urlscan.io logo urlscan.io
SecurityTrails logo

d2l1u50ewpwgyc.cloudfront.net Open in urlscan Pro
13.32.158.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.cn/RkL0GyM
Effective URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Submission: On August 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 59 HTTP transactions. The main IP is 13.32.158.66, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is d2l1u50ewpwgyc.cloudfront.net.
TLS certificate: Issued by DigiCert Global CA G2 on November 22nd 2017. Valid for: a year.
This is the only time d2l1u50ewpwgyc.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 116.211.169.137 58563 (CHINATELE...)
1 151.101.13.194 54113 (FASTLY)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
4 151.101.12.133 54113 (FASTLY)
3 2400:cb00:204... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 5 13.32.158.76 16509 (AMAZON-02)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 13.32.158.66 16509 (AMAZON-02)
10 1.175.116.61 3462 (HINET Dat...)
1 2a00:1450:400... 15169 (GOOGLE)
4 1.173.164.160 3462 (HINET Dat...)
6 216.58.206.2 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
59 16
1    116.211.169.137 (Wuhan, China)

ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)
t.cn
1    151.101.13.194 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
0rr32d.global.ssl.fastly.net
2    2400:cb00:2048:1::6810:5514 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.jsdelivr.net
7    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
4    151.101.12.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
raw.githubusercontent.com
3    2400:cb00:2048:1::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
7    2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
5    13.32.158.76 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-76.fra56.r.cloudfront.net
d2l1u50ewpwgyc.cloudfront.net
4    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:400c:c0c::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
4    13.32.158.66 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-66.fra56.r.cloudfront.net
d2l1u50ewpwgyc.cloudfront.net
10    1.175.116.61 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 1-175-116-61.dynamic-ip.hinet.net
1.175.116.61
1    2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
4    1.173.164.160 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 1-173-164-160.dynamic-ip.hinet.net
1.173.164.160
6    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
Domain Requested by
9 d2l1u50ewpwgyc.cloudfront.net 2 redirects cdn.jsdelivr.net
0rr32d.global.ssl.fastly.net
d2l1u50ewpwgyc.cloudfront.net
7 pagead2.googlesyndication.com 0rr32d.global.ssl.fastly.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
d2l1u50ewpwgyc.cloudfront.net
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
d2l1u50ewpwgyc.cloudfront.net
4 www.google-analytics.com 2 redirects 0rr32d.global.ssl.fastly.net
d2l1u50ewpwgyc.cloudfront.net
4 raw.githubusercontent.com cdn.jsdelivr.net
d2l1u50ewpwgyc.cloudfront.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 cdnjs.cloudflare.com 0rr32d.global.ssl.fastly.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 stats.g.doubleclick.net 0rr32d.global.ssl.fastly.net
d2l1u50ewpwgyc.cloudfront.net
2 adservice.google.com pagead2.googlesyndication.com
www.googletagservices.com
2 adservice.google.de pagead2.googlesyndication.com
www.googletagservices.com
2 cdn.jsdelivr.net 0rr32d.global.ssl.fastly.net
d2l1u50ewpwgyc.cloudfront.net
1 www.googletagservices.com d2l1u50ewpwgyc.cloudfront.net
1 0rr32d.global.ssl.fastly.net
1 t.cn 1 redirects
59 15

This site contains links to these domains. Also see Links.

Domain
1.175.116.61
github.com
t.cn
Subject Issuer Validity Valid
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-07-27 -
2019-02-01		 6 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-05-19 -
2018-11-25		 6 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2017-03-23 -
2020-05-13		 3 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-04-14 -
2018-10-21		 6 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2017-11-22 -
2018-11-21		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh

This page contains 7 frames:

Primary Page: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Frame ID: 5E7B9DEFB28B08AD7352892C63E4E2A8
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180820/r20180604/zrt_lookup.html
Frame ID: 2A74708E38CE1DAF30BF87342E3CDBE7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Frame ID: AC978436C6B55D21801A86517FCEC2DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1535065063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535065063441&bpp=8&bdt=498&fdt=10&idt=123&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&correlator=5492449165332&frm=20&pv=2&ga_vid=128871422.1535065064&ga_sid=1535065064&ga_hid=1488550791&ga_fc=0&iag=0&icsg=35488&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=Cen08hORKb&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=148
Frame ID: A80F42C72CAA1FADB9C6EBA96660C9A2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Frame ID: 55CD90EAEA4C4D213EB2D9FFD5DCB74C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1535065063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535065063452&bpp=7&bdt=509&fdt=162&idt=165&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=5492449165332&frm=20&pv=1&ga_vid=128871422.1535065064&ga_sid=1535065064&ga_hid=1488550791&ga_fc=0&iag=0&icsg=559776&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=NkANWUv6vj&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=170
Frame ID: 83F1DC4CF9EC2082DCF1A3C9C3EBFB4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180820/r20110914/activeview/osd_listener.js
Frame ID: F525E55EEC4336434EDD69743EDDDE26
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.cn/RkL0GyM HTTP 302
    https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534 Page URL
  2. https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365e... HTTP 302
    https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=htt... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

59
Requests

75 %
HTTPS

50 %
IPv6

12
Domains

15
Subdomains

16
IPs

4
Countries

1015 kB
Transfer

2541 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.cn/RkL0GyM HTTP 302
    https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534 Page URL
  2. https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365ef364 HTTP 302
    https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.cn/RkL0GyM HTTP 302
  • https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1488550791&t=pageview&_s=1&dl=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=2052691227&gjid=1300405727&cid=128871422.1535065064&tid=UA-90274311-1&_gid=1413853686.1535065064&_r=1&z=1534873289 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=128871422.1535065064&jid=2052691227&_gid=1413853686.1535065064&gjid=1300405727&_v=j68&z=1534873289
Request Chain 23
  • https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365ef364 HTTP 302
  • https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Request Chain 48
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=886091437&t=pageview&_s=1&dl=https%3A%2F%2Fd2l1u50ewpwgyc.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957317365ef364%26ag%3Dhttp%3A%2F%2F220%2F&dr=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&ul=en-us&de=UTF-8&dt=%E5%8A%A8%E6%80%81%E7%BD%91&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=774442880&gjid=1214162087&cid=1749812380.1535065068&tid=UA-90274311-1&_gid=1261118753.1535065068&_r=1&z=1595007398 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1749812380.1535065068&jid=774442880&_gid=1261118753.1535065068&gjid=1214162087&_v=j68&z=1595007398

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set oo.aspx
0rr32d.global.ssl.fastly.net/
Redirect Chain
  • http://t.cn/RkL0GyM
  • https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
83 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6db08aabf23358ecfbdf9a54825aa94ee15b85b4091e6e4024bb43147be29af1

Request headers

Host
0rr32d.global.ssl.fastly.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5E7B9DEFB28B08AD7352892C63E4E2A8

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Set-Cookie
ASP.NET_SessionId=35je1k0l5bzt00qhrw3qtash; path=/; HttpOnly
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Accept-Ranges
bytes bytes
Age
0 0
Content-Length
19886
Date
Thu, 23 Aug 2018 22:57:42 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19143-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1535065062.293780,VS0,VE546
Vary
Accept-Encoding

Redirect headers

Date
Thu, 23 Aug 2018 22:57:42 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
280
Connection
keep-alive
Set-Cookie
aliyungf_tc=AQAAANzGqkVEMwEA/i37lN1ZRhfrwXln; Path=/; HttpOnly
Server
nginx
Location
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
jquery.min.js
cdn.jsdelivr.net/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:5514 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cache
HIT, HIT
status
200
content-length
33793
x-served-by
cache-ams4136-AMS, cache-fra19140-FRA
timing-allow-origin
*
server
cloudflare
etag
"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
44f12e036f2a643f-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
cff4686dc7e0e3878fce51018c4afe69cf7a3a9957f9d906f3e572af275aab2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27216
x-xss-protection
1; mode=block
server
cafe
etag
16279746278503256777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Aug 2018 22:57:43 GMT
oShowz.txt
raw.githubusercontent.com/onorm/Up/master/ 		812 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/onorm/Up/master/oShowz.txt?50145058
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e5aab9d7312ca91dcb3ea2104f982cddc34936fd453466af90749e823ea1acf5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
1af0b2f1505127303d0f3058d9a178698d1ba7c0
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
216
ETag
"8a52a591629007f043d00236707256746842931a"
X-Served-By
cache-fra19138-FRA
X-Geo-Block-List
X-GitHub-Request-Id
1F52:78A4:9E2D:A80E:5B7F3BE6
X-Timer
S1535065063.400534,VS0,VE93
X-Frame-Options
deny
Date
Thu, 23 Aug 2018 22:57:43 GMT
Source-Age
0
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Thu, 23 Aug 2018 23:02:43 GMT
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/ 		35 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/video-js.min.css
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7c27b219ef1c4b8e672bf3ce1f4f192235bf83b8d81c44c55a0a06f3f9c736
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 26 Jul 2018 20:45:50 GMT
server
cloudflare
etag
W/"5b5a32fe-8aa0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
44f12e0639629ad0-FRA
expires
Tue, 13 Aug 2019 22:57:43 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/ 		471 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/video.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a19405088f969aecf491b8b729f0d9dbc87dac4f6092a9e8a0d883075ff2979
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.004
last-modified
Thu, 26 Jul 2018 20:45:50 GMT
server
cloudflare
etag
W/"5b5a32fe-75c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
44f12e0639639ad0-FRA
expires
Tue, 13 Aug 2019 22:57:43 GMT
videojs-contrib-hls.min.js
cdnjs.cloudflare.com/ajax/libs/videojs-contrib-hls/5.14.1/ 		227 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/videojs-contrib-hls/5.14.1/videojs-contrib-hls.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e01d2473096e9ebafb493d80dce879d677d52f4bb5715df39c46de4ab7466b0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.009
last-modified
Thu, 17 May 2018 09:26:37 GMT
server
cloudflare
etag
W/"5afd4acd-38b13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
44f12e0639659ad0-FRA
expires
Tue, 13 Aug 2019 22:57:43 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=0rr32d.global.ssl.fastly.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=0rr32d.global.ssl.fastly.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-9887006928691465.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		471 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-9887006928691465.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fa2dc680d1539f29a606b5ad3ddb03e4770e6a0a62a97996a194be2e51dfd2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Aug 2018 01:04:18 GMT
server
sffe
age
103
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
232
x-xss-protection
1; mode=block
expires
Fri, 24 Aug 2018 10:56:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180820/r20180604/ Frame 2A74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180820/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180820/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5E7B9DEFB28B08AD7352892C63E4E2A8
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 21 Aug 2018 05:43:08 GMT
expires
Tue, 04 Sep 2018 05:43:08 GMT
content-type
text/html; charset=UTF-8
etag
15840095812326030575
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6941
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
234875
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/ Frame AC97 		190 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7cedf05ee2accb91776cca40a3434536d1049741ac51c7756c7865ee95307648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
71982
x-xss-protection
1; mode=block
server
cafe
etag
11381798742267309166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Aug 2018 22:57:43 GMT
0a5dbf15-007e-4c40-8e33-b3e9eb1f12ac
https://0rr32d.global.ssl.fastly.net/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://0rr32d.global.ssl.fastly.net/0a5dbf15-007e-4c40-8e33-b3e9eb1f12ac
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/video.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
oo.aspx
d2l1u50ewpwgyc.cloudfront.net/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_ooshow&ag=okHead&sign=cf23686d4e1cc9c615ef007f04957317365ef364
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-76.fra56.r.cloudfront.net
Software
/
Resource Hash
9cd8118fe22711aeca5ae5362f2ce723315da5d20f608c4f0db9d7e850059c3b

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
l1fTYvcvE-trQMnef9fXys7jx5hP2khFn7GfYj9A-kb4fWNLs9RoPg==
via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
2694
date
Thu, 23 Aug 2018 22:12:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Fri, 24 Aug 2018 00:12:49 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A80F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1535065063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535065063441&bpp=8&bdt=498&fdt=10&idt=123&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&correlator=5492449165332&frm=20&pv=2&ga_vid=128871422.1535065064&ga_sid=1535065064&ga_hid=1488550791&ga_fc=0&iag=0&icsg=35488&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=Cen08hORKb&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=148
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1535065063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535065063441&bpp=8&bdt=498&fdt=10&idt=123&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&correlator=5492449165332&frm=20&pv=2&ga_vid=128871422.1535065064&ga_sid=1535065064&ga_hid=1488550791&ga_fc=0&iag=0&icsg=35488&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=Cen08hORKb&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=148
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5E7B9DEFB28B08AD7352892C63E4E2A8
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Aug 2018 22:57:43 GMT
server
cafe
cache-control
private
content-length
385
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 23-Aug-2018 23:12:43 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 23 Aug 2018 22:57:43 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
8503fcb9a242a188721b8682b2dd39d1549bf4d466df791a80a63769342181d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 05:43:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26406
x-xss-protection
1; mode=block
server
cafe
etag
7551003021869209732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Sep 2018 05:43:10 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1488550791&t=pageview&_s=1&dl=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=128871422.1535065064&jid=2052691227&_gid=1413853686.1535065064&gjid=1300405727&_v=j68&z=1534873289
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=128871422.1535065064&jid=2052691227&_gid=1413853686.1535065064&gjid=1300405727&_v=j68&z=1534873289
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c0c::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Aug 2018 22:57:43 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Aug 2018 22:57:43 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=128871422.1535065064&jid=2052691227&_gid=1413853686.1535065064&gjid=1300405727&_v=j68&z=1534873289
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/ Frame 55CD 		190 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7cedf05ee2accb91776cca40a3434536d1049741ac51c7756c7865ee95307648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
71982
x-xss-protection
1; mode=block
server
cafe
etag
11381798742267309166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Aug 2018 22:57:43 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 83F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1535065063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535065063452&bpp=7&bdt=509&fdt=162&idt=165&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=5492449165332&frm=20&pv=1&ga_vid=128871422.1535065064&ga_sid=1535065064&ga_hid=1488550791&ga_fc=0&iag=0&icsg=559776&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=NkANWUv6vj&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=170
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1535065063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535065063452&bpp=7&bdt=509&fdt=162&idt=165&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=5492449165332&frm=20&pv=1&ga_vid=128871422.1535065064&ga_sid=1535065064&ga_hid=1488550791&ga_fc=0&iag=0&icsg=559776&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=NkANWUv6vj&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=170
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5E7B9DEFB28B08AD7352892C63E4E2A8
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Aug 2018 22:57:43 GMT
server
cafe
cache-control
private
content-length
385
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 23-Aug-2018 23:12:43 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 23 Aug 2018 22:57:43 GMT
oo.aspx
d2l1u50ewpwgyc.cloudfront.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_ooshow&ag=ogFoot&from=Email-web&tag=24214534&sign=cf23686d4e1cc9c615ef007f04957317365ef364
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-76.fra56.r.cloudfront.net
Software
/
Resource Hash
17a219f1bf472bfdcbcc999e84fc77594d26b0701773b532ae3e29bc07da4677

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:43 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
UOBhHsExD_SRiMdfvldqdbDPs-CLixgJCAK3CW6N7DLjnPpeKF3eKg==
via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
oGate.png
raw.githubusercontent.com/opipe/Up/master/A/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/opipe/Up/master/A/oGate.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
df7657d68bf3516e6fcb8ca6bbdeeea5f4497fa8af918875e9eb90714968b6cc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
d1f70d237c4ac8745423bad3a3223fd25c16c995
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
HIT
X-Cache-Hits
1
Connection
keep-alive
Content-Length
7480
ETag
"2a4235ecb3129c2a7b8a97608822d53eddbd9a25"
X-Served-By
cache-fra19143-FRA
X-GitHub-Request-Id
9B9C:3375:AEC0:BF64:5B7F3B81
X-Timer
S1535065064.317216,VS0,VE0
X-Frame-Options
deny
Date
Thu, 23 Aug 2018 22:57:44 GMT
Source-Age
103
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Thu, 23 Aug 2018 23:02:44 GMT
ogHead.jpg
raw.githubusercontent.com/opipe/Up/master/A/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/opipe/Up/master/A/ogHead.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9a6af060cc89302f579f527a01b5efa3ea9cc20f783e7833ff1cb00db7530dcb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
faab71a76d79cfa19de7b0ee70706b66ca889001
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
HIT
X-Cache-Hits
2
Connection
keep-alive
Content-Length
145092
ETag
"f7f243ce8ab4be77f959e727f4b5a9c01ec9ca0a"
X-Served-By
cache-fra19143-FRA
X-GitHub-Request-Id
40C8:1DFA:36F04:3924D:5B7F3B81
X-Timer
S1535065064.323073,VS0,VE0
X-Frame-Options
deny
Date
Thu, 23 Aug 2018 22:57:44 GMT
Source-Age
102
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Thu, 23 Aug 2018 23:02:44 GMT
oo.aspx
d2l1u50ewpwgyc.cloudfront.net/
Redirect Chain
  • https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365ef364
  • https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-76.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:44 GMT
via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
status
302
location
oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
content-length
221
x-amz-cf-id
AfktuQeTyatbaxyRqOMM8rA2Nv9CYFDmGyyrdWuDROLRZYdHLO27Xg==

Redirect headers

date
Thu, 23 Aug 2018 22:57:44 GMT
via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
status
302
location
oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
content-length
221
x-amz-cf-id
AfktuQeTyatbaxyRqOMM8rA2Nv9CYFDmGyyrdWuDROLRZYdHLO27Xg==
oo.aspx
d2l1u50ewpwgyc.cloudfront.net/ 		61 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-76.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
text/plain, */*; q=0.01
X-DevTools-Emulate-Network-Conditions-Client-Id
5E7B9DEFB28B08AD7352892C63E4E2A8
Origin
https://0rr32d.global.ssl.fastly.net
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:44 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
hiaTsJJkVxD7mJsqXAFkMDHVNs0MASzKzImxDbeKfk2E9kjmuoS6Zg==
via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
Primary Request oo.aspx
d2l1u50ewpwgyc.cloudfront.net/
Redirect Chain
  • https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365ef364
  • https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
61 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-66.fra56.r.cloudfront.net
Software
/
Resource Hash
bcd192d2f52e7c6ff00369311b493a935b7428ce04c632fe4f02799876c79c8e

Request headers

:method
GET
:authority
d2l1u50ewpwgyc.cloudfront.net
:scheme
https
:path
/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534
accept-encoding
gzip, deflate
cookie
ASP.NET_SessionId=i500sltoqunjlhv5fj5fqwi4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5E7B9DEFB28B08AD7352892C63E4E2A8
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=24214534

Response headers

status
200
content-type
text/html; charset=utf-8
vary
Accept-Encoding
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
private
date
Thu, 23 Aug 2018 22:57:46 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
x-amz-cf-id
wH2QLJMtyQaGGjXF76NzsRgv0ZLcMDsspNICFizDtm8inhc1VSH_0A==

Redirect headers

status
302
content-type
text/html; charset=utf-8
content-length
221
location
oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
private
date
Thu, 23 Aug 2018 22:57:45 GMT
set-cookie
ASP.NET_SessionId=i500sltoqunjlhv5fj5fqwi4; path=/; HttpOnly
x-cache
Miss from cloudfront
via
1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
x-amz-cf-id
UC5WMpdpocr2R1fQ7xx-xyE9HJCpIOYuWdFFsQp7j7nqGRDLM2lDHA==
oo.aspx
d2l1u50ewpwgyc.cloudfront.net/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F220%2Floc%2Fimages%2Fglobal5.css
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-66.fra56.r.cloudfront.net
Software
/
Resource Hash
97754e27b9aca72bbdef392e5bfb593b0976b58284c090de2023e20124dd722b

Request headers

:path
/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F220%2Floc%2Fimages%2Fglobal5.css
pragma
no-cache
cookie
ASP.NET_SessionId=i500sltoqunjlhv5fj5fqwi4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
d2l1u50ewpwgyc.cloudfront.net
referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
:scheme
https
:method
GET
Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:46 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
cT6QcT0LRX7EdE0tOqWvv3He6nHIorz9G259e6tjMsRJtJ-2ZONbBA==
via
1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
jquery.min.js
cdn.jsdelivr.net/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:5514 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cache
HIT, HIT
status
200
content-length
33793
x-served-by
cache-ams4136-AMS, cache-fra19140-FRA
timing-allow-origin
*
server
cloudflare
etag
"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
44f12e1d7c3e643f-FRA
oo.aspx
d2l1u50ewpwgyc.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-66.fra56.r.cloudfront.net
Software
/
Resource Hash
c08e221a121c8365bc11f854dfb0e22ac7bef0f1841c2c6ae86133e6fb60ce33

Request headers

:path
/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
pragma
no-cache
cookie
ASP.NET_SessionId=i500sltoqunjlhv5fj5fqwi4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
d2l1u50ewpwgyc.cloudfront.net
referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
:scheme
https
:method
GET
Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:46 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
veosnkG6754PUgXzFxXOuQs3vDOWQ0QOsST0JVrXyD2L08Kf4GoTgQ==
via
1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
MNV3s_JEt2.png
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976tDDD.ANpbc3PD3pb.VNv/sNV/Pv3buR/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976tDDD.ANpbc3PD3pb.VNv/sNV/Pv3buR/MNV3s_JEt2.png
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
bec1335031e588df78ce1bc5f0361ec161327d5590fc27b2d49ace451288953a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 02:04:18 GMT
Last-Modified
Tue, 17 Jul 2018 13:47:06 GMT
Server
Apache
Age
75210
ETag
"a79488-2e12-2e800a80"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11794
Expires
Thu, 06 Sep 2018 02:04:18 GMT
xv_PAj.png
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976FYYY.q5EATLsYLEA.B5C/45B/sCLAny/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976FYYY.q5EATLsYLEA.B5C/45B/sCLAny/xv_PAj.png
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
93e8935c30b890b403db343d6567541cd9c737748097a49bd4e11cb814a4f7bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 02:04:18 GMT
Last-Modified
Wed, 01 Mar 2017 08:54:42 GMT
Server
Apache
Age
75210
ETag
"a7ba23-e5c-769e3880"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3676
Expires
Thu, 06 Sep 2018 02:04:18 GMT
98_tUH0.png
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba539764VVV.zeoUy0FV0oU.meH/gem/FH0ULb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba539764VVV.zeoUy0FV0oU.meH/gem/FH0ULb/98_tUH0.png
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
73e3d2fd0a887baa7233b659c59ee421c2a24a06d4f5c31ee89e1e4740de2c0b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 02:04:18 GMT
Last-Modified
Wed, 01 Mar 2017 08:54:42 GMT
Server
Apache
Age
75210
ETag
"a7c1be-e67-769e3880"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3687
Expires
Thu, 06 Sep 2018 02:04:18 GMT
QaPPEJ4KP.jpg
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976grrr.paJqbM4rMJq.QaP/7aQ/4PMq0K/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976grrr.paJqbM4rMJq.QaP/7aQ/4PMq0K/QaPPEJ4KP.jpg
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
da7371ef02e19463b6993c8ca45b4416c4cfc160f38d4edd5faa57302258d5d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 14:25:59 GMT
Last-Modified
Mon, 27 Nov 2017 19:42:34 GMT
Server
Apache
Age
30709
ETag
"a79202-58ad-1a907e80"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22701
Expires
Thu, 06 Sep 2018 14:25:59 GMT
zoOg2DBo.jpg
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba539767BBB.OXDzK2gB2Dz.fXt/dXf/gt2zMA/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba539767BBB.OXDzK2gB2Dz.fXt/dXf/gt2zMA/zoOg2DBo.jpg
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
9f0eb95d005f028fcf89c6e873d564032324966ece6b962217577cd1df8c1924

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 14:26:00 GMT
Last-Modified
Fri, 13 Oct 2017 03:54:15 GMT
Server
Apache
Age
30708
ETag
"a79142-6842-9c42c7c0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26690
Expires
Thu, 06 Sep 2018 14:26:00 GMT
Gcwse7S6-d8duTd.jpg
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976dmmm.ES6pAw7mw6p.GSs/ISG/7swp2U/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976dmmm.ES6pAw7mw6p.GSs/ISG/7swp2U/Gcwse7S6-d8duTd.jpg
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
3bea924920206fd67b045b5b64ac4c151bb13cc0b9fd3ee6fc1bb06af8002ec3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 14:26:00 GMT
Last-Modified
Fri, 13 Oct 2017 03:54:15 GMT
Server
Apache
Age
30708
ETag
"a7912f-8a91-9c42c7c0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35473
Expires
Thu, 06 Sep 2018 14:26:00 GMT
oWYiw.jpg
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976IQQQ.ohYOUWdQWYO.ihF/uhi/dFWOwq/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976IQQQ.ohYOUWdQWYO.ihF/uhi/dFWOwq/oWYiw.jpg
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
75ae726a7aae89cb7fd13ba84aa43d63c0c50c6b10c1b413fdb3d519dc7d0af0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 14:26:00 GMT
Last-Modified
Wed, 23 Nov 2016 03:26:25 GMT
Server
Apache
Age
30708
ETag
"a7c1b9-a088-74231a40"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41096
Expires
Thu, 06 Sep 2018 14:26:00 GMT
q6IJZVE.png
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976ufff.JvVEqZIfZVE.1v4/3v1/I4ZEWz/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976ufff.JvVEqZIfZVE.1v4/3v1/I4ZEWz/q6IJZVE.png
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
544c8004499639b47998504ea6fb988ab864773b2fbe80e3de423a5ae5ee9e17

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 14:26:00 GMT
Last-Modified
Sun, 20 Jul 2014 16:38:49 GMT
Server
Apache
Age
30708
ETag
"a7ba5d-126f-9ffa9840"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4719
Expires
Thu, 06 Sep 2018 14:26:00 GMT
0Suro.png
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba539763GGG.D8rozcuGcro.l8g/n8l/ugcoZp/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba539763GGG.D8rozcuGcro.l8g/n8l/ugcoZp/0Suro.png
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
b234534878a2d9e11052313e2ce55372a0752e7d3165e9b6cccfc784da59dca5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 14:26:00 GMT
Last-Modified
Fri, 04 Jul 2008 15:27:34 GMT
Server
Apache
Age
30708
ETag
"a7b9e5-43ec-5d66a580"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17388
Expires
Thu, 06 Sep 2018 14:26:00 GMT
p3RBp3kCCWO.png
1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976niii.6CBJpR3iRBJ.xC7/LCx/37RJcO/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.175.116.61/hp22544d72d85658ce16b21660381b8b644ba53976niii.6CBJpR3iRBJ.xC7/LCx/37RJcO/p3RBp3kCCWO.png
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.175.116.61 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-175-116-61.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
1de9272d0960719fb1fc8b2d8c3ff205de41636d412db53226df6e0fa1c62c2f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 14:26:00 GMT
Last-Modified
Wed, 28 May 2014 21:30:59 GMT
Server
Apache
Age
30708
ETag
"a7ba2e-3c2e-87424ac0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
Expires
Thu, 06 Sep 2018 14:26:00 GMT
oGate.jpg
raw.githubusercontent.com/opipe/Up/master/Tools/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/opipe/Up/master/Tools/oGate.jpg
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
fd3ca4b2771dc70f499e6f0469096250e9ca4f439d6c8feaa3e9d0a66afa4dfe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
70fa670778b3f476971eb1ed315bed6b4e52125b
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
7877
ETag
"60305ebdf358846aaf2aad46a4ad4df20e75f63e"
X-Served-By
cache-fra19143-FRA
X-GitHub-Request-Id
390E:0D61:145E6:165E4:5B7F3BEB
X-Timer
S1535065068.679947,VS0,VE114
X-Frame-Options
deny
Date
Thu, 23 Aug 2018 22:57:47 GMT
Source-Age
0
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Thu, 23 Aug 2018 23:02:47 GMT
gpt.js
www.googletagservices.com/tag/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dc51ebfab0a4b4a8144f6467bcb608d6f79aec2c270bf5cea872b94c945638ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"8 / 64 of 1000 / last-modified: 1535039776"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7799
x-xss-protection
1; mode=block
expires
Thu, 23 Aug 2018 22:57:47 GMT
U9sBBt9_J2_f9sT2t.jpg
1.173.164.160/hp22544d72d85658ce16b21660381b8b644ba53976XUUU.WfT2nsaUsT2.pfN/Sfp/aNs2tL/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.173.164.160/hp22544d72d85658ce16b21660381b8b644ba53976XUUU.WfT2nsaUsT2.pfN/Sfp/aNs2tL/U9sBBt9_J2_f9sT2t.jpg
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.173.164.160 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-173-164-160.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
50d450a0b9020ae027ebd16cc43357d44edfcea5b9e4f7f0a0d5b4185303ec5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 20:06:48 GMT
Last-Modified
Tue, 22 Mar 2011 01:15:54 GMT
Server
Apache
Age
10261
ETag
"a7ba3a-46c2-fc572680"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18114
Expires
Thu, 06 Sep 2018 20:06:48 GMT
ANc.gif
1.173.164.160/hp22544d72d85658ce16b21660381b8b644ba53976tDDD.ANpbc3PD3pb.VNv/sNV/Pv3buR/ 		45 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.173.164.160/hp22544d72d85658ce16b21660381b8b644ba53976tDDD.ANpbc3PD3pb.VNv/sNV/Pv3buR/ANc.gif
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.173.164.160 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-173-164-160.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
393be6a9918a4d36d4a7074444e02eaa4ceb2fc3b2390dd761c491e24c33b321

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 12:43:16 GMT
Last-Modified
Tue, 01 Jul 2008 19:18:19 GMT
Server
Apache
Age
36872
ETag
"a7ba01-2d-3d1a74c0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45
Expires
Thu, 06 Sep 2018 12:43:16 GMT
M1f_I4gR4k_1kgKZ4.png
1.173.164.160/hp22544d72d85658ce16b21660381b8b644ba53976vppp.R1KZMghpgKZ.o1e/81o/hegZ42/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.173.164.160/hp22544d72d85658ce16b21660381b8b644ba53976vppp.R1KZMghpgKZ.o1e/81o/hegZ42/M1f_I4gR4k_1kgKZ4.png
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.173.164.160 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-173-164-160.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
052939f0169df7aa01ecb1edfccd179af337a33de6859072506a4d66f115e652

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 20:06:48 GMT
Last-Modified
Tue, 22 Mar 2011 01:07:10 GMT
Server
Apache
Age
10261
ETag
"a7ba33-79bd-dd1b8b80"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31165
Expires
Thu, 06 Sep 2018 20:06:48 GMT
DRLLGy_DhRsU.gif
1.173.164.160/hp22544d72d85658ce16b21660381b8b644ba53976Sqqq.ZGywLFXqFyw.OGk/hGO/XkFws0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.173.164.160/hp22544d72d85658ce16b21660381b8b644ba53976Sqqq.ZGywLFXqFyw.OGk/hGO/XkFws0/DRLLGy_DhRsU.gif
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
1.173.164.160 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-173-164-160.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
094b67d2a2aeafee95e78f19b6cfb06546d7a80850b91c3c4ae04ade9ac2b99e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 12:43:16 GMT
Last-Modified
Wed, 20 Aug 2008 15:07:16 GMT
Server
Apache
Age
36872
ETag
"a7b9f2-d52-8f581100"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3410
Expires
Thu, 06 Sep 2018 12:43:16 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d2l1u50ewpwgyc.cloudfront.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d2l1u50ewpwgyc.cloudfront.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_241.js
securepubads.g.doubleclick.net/gpt/ 		184 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
7eeb03b3f1cb34afb42020d0c4dac55a1323d2e92eddcca1f383db218aacd1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Aug 2018 13:58:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
65033
x-xss-protection
1; mode=block
expires
Thu, 23 Aug 2018 22:57:47 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
2698
date
Thu, 23 Aug 2018 22:12:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Fri, 24 Aug 2018 00:12:49 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=886091437&t=pageview&_s=1&dl=https%3A%2F%2Fd2l1u50ewpwgyc.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1749812380.1535065068&jid=774442880&_gid=1261118753.1535065068&gjid=1214162087&_v=j68&z=1595007398
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1749812380.1535065068&jid=774442880&_gid=1261118753.1535065068&gjid=1214162087&_v=j68&z=1595007398
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c0c::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Aug 2018 22:57:47 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Aug 2018 22:57:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1749812380.1535065068&jid=774442880&_gid=1261118753.1535065068&gjid=1214162087&_v=j68&z=1595007398
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		489 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2651300850423236&correlator=4436048102704057&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061646&vrg=241&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=37445998%2CDongtaiwang_frontpage_native_text_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x25%7C300x25&cookie_enabled=1&bc=7&abxe=1&lmt=1535065067&dt=1535065067861&dlt=1535065067109&idt=736&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=2057630717&gut=v2&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fd2l1u50ewpwgyc.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957317365ef364%26ag%3Dhttp%3A%2F%2F220%2F&ref=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&dssz=19&icsg=2282&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x-1&msz=250x-1&ga_vid=1749812380.1535065068&ga_sid=1535065068&ga_hid=886091437&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
9bb292e2253dbfc06c660a1c7b55121140a9ae962216d3f404dc5d9cce55751b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Origin
https://d2l1u50ewpwgyc.cloudfront.net

Response headers

date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
351
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d2l1u50ewpwgyc.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_241.js
securepubads.g.doubleclick.net/gpt/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_241.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
881bc3379b41db1b97e81932c8c0189952837c2733011c03c80e3295e061e4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Aug 2018 13:58:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16634
x-xss-protection
1; mode=block
expires
Thu, 23 Aug 2018 22:57:47 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires
Fri, 02 Aug 2019 15:00:09 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
content-type
text/html
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2651300850423236&correlator=4436048102704057&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21061646&vrg=241&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=37445998%2CDongtaiwang_frontpage_native_text_2%2CDongtaiwang_frontpage_native_text_3%2CDongtaiwang_frontpage_native_text_4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x25%2C300x25%2C300x25&cookie_enabled=1&bc=7&abxe=1&lmt=1535065067&dt=1535065067879&dlt=1535065067109&idt=736&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C0%2C0&adys=0%2C0%2C0&adks=769640528%2C3546408455%2C2299917106&gut=v2&ifi=3&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fd2l1u50ewpwgyc.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957317365ef364%26ag%3Dhttp%3A%2F%2F220%2F&ref=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&dssz=20&icsg=35050&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x-1%7C340x-1%7C340x-1&msz=300x-1%7C300x-1%7C300x-1&ga_vid=1749812380.1535065068&ga_sid=1535065068&ga_hid=886091437&fws=4%2C4%2C4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
bd83aad794e1e3cd04478f1bff1888216d426a036bdee82a6d8e8c1f831fd1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Origin
https://d2l1u50ewpwgyc.cloudfront.net

Response headers

date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2605
x-xss-protection
1; mode=block
google-lineitem-id
-2,4700868161,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138235825037,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d2l1u50ewpwgyc.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		476 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2651300850423236&correlator=4436048102704057&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fifs&adsid=NT&json_a=1&eid=21061646&vrg=241&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=37445998%2CDongtaiwang_frontpage_native_text_5&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x25&cookie_enabled=1&bc=7&abxe=1&lmt=1535065067&dt=1535065067890&dlt=1535065067109&idt=736&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=1488856244&gut=v2&ifi=7&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fd2l1u50ewpwgyc.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957317365ef364%26ag%3Dhttp%3A%2F%2F220%2F&ref=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D24214534&dssz=20&icsg=35050&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x-1&msz=300x-1&ga_vid=1749812380.1535065068&ga_sid=1535065068&ga_hid=886091437&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
84c9721b5155885f5347d800ee0da98f8588808def2bb8a70ca2c2e4459184a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Origin
https://d2l1u50ewpwgyc.cloudfront.net

Response headers

date
Thu, 23 Aug 2018 22:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
343
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d2l1u50ewpwgyc.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180820/r20110914/activeview/ Frame F525 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180820/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
d846246696c06289b344f18538990a5ed07c9ddb8e4da5638a909e08dfc8b19a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 22:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26453
x-xss-protection
1; mode=block
server
cafe
etag
17101195751394620809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Sep 2018 22:10:54 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
8503fcb9a242a188721b8682b2dd39d1549bf4d466df791a80a63769342181d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 22:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26406
x-xss-protection
1; mode=block
server
cafe
etag
7551003021869209732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Aug 2018 23:43:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F525 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKc8E8delYbIQDYmmI1lkB2VTIZy9N4nDbZmLJTeDMW3hyf3kbJAFkpzuBWLagmCy8c7HhONF7Y0FovuCHVls9vKKVMxgT9jkdlcHfqav5_8IIPiCRSPY_5tPwa4p9UdvOhOlnvx8eLxlBely94L65P7NB87ArvnZU40HnIEWqbgkb78xTKrSHpClsLVrGOQAuHbaA1Pt7vTqY7bmErk6Lf36y5n8fUnpyTiOWBoSu3MwSGID_qeVY32T6rwmmDE9TqmjHzyj_XDMD5I_E_86vD4t56I_2zq4-b49t2EMpV1_Cy2cid4RLiP5lOZMr-1O04lO2twXDOeTsXyH0XA&sai=AMfl-YSpT76frj8dA7KGzOymk4vMZ4M66y9dFMb9-jpY0P7Rt60T_J6NEPiZO8k1xv_6WuMVOgSaWtalHbu2QsNv_Y-mqhghvxNJoYt2dgr6&sig=Cg0ArKJSzHqSf0xlD63rEAE&urlfix=1&adurl=
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
cache-control
private
expires
Thu, 23 Aug 2018 22:57:47 GMT
truncated
/ Frame F525 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13b4cfd3f190ed967894682c11286683fc0960ca59f2208c0b99ea27edf3037b

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame F525 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskZUKn2h9s-opiGPyXW3CWmqyzCEm1b_R7L1IIwqbwhiO-7jbzNW70rjQF4W8iLDtS3rE5M4nVtvZA5oOC2MzLn0OJlh5hHbU&sig=Cg0ArKJSzBH7JcKH0E8HEAE&adk=3546408455&tt=-1&bs=1585%2C1200&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&p=937,313,962,613&xza=1&mza=1&mcvt=1033&rs=3&ht=0&tfs=23&tls=1056&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1535065067950&rpt=41&ioa=1&bos=1600%2C1200&ps=1585%2C1534&ss=1600%2C1200&pt=-1&deb=1-1-1-5-12-12-84-10&tvt=1046&op=1&r=v&srmi=1&id=osdim&ti=1&uc=83&tgt=BODY&cl=1&cec=6&clc=0&cac=0&cd=300x25&v=r20180820
Requested by
Host: d2l1u50ewpwgyc.cloudfront.net
URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Aug 2018 22:57:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| googletag function| chkplayer object| qr_fgp object| qr_fgma function| reset_qr object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| GPT_jstiming object| closure_memoize_cache_ undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

0 Cookies

2 Console Messages

Source Level URL
Text
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/video.min.js(Line 12)
Message:
VIDEOJS:
console-api log URL: https://d2l1u50ewpwgyc.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/(Line 315)
Message:
removing player

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0rr32d.global.ssl.fastly.net
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
cdnjs.cloudflare.com
d2l1u50ewpwgyc.cloudfront.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
raw.githubusercontent.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.cn
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
1.173.164.160
1.175.116.61
116.211.169.137
13.32.158.66
13.32.158.76
151.101.12.133
151.101.13.194
216.58.206.2
2400:cb00:2048:1::6810:5514
2400:cb00:2048:1::6813:c597
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2002
2a00:1450:4001:816::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
052939f0169df7aa01ecb1edfccd179af337a33de6859072506a4d66f115e652
094b67d2a2aeafee95e78f19b6cfb06546d7a80850b91c3c4ae04ade9ac2b99e
13b4cfd3f190ed967894682c11286683fc0960ca59f2208c0b99ea27edf3037b
17a219f1bf472bfdcbcc999e84fc77594d26b0701773b532ae3e29bc07da4677
1de9272d0960719fb1fc8b2d8c3ff205de41636d412db53226df6e0fa1c62c2f
393be6a9918a4d36d4a7074444e02eaa4ceb2fc3b2390dd761c491e24c33b321
3bea924920206fd67b045b5b64ac4c151bb13cc0b9fd3ee6fc1bb06af8002ec3
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
50d450a0b9020ae027ebd16cc43357d44edfcea5b9e4f7f0a0d5b4185303ec5e
544c8004499639b47998504ea6fb988ab864773b2fbe80e3de423a5ae5ee9e17
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6db08aabf23358ecfbdf9a54825aa94ee15b85b4091e6e4024bb43147be29af1
73e3d2fd0a887baa7233b659c59ee421c2a24a06d4f5c31ee89e1e4740de2c0b
75ae726a7aae89cb7fd13ba84aa43d63c0c50c6b10c1b413fdb3d519dc7d0af0
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a19405088f969aecf491b8b729f0d9dbc87dac4f6092a9e8a0d883075ff2979
7cedf05ee2accb91776cca40a3434536d1049741ac51c7756c7865ee95307648
7eeb03b3f1cb34afb42020d0c4dac55a1323d2e92eddcca1f383db218aacd1bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c9721b5155885f5347d800ee0da98f8588808def2bb8a70ca2c2e4459184a6
8503fcb9a242a188721b8682b2dd39d1549bf4d466df791a80a63769342181d5
881bc3379b41db1b97e81932c8c0189952837c2733011c03c80e3295e061e4c2
93e8935c30b890b403db343d6567541cd9c737748097a49bd4e11cb814a4f7bc
97754e27b9aca72bbdef392e5bfb593b0976b58284c090de2023e20124dd722b
9a6af060cc89302f579f527a01b5efa3ea9cc20f783e7833ff1cb00db7530dcb
9bb292e2253dbfc06c660a1c7b55121140a9ae962216d3f404dc5d9cce55751b
9cd8118fe22711aeca5ae5362f2ce723315da5d20f608c4f0db9d7e850059c3b
9e01d2473096e9ebafb493d80dce879d677d52f4bb5715df39c46de4ab7466b0
9f0eb95d005f028fcf89c6e873d564032324966ece6b962217577cd1df8c1924
af7c27b219ef1c4b8e672bf3ce1f4f192235bf83b8d81c44c55a0a06f3f9c736
b234534878a2d9e11052313e2ce55372a0752e7d3165e9b6cccfc784da59dca5
bcd192d2f52e7c6ff00369311b493a935b7428ce04c632fe4f02799876c79c8e
bd83aad794e1e3cd04478f1bff1888216d426a036bdee82a6d8e8c1f831fd1b1
bec1335031e588df78ce1bc5f0361ec161327d5590fc27b2d49ace451288953a
c08e221a121c8365bc11f854dfb0e22ac7bef0f1841c2c6ae86133e6fb60ce33
cff4686dc7e0e3878fce51018c4afe69cf7a3a9957f9d906f3e572af275aab2a
d846246696c06289b344f18538990a5ed07c9ddb8e4da5638a909e08dfc8b19a
da7371ef02e19463b6993c8ca45b4416c4cfc160f38d4edd5faa57302258d5d1
dc51ebfab0a4b4a8144f6467bcb608d6f79aec2c270bf5cea872b94c945638ef
df7657d68bf3516e6fcb8ca6bbdeeea5f4497fa8af918875e9eb90714968b6cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5aab9d7312ca91dcb3ea2104f982cddc34936fd453466af90749e823ea1acf5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa2dc680d1539f29a606b5ad3ddb03e4770e6a0a62a97996a194be2e51dfd2f7
fd3ca4b2771dc70f499e6f0469096250e9ca4f439d6c8feaa3e9d0a66afa4dfe