40:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwd4GTRvvUHS8J886NA9%2FsyeUkySZfChGF9hCZR%2FpjsreZAvtJCKcdnLQYPE6RgQVi%2Bs%2BCNdonOa0P06X7x0xjai2zwNNoHSgm55Ie8EP21eaSIyajZBJsZ%2FfgScDma90XX%2FQaEU7%2BoaBF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpg; charset=UTF-8
location
/template/news/youHuaV1/static/picture/aa9a1226db33e404c7d0ae76881eb890.jpg
cache-control
max-age=14400
cf-ray
734d1090ac001d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
265f6770dbc852fdfcc72a53bee6650b.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/857481.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/265f6770dbc852fdfcc72a53bee6650b.jpg
0
0

9e1b2ac590191dcfb66805133d21f6fb.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/880340.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/9e1b2ac590191dcfb66805133d21f6fb.jpg
0
0

304cdfb503b8d9b96e47fd910d305913.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/679663.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/304cdfb503b8d9b96e47fd910d305913.jpg
0
0

38cab99c6f858e7c533d8082086b82d0.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/461375.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/38cab99c6f858e7c533d8082086b82d0.jpg
0
0

bd918df934190a961dd72f88f0523dc6.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/713254.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/bd918df934190a961dd72f88f0523dc6.jpg
0
0

2f989ea50dbe705120912a9d62397367.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/52374.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/2f989ea50dbe705120912a9d62397367.jpg
0
0

hot.gif
narasaku.com/template/news/youHuaV1/wp-content/uploads/2021/09/
197 B
777 B
Image
General
Full URL
https://narasaku.com/template/news/youHuaV1/wp-content/uploads/2021/09/hot.gif
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
cf-cache-status
MISS
last-modified
Fri, 17 Sep 2021 04:05:24 GMT
server
cloudflare
etag
"61441404-c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBcWwcZxZWYY8s%2BcRiIMYpdsh41VKJ3cfHKCk53QSHhkp%2Bkm0u%2B%2B1ARRKi5TyTDp78QUD3Vq9QGhJRI9o9NpHFR9Ry2DMuKnZ1aO469rhnQewzWbkxHUSdq3Suav7%2FBp3b72DDp13R7dd3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
734d1090ac0f1d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197
flatsome7b00.js
narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/js/
157 KB
46 KB
Script
General
Full URL
https://narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/js/flatsome7b00.js
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c7a2250d9acb8e861340ab23388d0f9a0e92a04dfb6ec0bea7bbb9fa0a6b64

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 Sep 2021 04:01:14 GMT
server
cloudflare
etag
W/"6144130a-27252"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FX13Oz3PWX5E%2Ba6VQz9tLHykMehPa4tP0nW0eWFDyGz2yqi2iInqEMh6fo2hkVtDV6vWY4xL65cWRWQLh%2FP0cT62yvoGL2QcxMGyIyEnUBi81IZj5D%2FJI%2FHCQfCW1Y4Qy8JWRWKgmz5b8w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
734d1090dc3a1d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f690c4e46065e207fb7a7cfeb5ca535b.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/906267.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/f690c4e46065e207fb7a7cfeb5ca535b.jpg
0
0

56376f8d6b84d0e9495d40f71118c771.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/287898.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/56376f8d6b84d0e9495d40f71118c771.jpg
0
0

95001e561ac2fc238c506984cb4111b1.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/461751.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/95001e561ac2fc238c506984cb4111b1.jpg
0
0

2cd02e031190faee25dc0092944e6eec.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/115199.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/2cd02e031190faee25dc0092944e6eec.jpg
0
0

ea91b60a5587ffae3e11cf437f9c2ae4.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/464239.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/ea91b60a5587ffae3e11cf437f9c2ae4.jpg
38 KB
0
Image
General
Full URL
https://narasaku.com/template/news/youHuaV1/static/picture/ea91b60a5587ffae3e11cf437f9c2ae4.jpg
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H3
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://narasaku.com/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:57 GMT
cf-cache-status
MISS
last-modified
Sat, 14 May 2022 03:02:28 GMT
server
cloudflare
etag
"627f1bc4-2d950"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYstXhwNIpM91yn%2Bqqd0Mc9re0jq7d2LIXEY420Jo20ANHI%2Fh8Rs7%2BFaDGRV7v4enwSt5DlFhClsSkaviTZvn3umgeOrNug6v%2BJ207s0NYPKb3S3iiVT3cBOJk%2FfrVHcWKo5FZOyy0wxhC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
734d1092adb01d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
186704

Redirect headers

date
Wed, 03 Aug 2022 06:40:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz7v6IOtSqAMIwFDH2OHCMuvh4szm%2FCDpDpzKe%2F2%2Fjc6%2BkHSUxWu%2Fa5uAfapVqauZWCPIUZy9XHs0qjHOItGJk4FGkQPSpMow%2Fl56sEt2AxdQNQPaeQ5lnUi9hBUjA3otpQYl8tClcaBrIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpg; charset=UTF-8
location
/template/news/youHuaV1/static/picture/ea91b60a5587ffae3e11cf437f9c2ae4.jpg
cache-control
max-age=14400
cf-ray
734d1090ec531d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
9d4301d267422e9399582b934f691097.jpg
narasaku.com/template/news/youHuaV1/static/picture/
Redirect Chain
  • https://narasaku.com/uploads/images/19814.jpg
  • https://narasaku.com/template/news/youHuaV1/static/picture/9d4301d267422e9399582b934f691097.jpg
0
0

fl-iconsae55.woff2
narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/css/icons/
7 KB
7 KB
Font
General
Full URL
https://narasaku.com/template/news/youHuaV1/wp-content/themes/flatsome/assets/css/icons/fl-iconsae55.woff2
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a25a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
343b461359461daad66cca6ae40315cd78bf58ebe79eca9af84596d3d873c209

Request headers

Referer
https://narasaku.com/signin.php
Origin
https://narasaku.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:56 GMT
cf-cache-status
MISS
last-modified
Fri, 17 Sep 2021 04:01:14 GMT
server
cloudflare
etag
"6144130a-1a60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkHPa6i%2FEPkU3IYGP%2BfRUt1gX1RW11YO25tn99J52M%2FQ6sdqsyhIPdJiatfx3B9aIuRckomAVN6hvgpOX47Ix%2FcAxoD2VoJ9qXc0LCSul2U1wVOa4mpFrUjhMrGD6CdrLm0dy6Akp%2BcemDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
734d1090ec5c1d87-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6752
/
api.ipify.org/
0
0

/
0242.com/
936 B
963 B
Document
General
Full URL
https://0242.com/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
Requested by
Host: narasaku.com
URL: https://narasaku.com/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://narasaku.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
734d10941e431d67-NRT
content-encoding
br
content-type
text/html
date
Wed, 03 Aug 2022 06:40:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 18 May 2022 09:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NA7nxRdkQWT87TGeqKIC8YpwcwQdbrkIqOtPiGzGzOYfRehBlAXyyNTRAhGmDfF4z5d9CiylF5SwULoRtCDAdmMAJlo2u4%2FaojjGCyno313dOAsDAI761w7cJ1lAfuZV93J%2BdZSOoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request /
0242now.xyz/
4 KB
2 KB
Document
General
Full URL
https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
Requested by
Host: 0242.com
URL: https://0242.com/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ba03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4994b180190cb220a054f8bfdf9c9022c72d57e00bd4b8a9a47a19e1c4ef843a

Request headers

Referer
https://0242.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
734d1095ca0680d5-NRT
content-encoding
br
content-type
text/html
date
Wed, 03 Aug 2022 06:40:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Jul 2022 16:19:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytB4u74FkUqPFrWA9OEo6SAgk3VbKZ5ZNmHsuNDfAOZWk95aj94I%2FI7eRJMdS7TTTxSQAVaDVqjelCSqi795QWFuaEMHPcKaknzS0As%2BKRR1ovB158ssHEDQ%2B3oIigz1TCQia%2FhQRwXKIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.js
0242now.xyz/assets/js/
281 KB
84 KB
Script
General
Full URL
https://0242now.xyz/assets/js/jquery.js
Requested by
Host: 0242now.xyz
URL: https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ba03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://0242now.xyz/?dataType=0ec3a30a7b37c382c28037c3b2c29d57c2ab30c38e175c000f5c3c0ec3bb5b07c38825c2bac388c38f72
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:40:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 May 2022 06:44:15 GMT
server
cloudflare
etag
W/"628495bf-4638e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOwuMJcvbPFu51CyKrLCFYO9GfwyE%2FBB%2B%2FX5SSAT2e51T2f8j8hpp%2FBQtMTkGNUwCoCh5%2FAbNrKzvnAjG9ovlYq8ACAunJdlrIGRFsaHmTl7vzcpYVYeNazHdRMkRthgy2d50fmrnhi8NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
734d10975ac7affd-NRT
expires
Wed, 03 Aug 2022 18:40:56 GMT
/
api.ipify.org/
24 B
252 B
XHR
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: 0242now.xyz
URL: https://0242now.xyz/assets/js/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
12f4553a44006de83dfd2a5707a1d742c4f292c95bcb3efc2e42915fce8ec269

Request headers

Accept
*/*
Referer
https://0242now.xyz/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 06:40:57 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://0242now.xyz
Connection
keep-alive
Content-Length
24
/
total.ebooktom.com/api/add_traffic_tj/
51 B
632 B
XHR
General
Full URL
https://total.ebooktom.com/api/add_traffic_tj/
Requested by
Host: 0242now.xyz
URL: https://0242now.xyz/assets/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c501536b8dfb0e3abb319fe797e1f5a3e58ad906d3e7da6a838e5bb65a23ae

Request headers

Accept
*/*
Referer
https://0242now.xyz/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 03 Aug 2022 06:40:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJx1%2BQKCrw8Wu%2BBylOmaLDgijeq0GibkfNxk%2BSTKblSn2hOubGv92DkAqTyDXi2Jx3hAF%2BAiYMnPBQmx%2Fm6vRErzmiiqOd2maiqa4YhFbH94lcEErVk2%2BwVvHq0zFkkypjQT%2B3fNWBI0rI89Gjm3tvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://0242now.xyz
access-control-allow-credentials
true
cf-ray
734d1098b9641d7f-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/fc0b6329804b295cf09e7b779e0c9ea9.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/fc1fa54e2c72a3b2c33fce519dd6660d.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/265f6770dbc852fdfcc72a53bee6650b.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/9e1b2ac590191dcfb66805133d21f6fb.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/304cdfb503b8d9b96e47fd910d305913.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/38cab99c6f858e7c533d8082086b82d0.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/bd918df934190a961dd72f88f0523dc6.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/2f989ea50dbe705120912a9d62397367.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/f690c4e46065e207fb7a7cfeb5ca535b.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/56376f8d6b84d0e9495d40f71118c771.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/95001e561ac2fc238c506984cb4111b1.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/2cd02e031190faee25dc0092944e6eec.jpg
Domain
narasaku.com
URL
https://narasaku.com/template/news/youHuaV1/static/picture/9d4301d267422e9399582b934f691097.jpg
Domain
api.ipify.org
URL
https://api.ipify.org/?format=json

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| addLog function| b64Encode function| b64Decode function| add_log function| checkurl

0 Cookies

6 Console Messages

Source Level URL
Text
security warning URL: https://narasaku.com/signin.php
Message:
Mixed Content: The page at 'https://narasaku.com/signin.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/906267.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://narasaku.com/signin.php
Message:
Mixed Content: The page at 'https://narasaku.com/signin.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/287898.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://narasaku.com/signin.php
Message:
Mixed Content: The page at 'https://narasaku.com/signin.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/461751.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://narasaku.com/signin.php
Message:
Mixed Content: The page at 'https://narasaku.com/signin.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/115199.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://narasaku.com/signin.php
Message:
Mixed Content: The page at 'https://narasaku.com/signin.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/464239.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://narasaku.com/signin.php
Message:
Mixed Content: The page at 'https://narasaku.com/signin.php' was loaded over HTTPS, but requested an insecure element 'http://narasaku.com/uploads/images/19814.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0242.com
0242now.xyz
api.ipify.org
narasaku.com
qh88.pro
tien96.com
total.ebooktom.com
use.fontawesome.com
api.ipify.org
narasaku.com
2606:4700:3030::ac43:a25a
2606:4700:3030::ac43:d435
2606:4700:3031::ac43:a0a0
2606:4700:3032::6815:3b94
2606:4700:3032::ac43:a9f7
2606:4700:3037::ac43:ba03
2606:4700:3037::ac43:bac9
54.91.59.199
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
12f4553a44006de83dfd2a5707a1d742c4f292c95bcb3efc2e42915fce8ec269
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
26c501536b8dfb0e3abb319fe797e1f5a3e58ad906d3e7da6a838e5bb65a23ae
343b461359461daad66cca6ae40315cd78bf58ebe79eca9af84596d3d873c209
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4994b180190cb220a054f8bfdf9c9022c72d57e00bd4b8a9a47a19e1c4ef843a
54a514882b19488a83518919e8ce8df9da16450f2e5e260bd0ee6377277c0240
5ae14db14c9bae4f773c994d7b4b1083684d0f7566ad557bdee298c98b288d7e
5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522
8837c25245a7d8fd6de05389d03dd549b16fc96962c5a8e390be344092c458d9
92c7a2250d9acb8e861340ab23388d0f9a0e92a04dfb6ec0bea7bbb9fa0a6b64
97e896f26810fbc8624e7501b76c3a72c3eeeb0149632091d908e4304da12af1
aab6decf73fd78e966d432d7f513c86139dba58a2f82b5f504ad850d6a7d8f77
ae85f8263336d0f044f03b5de886daa788bfe33232d1092b8db437f4144e995d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
f760533e83acaa8bf1242efd61cc358f88706ca7ddbe5893144fd7e878af1db8