URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Submission: On May 23 via manual from BE

Summary

This website contacted 28 IPs in 6 countries across 27 domains to perform 57 HTTP transactions. The main IP is 45.60.33.173, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.funimation.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on November 19th 2018. Valid for: a year.
This is the only time www.funimation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 45.60.33.173 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
1 209.197.3.15 20446 (HIGHWINDS3)
4 52.218.201.200 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.208.34 15169 (GOOGLE)
1 13.35.253.54 16509 (AMAZON-02)
3 151.101.0.175 54113 (FASTLY)
4 185.167.164.37 198622 (ADFORM)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a04:4e42:9::84 54113 (FASTLY)
1 54.173.248.156 14618 (AMAZON-AES)
1 151.101.1.140 54113 (FASTLY)
1 13.35.253.121 16509 (AMAZON-02)
1 1 54.156.255.160 14618 (AMAZON-AES)
2 2 35.227.248.159 15169 (GOOGLE)
1 1 54.234.26.255 14618 (AMAZON-AES)
1 34.225.65.223 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.16.134 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.0.84 54113 (FASTLY)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.84.177.104 14618 (AMAZON-AES)
4 35.186.226.184 15169 (GOOGLE)
1 54.228.196.173 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a03:2880:f01... 32934 (FACEBOOK)
57 28
Domain Requested by
4 tr.snapchat.com www.googletagmanager.com
4 www.google.de www.funimation.com
4 www.google.com 1 redirects www.funimation.com
4 a2.adform.net www.funimation.com
a2.adform.net
4 s3-us-west-2.amazonaws.com www.funimation.com
4 www.funimation.com www.funimation.com
3 connect.facebook.net www.funimation.com
connect.facebook.net
3 googleads.g.doubleclick.net www.googleadservices.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.funimation.com
2 www.facebook.com 1 redirects
2 ct.pinterest.com s.pinimg.com
www.funimation.com
2 5373334.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 pixel.tapad.com 2 redirects
2 mt.sitomobile.com 2 redirects
2 s.pinimg.com www.funimation.com
s.pinimg.com
2 bat.bing.com www.funimation.com
2 cdn.krxd.net www.funimation.com
cdn.krxd.net
2 www.googletagmanager.com www.funimation.com
www.googletagmanager.com
1 cx.atdmt.com
1 beacon.krxd.net cdn.krxd.net
1 alb.reddit.com www.funimation.com
1 consumer.krxd.net cdn.krxd.net
1 stats.g.doubleclick.net 1 redirects
1 sp.sitomobile.com www.funimation.com
1 sc-static.net www.funimation.com
1 www.redditstatic.com www.funimation.com
1 7324166.collect.igodigital.com www.googletagmanager.com
1 d.impactradius-event.com www.funimation.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.gstatic.com www.funimation.com
1 maxcdn.bootstrapcdn.com www.funimation.com
1 fonts.googleapis.com www.funimation.com
57 32

This site contains no links.

Subject Issuer Validity Valid
funimation.com
Entrust Certification Authority - L1M
2018-11-19 -
2020-02-20
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2018-11-08 -
2019-11-06
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
www.googleadservices.com
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
*.impactradius-event.com
COMODO RSA Domain Validation Secure Server CA
2019-01-08 -
2021-01-20
2 years crt.sh
*.c.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-03-29 -
2019-09-27
6 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2018-02-02 -
2019-10-02
2 years crt.sh
www.bing.com
Microsoft IT TLS CA 5
2017-07-20 -
2019-07-10
2 years crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA
2019-01-11 -
2019-06-26
5 months crt.sh
*.collect.igodigital.com
DigiCert SHA2 Secure Server CA
2016-12-07 -
2020-03-04
3 years crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA
2018-08-17 -
2020-09-02
2 years crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA
2019-03-11 -
2021-03-15
2 years crt.sh
*.sitomobile.com
RapidSSL RSA CA 2018
2018-01-22 -
2020-07-29
3 years crt.sh
*.doubleclick.net
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
www.google.de
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
www.google.com
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
alb.reddit.com
Amazon
2019-05-20 -
2020-06-20
a year crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA
2019-02-19 -
2021-02-23
2 years crt.sh
*.krxd.net
Go Daddy Secure Certificate Authority - G2
2017-06-12 -
2019-07-11
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-04-22 -
2019-07-21
3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2019-04-12 -
2019-07-11
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Frame ID: 56DB7D4E09201CE47BDEF82881A47B4D
Requests: 3 HTTP requests in this frame

Frame: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Frame ID: 583140FA6B1EEAD4A49F92F8F2690773
Requests: 48 HTTP requests in this frame

Frame: https://5373334.fls.doubleclick.net/activityi;dc_pre=COi9yvO2suICFQ4IiwodtCIJrQ;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000
Frame ID: 58D48814F81268834DCAC0B717D7CFAC
Requests: 1 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=1180134&lid=34308779&ctype=0&media=0&PageName=Funimationnow+Universal&rnd=1400182621&cpref=&loc=https%3a%2f%2fwww.funimation.com%2f_Incapsula_Resource%3fCWUDNSAI%3d20%26xinfo%3d10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3d533001190044861048-229144979247007610%26edet%3d16%26cinfo%3d04000000
Frame ID: 12EBFD8A199DD27145243BC572416292
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i
Frame ID: D0BC952077FB8D7431BE6C7885CDF9C0
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 66D9DD03749642214AADF2F1E294857D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: AFA2D5F4F4944ADC91A035AD0F341712
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: BE00D67813BA973E77AFBE5169A3574D
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

57
Requests

100 %
HTTPS

41 %
IPv6

27
Domains

32
Subdomains

28
IPs

6
Countries

1493 kB
Transfer

2826 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://mt.sitomobile.com/sync/ta?aid=683&cid=4684&lid=23929 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2822&partner_url=https%3A%2F%2Fmt.sitomobile.com%2Fsync%2Ftacb%3Fexid%3D%24%7BTA_DEVICE_ID%7D%26aid%3D683%26cid%3D4684%26lid%3D23929 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2822&partner_url=https%3A%2F%2Fmt.sitomobile.com%2Fsync%2Ftacb%3Fexid%3D%24%7BTA_DEVICE_ID%7D%26aid%3D683%26cid%3D4684%26lid%3D23929 HTTP 302
  • https://mt.sitomobile.com/sync/tacb?exid=66c50312-7d94-11e9-86f1-664d4f66aec4&aid=683&cid=4684&lid=23929 HTTP 302
  • https://sp.sitomobile.com/i?tna=sito&p=mob&e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5zaXRvbW9iaWxlLnNub3dwbG93L2Nvb2tpZV9zeW5jL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7InBhcnRuZXJJZCI6InRhcGFkIn19fQ%3D%3D&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc2l0b21vYmlsZS5zbm93cGxvdy90YXBhZF9jb250ZXh0L2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7InRhcGFkSWQiOiI2NmM1MDMxMi03ZDk0LTExZTktODZmMS02NjRkNGY2NmFlYzQifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zaXRvbW9iaWxlLnNub3dwbG93L3NpdG9fY2FtcGFpZ25fY29udGV4dC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJhZHZlcnRpc2VySWQiOiI2ODMiLCJjYW1wYWlnbklkIjoiNDY4NCIsImxpbmVJdGVtSWQiOiIyMzkyOSJ9fV19
Request Chain 23
  • https://5373334.fls.doubleclick.net/activityi;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000 HTTP 302
  • https://5373334.fls.doubleclick.net/activityi;dc_pre=COi9yvO2suICFQ4IiwodtCIJrQ;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000
Request Chain 34
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-39725952-1&cid=2057313480.1558641190&jid=177895873&gjid=845283535&_gid=899977080.1558641190&_u=aGBAgEAL~&z=1959476375 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39725952-1&cid=2057313480.1558641190&jid=177895873&_v=j75&z=1959476375 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39725952-1&cid=2057313480.1558641190&jid=177895873&_v=j75&z=1959476375&slf_rd=1&random=4174887177
Request Chain 54
  • https://www.facebook.com/tr/?id=2021709321409994&ev=PageView&dl=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000&rl=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&if=true&ts=1558641196653&sw=1600&sh=1200&v=2.8.50&r=stable&ec=0&o=30&fbp=fb.1.1558641196650.111856382&it=1558641196356&coo=false&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=13052468909204954798&f=AYwonuagjCVDqtKQJw2QnFBCMK6pVNz673H29v3gSOShz02DyPO3Mja21PBH_8IDtUo06xy8zq__gU4YZhbcgxC0&id=2021709321409994&l=3&v=0

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
826 B
1 KB
Document
General
Full URL
https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.173 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
8d8ce1dee099f93817996508880b2712495e56ec490746dba4f9674282144539

Request headers

:method
GET
:authority
www.funimation.com
:scheme
https
:path
/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
403
content-type
text/html
cache-control
no-cache
content-length
826
x-iinfo
10-60600690-0 0NNN RT(1558641186804 0) q(0 -1 -1 0) r(0 -1) B16(4,314,0) U18
x-iejgwucgyu
1
set-cookie
visid_incap_998813=/5gYMvavReKm4uum5HPe8yL65lwAAAAAQUIPAAAAAAD4f+3SP1nqMx0iUCKaxbYO; expires=Fri, 22 May 2020 07:52:03 GMT; path=/; Domain=.funimation.com incap_ses_533_998813=YVE2WZxioXF4AnwlwpllByL65lwAAAAAgttIQ09QHlVrR2NdUT9CBQ==; path=/; Domain=.funimation.com
_Incapsula_Resource
www.funimation.com/
106 KB
15 KB
Script
General
Full URL
https://www.funimation.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.173 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
5cc4d7a9723d9a612b35d86a0edd065a6f3e4956ef57d72066d6444907e982a7

Request headers

Referer
https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-encoding
gzip
cache-control
no-cache
content-length
15785
content-type
application/javascript
_Incapsula_Resource
www.funimation.com/
1 B
34 B
Image
General
Full URL
https://www.funimation.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9460122604089849
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.173 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
no-cache
content-length
1
content-type
text/plain
_Incapsula_Resource
www.funimation.com/ Frame 5831
6 KB
2 KB
Document
General
Full URL
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.173 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
45c0386a77d51ec7c70f9ef72f6b5556099b1b361b22b4c411ba358251a90d17

Request headers

:method
GET
:authority
www.funimation.com
:scheme
https
:path
/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
accept-encoding
gzip, deflate, br
cookie
visid_incap_998813=/5gYMvavReKm4uum5HPe8yL65lwAAAAAQUIPAAAAAAD4f+3SP1nqMx0iUCKaxbYO; incap_ses_533_998813=YVE2WZxioXF4AnwlwpllByL65lwAAAAAgttIQ09QHlVrR2NdUT9CBQ==; ___utmvc=TdiPoyySzVnqUkV2ihopR9Tm76AuBzGJQtXUOi5eQfqXSBpuhqTXACLBSNYO1o1L2acwv32BcXQpRcEGUdZGHRLRdyj/0qffeO+kP5drIiMbr/i+bXkwCqsDD3OEcGzwXE2RySCX3D68NFhpBIQRjxwLlqkckHfAnIoGH0u5ErmkftVtulOHndDZkF9vBg7Sca+PU6gKc+TL+y8dpk0TSKZZxcRSbUDI5UOilJGZyXVfAXOFhVCIM8KH90/Yv/1XnszdANMzgLdMR+PLGvdX2HglD+TjQAmBUVAY2A9dkqNtZO2IY0yIYVnGBeKhJnNchZEj1rC1pZQ7zHZh81ekC9MC0FX3fgqdwOiBbmNCtXQxKAOvPmkujRVQf/HKlwXSCZdrpkpAmK+7xi1hqsIg9OBbkCaexAtCWd019jxdpMwi56dkIy1hgHP2wZz/eRgiKjCJL4Dg6wRQ2wT00Ys3zyk1ejysIl4lcqh21iHMmOZ3Gd2tbq9HnLC1sO6Tqv+EvNLev3TCk4ZPo1OUKFPML1bZ8335+lp50O/dwq2Oisxi94p1cwPA27dDlHs8Zcj40er1PZhg12pw2XZZdTnzY3h4s1WbAllFek5gCX0REf4zNZTpaQseXYzu9A/9Wrf6L/SDLrGcRDSGobTf87uGAxyBYETf8rC/rJ9yzOTxn/L5vZbuafqAXIfYN9uhg64Cb94BPk1JNHdDTboloLhGMzWuLmtFk3u3IlSK1M28fHRYlA8NBim44QOE8Lp8UJMiBMQZk6RdQcVA2mUO+mulZpXC+qXF8cYbf/bqlzf7JPhNwWAD+VKrdkIawOMaizK/Lu62dS2YYOoNQXAExJCpMnhXQbbv1dOe9sap3Aj/GWOHxSgIfj+CZ5qnpSBug1tIcENcsolXDHKYzsD/s/1I4vhJI06blbZeusFVTWqmGGX7yO3HEahARx/b2gzUnQLyN/rZ0Ve+1b1PoOK65D0LLvdW3pyDq2HtiR+9MCTM97jF33kRmH6pcHwz6iugUR+qoS4d2smX4Bk6WXnwsKxS+GglVrJeZdc0142Rm4LimfcEYIWZQWt6L/IpcX2PDsj/TD6oD2x0yAauBkDqhkUzoA45lB35ZPVONFhu6sQjzJi8EbM1VgDsmhWLXLms97LtnnQlNkUVBZLKCdIcqv/78TisCTB8+P37LGRpZ2VzdD04NzA5MyxzPThlYTZhOTlkNzQ4YjgwYTc4ZDc2ODA4Nzk1YTg3ZGIwNjdhNDZlN2U5MTg1NjRhOTdiODk2YjYyOTA3NzZkOTg5YzgyOGQ2ZTljYTc3Njcw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/

Response headers

status
200
cache-control
no-cache
content-type
text/html
content-encoding
gzip
content-length
2112
css
fonts.googleapis.com/ Frame 5831
10 KB
808 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800,300
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
28bc95613c388fca0b84b909d79b44eac7999a4cf1652f8759503bc90dba986f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 May 2019 19:53:07 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 23 May 2019 19:53:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 23 May 2019 19:53:07 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ Frame 5831
27 KB
6 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:07 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin
*
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
6241
common.css
s3-us-west-2.amazonaws.com/funimation-out-of-territory/static/style/ Frame 5831
903 KB
903 KB
Stylesheet
General
Full URL
https://s3-us-west-2.amazonaws.com/funimation-out-of-territory/static/style/common.css?v=
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.201.200 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
41aed41d81f3e0c4887befa31a88c160ff7c2e0a599e56448d788ee4767bfee6

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 19:53:09 GMT
Last-Modified
Tue, 25 Apr 2017 17:11:17 GMT
Server
AmazonS3
x-amz-request-id
45115020A7174E5E
ETag
"3a4e944ae4cee8bfdcacd61d7a63d799"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
924540
x-amz-id-2
ouO7f5yumqHeooMNIMO3xHH3I50Z8TFrdqAdXamTciZ7oX7oMJaHeyUCwzFYxQMLvYBMk2NvoAY=
modernizr.min.js
s3-us-west-2.amazonaws.com/funimation-out-of-territory/static/script/ Frame 5831
3 KB
3 KB
Script
General
Full URL
https://s3-us-west-2.amazonaws.com/funimation-out-of-territory/static/script/modernizr.min.js
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.201.200 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e603712a2e3b332e0e535ca254e4796d90e02828f7e832176a4fd6fa886f193b

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 19:53:09 GMT
Last-Modified
Tue, 25 Apr 2017 17:11:03 GMT
Server
AmazonS3
x-amz-request-id
7AE0D639753E8337
ETag
"d321e6ab43226a32bd144940e08a1a9b"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
2623
x-amz-id-2
Lp+/px776OdpmE+l0i7hmCIFePXJyLv9eljV3+wxcqBvfztitSWaND/N02Bvu7DZw6DafHypPuU=
funimation-anon-logo.png
s3-us-west-2.amazonaws.com/funimation-out-of-territory/static/img/ Frame 5831
3 KB
4 KB
Image
General
Full URL
https://s3-us-west-2.amazonaws.com/funimation-out-of-territory/static/img/funimation-anon-logo.png
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.201.200 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5123bcd79bcfc023aa815bfd8a7b260a7e243c15e2edad7363223f9a9fd7aa6d

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 19:53:09 GMT
Last-Modified
Tue, 25 Apr 2017 17:10:33 GMT
Server
AmazonS3
x-amz-request-id
CB054C4572C4B69D
ETag
"dbceda30809c53810238e413c2945089"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3390
x-amz-id-2
yM+LoyDZFQpi948ioCCEqQgjyvNmRtCwrkTAwu4AlZqRp8lvGCvECuAMPAtSbdyS80jxsa3muOE=
gtm.js
www.googletagmanager.com/ Frame 5831
646 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
469e165638eae1c45a3a6153dd0c2bb41fe87226109ca2fe80a6a31d749f50e9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:09 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
81837
x-xss-protection
0
expires
Thu, 23 May 2019 19:53:09 GMT
hero-out-of-territory.jpg
s3-us-west-2.amazonaws.com/funimation-out-of-territory/static/img/ Frame 5831
98 KB
98 KB
Image
General
Full URL
https://s3-us-west-2.amazonaws.com/funimation-out-of-territory/static/img/hero-out-of-territory.jpg
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.201.200 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e41c8ee709f15c6391ad2fb6c882d713180eedf542e589b1f5e2c695356b7c3f

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 19:53:10 GMT
Last-Modified
Tue, 25 Apr 2017 17:10:17 GMT
Server
AmazonS3
x-amz-request-id
78F3085AA00EB626
ETag
"ac80fcee8c58749f16f6fe124842bf38"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
100485
x-amz-id-2
ijWpceGqMRkyAoRfxpQBXi5FCc7Y8Axgj7dUyf1kU7inj94rBYoCPFIvbg0pHio/TbcHD+rNr+0=
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ Frame 5831
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800,300
Origin
https://www.funimation.com

Response headers

date
Thu, 09 May 2019 13:53:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:28 GMT
server
sffe
age
1231165
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
0
expires
Fri, 08 May 2020 13:53:44 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 5831
23 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8870
x-xss-protection
0
server
cafe
etag
2606668133852809251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 May 2019 19:53:09 GMT
A300794-84d5-41f7-99ee-cc444601567c1.js
d.impactradius-event.com/ Frame 5831
41 KB
13 KB
Script
General
Full URL
https://d.impactradius-event.com/A300794-84d5-41f7-99ee-cc444601567c1.js
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3904573f2772d03206a493b1af9dd704502e10807bb96769d08a77889efaa277

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 17:09:32 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 17:05:23 GMT
server
AmazonS3
age
115
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
abveflMvQKHadQr0mAVEHsl.i5IMRO_v
status
200
cache-control
public,max-age=900,s-maxage=300
content-type
text/javascript; charset=utf-8
x-amz-cf-id
fCqh_G-6EMvHA5vR6A5C4DjP0ysYKz6sqRpGiKKtRlCXL727HUYYwg==
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
ryt67lyni.js
cdn.krxd.net/controltag/ Frame 5831
13 KB
5 KB
Script
General
Full URL
https://cdn.krxd.net/controltag/ryt67lyni.js
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
084213c73b652b7e1843a68de01613c72c28f2c5c4715c1b412ff95e5d78cee3

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend
4FrRTvEr9h480D4BywjehZ--F_Config_Service_V3
Date
Thu, 23 May 2019 19:53:09 GMT
Content-Encoding
gzip
Age
194
X-Cache
MISS, HIT, HIT
X-App-Cache
HIT
Connection
keep-alive
Content-Length
4618
X-Served-By
config-service-a005.krxd.net, cache-iad2143-IAD, cache-fra19181-FRA
X-Response-Time
0
Accept-Ranges
bytes
X-Do-Esi
esi
X-Timer
S1558641190.728007,VS0,VE0
ETag
"48d49abdbe2a1434d1959577f54229d9d56a966b"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish, 1.1 varnish
Cache-Control
public, max-age=1200
X-Age
0
X-Cache-Hits
0, 2, 1
/
a2.adform.net/serving/scripts/trackpoint/async/ Frame 5831
76 KB
30 KB
Script
General
Full URL
https://a2.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
de27b655ccea21663ed8075b7d4ab0e08091fbb18cfe571d72c0689008aca84e

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:10 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Host,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Thu, 30 May 2019 19:53:10 GMT
bat.js
bat.bing.com/ Frame 5831
23 KB
7 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
02c12028c90522c06327c224fefc978df14d510bf337adeb97eb1fb719d2e63e

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:09 GMT
content-encoding
gzip
last-modified
Thu, 16 May 2019 02:05:44 GMT
x-msedge-ref
Ref A: E13E2B81BDEA4EC1AFA12EF9FEF23D40 Ref B: VIEEDGE0310 Ref C: 2019-05-23T19:53:09Z
access-control-allow-origin
*
etag
"08c95de8bbd51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7091
core.js
s.pinimg.com/ct/ Frame 5831
1 KB
1 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:09 GMT
x-cdn
fastly
access-control-allow-origin
*
etag
"1e214e15ac165378f0589400974edd54"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
86400
cache-control
max-age=7200
content-length
1097
fastly-restarts
1
access-control-expose-headers
X-CDN
js
www.googletagmanager.com/gtag/ Frame 5831
64 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1061170938
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
876ca1a49921f2edd961766d20a313e54e9ccc3c04261a753f64db3df2eee98a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:09 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25272
x-xss-protection
0
expires
Thu, 23 May 2019 19:53:09 GMT
collect.js
7324166.collect.igodigital.com/ Frame 5831
9 KB
3 KB
Script
General
Full URL
https://7324166.collect.igodigital.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.248.156 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-173-248-156.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:10 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 12:21:22 GMT
server
Apache/2.4.7 (Ubuntu)
etag
"224e-5898d1eb31480-gzip"
vary
Accept-Encoding
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/javascript
content-length
2341
expires
Fri, 24 May 2019 19:52:59 GMT
pixel.js
www.redditstatic.com/ads/ Frame 5831
14 KB
5 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:10 GMT
content-encoding
gzip
age
58
x-cache
HIT, HIT
status
200
content-length
4684
x-served-by
cache-iad2138-IAD, cache-fra19169-FRA
last-modified
Thu, 14 Mar 2019 17:58:22 GMT
server
snooserv
x-timer
S1558641191.716424,VS0,VE0
etag
"3d2d7b01680c9e57b1dc0af281c1b2da"
vary
Accept-Encoding,Origin
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
2, 7
scevent.min.js
sc-static.net/ Frame 5831
13 KB
5 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.121 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-121.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
444fcc33e065e2597a8b67303ac2f1a311b1972387f0594bd428391b78c0dfcf

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 22 May 2019 21:29:11 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 21:29:07 GMT
server
AmazonS3
age
80643
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-id
xGj8XFWNDUid2aQSpQku3HlXpx2O_aEJS-pSEqwLi4mHCxbREQa-GA==
via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
i
sp.sitomobile.com/ Frame 5831
Redirect Chain
  • https://mt.sitomobile.com/sync/ta?aid=683&cid=4684&lid=23929
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2822&partner_url=https%3A%2F%2Fmt.sitomobile.com%2Fsync%2Ftacb%3Fexid%3D%24%7BTA_DEVICE_ID%7D%26aid%3D683%26cid%3D4684%26lid%3D23929
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2822&partner_url=https%3A%2F%2Fmt.sitomobile.com%2Fsync%2Ftacb%3Fexid%3D%24%7BTA_DEVICE_ID%7D%26aid%3D683%26cid%3D4684%26lid%3D23929
  • https://mt.sitomobile.com/sync/tacb?exid=66c50312-7d94-11e9-86f1-664d4f66aec4&aid=683&cid=4684&lid=23929
  • https://sp.sitomobile.com/i?tna=sito&p=mob&e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5...
43 B
388 B
Image
General
Full URL
https://sp.sitomobile.com/i?tna=sito&p=mob&e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5zaXRvbW9iaWxlLnNub3dwbG93L2Nvb2tpZV9zeW5jL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7InBhcnRuZXJJZCI6InRhcGFkIn19fQ%3D%3D&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc2l0b21vYmlsZS5zbm93cGxvdy90YXBhZF9jb250ZXh0L2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7InRhcGFkSWQiOiI2NmM1MDMxMi03ZDk0LTExZTktODZmMS02NjRkNGY2NmFlYzQifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zaXRvbW9iaWxlLnNub3dwbG93L3NpdG9fY2FtcGFpZ25fY29udGV4dC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJhZHZlcnRpc2VySWQiOiI2ODMiLCJjYW1wYWlnbklkIjoiNDY4NCIsImxpbmVJdGVtSWQiOiIyMzkyOSJ9fV19
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.65.223 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-225-65-223.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 19:53:15 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

Redirect headers

Date
Thu, 23 May 2019 19:53:15 GMT
Server
nginx/1.12.1
X-Powered-By
Express
Vary
Accept
Content-Type
text/plain; charset=utf-8
Location
https://sp.sitomobile.com/i?tna=sito&p=mob&e=ue&ue_px=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5zaXRvbW9iaWxlLnNub3dwbG93L2Nvb2tpZV9zeW5jL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7InBhcnRuZXJJZCI6InRhcGFkIn19fQ%3D%3D&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc2l0b21vYmlsZS5zbm93cGxvdy90YXBhZF9jb250ZXh0L2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7InRhcGFkSWQiOiI2NmM1MDMxMi03ZDk0LTExZTktODZmMS02NjRkNGY2NmFlYzQifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zaXRvbW9iaWxlLnNub3dwbG93L3NpdG9fY2FtcGFpZ25fY29udGV4dC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJhZHZlcnRpc2VySWQiOiI2ODMiLCJjYW1wYWlnbklkIjoiNDY4NCIsImxpbmVJdGVtSWQiOiIyMzkyOSJ9fV19
Connection
keep-alive
Content-Length
824
analytics.js
www.google-analytics.com/ Frame 5831
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
1236
date
Thu, 23 May 2019 19:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Thu, 23 May 2019 21:32:33 GMT
activityi;dc_pre=COi9yvO2suICFQ4IiwodtCIJrQ;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resour...
5373334.fls.doubleclick.net/ Frame 58D4
Redirect Chain
  • https://5373334.fls.doubleclick.net/activityi;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Reso...
  • https://5373334.fls.doubleclick.net/activityi;dc_pre=COi9yvO2suICFQ4IiwodtCIJrQ;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fww...
0
0
Document
General
Full URL
https://5373334.fls.doubleclick.net/activityi;dc_pre=COi9yvO2suICFQ4IiwodtCIJrQ;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5373334.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COi9yvO2suICFQ4IiwodtCIJrQ;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 23 May 2019 19:53:09 GMT
expires
Thu, 23 May 2019 19:53:09 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
490
x-xss-protection
0
set-cookie
IDE=AHWqTUl4TxPqyRd7uJCPjY7yAuo-E1xEtr5WndRCBxap7mZcfzVe8jDsWEvM5-S7; expires=Tue, 16-Jun-2020 19:53:09 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 23 May 2019 19:53:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5373334.fls.doubleclick.net/activityi;dc_pre=COi9yvO2suICFQ4IiwodtCIJrQ;src=5373334;type=invmedia;cat=wyrl0iag;ord=2377524619461;gtm=2wg5f2;auiddc=28887409.1558641190;~oref=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 23-May-2019 20:08:09 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
main.532239b0.js
s.pinimg.com/ct/lib/ Frame 5831
45 KB
45 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.532239b0.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:09 GMT
x-cdn
fastly
access-control-allow-origin
*
etag
"42f2d9232667759ed210155c5be8d336"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
86400
cache-control
max-age=1209600
content-length
45836
fastly-restarts
1
access-control-expose-headers
X-CDN
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1061170938/ Frame 5831
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1061170938/?random=1558641189748&cv=9&fst=1558641189748&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
294d73f96bfcc3d13d314147b9f452e6bcb5e6f484dd04443d450df4c1498932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1021
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946687563/ Frame 5831
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946687563/?random=1558641189751&cv=9&fst=1558641189751&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6648d11a44db3552f19d1ceb7b29b60616e39e451018a45f0a2546a8d175b7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1021
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016260204/ Frame 5831
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016260204/?random=1558641189754&cv=9&fst=1558641189754&num=1&label=RFhPCMzbyQoQ7MzL5AM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2bc27d8f4991df9b9afa4f526a8c30f7ba282067214b6cfe70055c8e1d6b5a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1048
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ Frame 5831
0
93 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=4055944&Ver=2&mid=94bece72-2ba3-2eb5-5e05-62678d8bffb3&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Funimation%20%7C%20Out%20of%20Territory&kw=Funimation&p=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&r=&lt=2366&evt=pageLoad&ifm=1&msclkid=N&rn=928555
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 0D2E29B185114F51A987EFDAD603FC9F Ref B: VIEEDGE0310 Ref C: 2019-05-23T19:53:09Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ Frame 5831
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2190
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1296
x-xss-protection
0
expires
Thu, 23 May 2019 20:16:39 GMT
controltag.js.f0b61617fbc713883207cc130147aee2
cdn.krxd.net/ctjs/ Frame 5831
248 KB
80 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.f0b61617fbc713883207cc130147aee2
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/ryt67lyni.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
d0c13f0111d4e75ce435758e9620945dc40323f640a8b5681dde886899153e84

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date
Thu, 23 May 2019 19:53:09 GMT
Content-Encoding
gzip
Age
543989
X-Cache
HIT
Connection
keep-alive
Content-Length
80988
X-Served-By
cache-fra19181-FRA
Last-Modified
Wed, 15 May 2019 15:22:59 GMT
X-Timer
S1558641190.784358,VS0,VE0
ETag
"f0b61617fbc713883207cc130147aee2"
Content-Type
application/javascript
Via
1.1 varnish
Expires
Sat, 12 May 2029 15:22:58 GMT
Cache-Control
public, max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
287278
/
ct.pinterest.com/user/ Frame 5831
35 B
158 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613968849889&pd=%7B%22em%22%3A%22eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c%22%7D&cb=1558641189783
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.532239b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Origin
https://www.funimation.com

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-cdn
fastly
status
200
content-type
image/gif
access-control-allow-origin
https://www.funimation.com
pinterest-generated-by
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-pinterest-rid
5332320038062958
x-envoy-upstream-service-time
2
content-length
35
access-control-expose-headers
Epik
/
ct.pinterest.com/v3/ Frame 5831
35 B
88 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2613968849889&pd=%7B%22em%22%3A%22eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F%22%2C%22if%22%3Atrue%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1558641189784
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-cdn
fastly
access-control-allow-origin
*
content-type
image/gif
status
200
pinterest-generated-by
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
6
content-length
35
x-pinterest-rid
6525632055602751
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ Frame 5831
35 B
110 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=1600093472&t=pageview&_s=1&dl=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000&ul=en-us&de=UTF-8&dt=Funimation%20%7C%20Out%20of%20Territory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAL~&jid=177895873&gjid=845283535&cid=2057313480.1558641190&tid=UA-39725952-1&_gid=899977080.1558641190&gtm=2wg5f2W977WG&cd51=Logged%20Out&z=24915435
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 22:58:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6555273
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 5831
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j75&tid=UA-39725952-1&cid=2057313480.1558641190&jid=177895873&gjid=845283535&_gid=899977080.1558641190&_u=aGBAgEAL~&z=1959476375
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39725952-1&cid=2057313480.1558641190&jid=177895873&_v=j75&z=1959476375
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39725952-1&cid=2057313480.1558641190&jid=177895873&_v=j75&z=1959476375&slf_rd=1&random=4174887177
42 B
110 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39725952-1&cid=2057313480.1558641190&jid=177895873&_v=j75&z=1959476375&slf_rd=1&random=4174887177
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39725952-1&cid=2057313480.1558641190&jid=177895873&_v=j75&z=1959476375&slf_rd=1&random=4174887177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1061170938/ Frame 5831
42 B
117 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1061170938/?random=1558641189748&cv=9&fst=1558638000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&fmt=3&cdct=2&is_vtc=1&random=956786792&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1061170938/ Frame 5831
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1061170938/?random=1558641189748&cv=9&fst=1558638000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&fmt=3&cdct=2&is_vtc=1&random=956786792&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/946687563/ Frame 5831
42 B
117 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/946687563/?random=1558641189751&cv=9&fst=1558638000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&fmt=3&cdct=2&is_vtc=1&random=2629712514&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946687563/ Frame 5831
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/946687563/?random=1558641189751&cv=9&fst=1558638000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&fmt=3&cdct=2&is_vtc=1&random=2629712514&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1016260204/ Frame 5831
42 B
117 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1016260204/?random=1558641189754&cv=9&fst=1558638000000&num=1&label=RFhPCMzbyQoQ7MzL5AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&fmt=3&cdct=2&is_vtc=1&random=2412328285&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1016260204/ Frame 5831
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1016260204/?random=1558641189754&cv=9&fst=1558638000000&num=1&label=RFhPCMzbyQoQ7MzL5AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=1&url=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&ref=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&tiba=Funimation%20%7C%20Out%20of%20Territory&async=1&fmt=3&cdct=2&is_vtc=1&random=2412328285&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f0ec63a3-bc88-481b-99af-4ee2c86c3386
consumer.krxd.net/consent/get/ Frame 5831
238 B
616 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/f0ec63a3-bc88-481b-99af-4ee2c86c3386?idt=device&dt=kxcookie&callback=Krux.ns.funimation.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f0b61617fbc713883207cc130147aee2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
19c26b4753e8e4921e64cb1bd3ec61710f9aceb8922b32edfab5bbad4c4f51f9

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 19:53:10 GMT
Via
1.1 varnish
Age
0
X-Timer
S1558641190.011366,VS0,VE25
Vary
Accept-Encoding
X-Cache
MISS, MISS
Content-Type
text/javascript; charset=UTF-8
Cache-Control
max-age=1800
X-Cache-Hits
0, 0
Connection
keep-alive
Accept-Ranges
bytes
Content-Encoding
gzip
X-Age
0
Content-Length
195
X-Served-By
consumer-a012-dub.krxd.net, cache-fra19130-FRA
rp.gif
alb.reddit.com/ Frame 5831
35 B
316 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1558641190723&id=t2_464wx&event=PageVisit&s=ZPzS86HWZcqIg0MmAy2xU9%2FYL5%2BMrBMh4o%2FxtG%2B%2BvLo%3D
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.177.104 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-177-104.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 19:53:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
/
a2.adform.net/Serving/TrackPoint/ Frame 5831
18 KB
9 KB
Script
General
Full URL
https://a2.adform.net/Serving/TrackPoint/?pm=1180134&ADFPageName=Funimationnow%20Universal&ADFdivider=%7C&ord=91247625181&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%2528155864
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6ae5fe6757e4708c5aabe2e1f28786aef4f64708a1a1c61cf461609cbfdc9a73

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:11 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
8837
expires
-1
/
a2.adform.net/wpf/v2/Fla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZ... Frame 5831
629 B
956 B
Script
General
Full URL
https://a2.adform.net/wpf/v2/Fla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY1vSiwtzIrvPgcCdDSI6KUMnGWpwoNSUC56MnGW87gq1HACVdYSF09MgKGKMN.S9RdPQSzOy_Aw7UTlf_01kKHoNv_CSWVlmZb97Shrmjn8U_AvqCSFQ_01kKJA237lY5BSp05BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF1VLf4.90PgJ.huy.04o/serving/trackpoint/?pm=1180134&ADFPageName=Funimationnow+Universal&ADFdivider=%7c&ord=91247625181&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fwww.funimation.com%2f_Incapsula_Resource%3fCWUDNSAI%3d20%26xinfo%3d10-60600690-0%25200NNN%2520RT%2528155864&catdt=0
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ac325d09a2d4b42c1ae9a5f7abe638bae1533e8f63273a192372139e1bde0716

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:11 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
543
expires
-1
/
a2.adform.net/serving/container/ Frame 12EB
0
0
Document
General
Full URL
https://a2.adform.net/serving/container/?pm=1180134&lid=34308779&ctype=0&media=0&PageName=Funimationnow+Universal&rnd=1400182621&cpref=&loc=https%3a%2f%2fwww.funimation.com%2f_Incapsula_Resource%3fCWUDNSAI%3d20%26xinfo%3d10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3d533001190044861048-229144979247007610%26edet%3d16%26cinfo%3d04000000
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
a2.adform.net
:scheme
https
:path
/serving/container/?pm=1180134&lid=34308779&ctype=0&media=0&PageName=Funimationnow+Universal&rnd=1400182621&cpref=&loc=https%3a%2f%2fwww.funimation.com%2f_Incapsula_Resource%3fCWUDNSAI%3d20%26xinfo%3d10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3d533001190044861048-229144979247007610%26edet%3d16%26cinfo%3d04000000
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
accept-encoding
gzip, deflate, br
cookie
cid=-7486911462574092421,0,0,0,0; uid=-7486911462574092421
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000

Response headers

status
200
server
nginx
date
Thu, 23 May 2019 19:53:11 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
content-encoding
gzip
expires
-1
vary
Accept-Encoding
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
i
tr.snapchat.com/cm/ Frame D0BC
0
0
Document
General
Full URL
https://tr.snapchat.com/cm/i?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000

Response headers

status
200
server
nginx
date
Thu, 23 May 2019 19:53:12 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
clear
p
tr.snapchat.com/ Frame 66D9
0
0
Document
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
456
pragma
no-cache
cache-control
no-cache
origin
https://www.funimation.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
accept-encoding
gzip, deflate, br
Origin
https://www.funimation.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000

Response headers

status
200
server
nginx
date
Thu, 23 May 2019 19:53:12 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AMAQEwIkkKPrG0bSmMHzvokKzcalRRvZe08FmSoOc69DFmBF3hImkDn8bIQkqMgAAAA==;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
clear
p
tr.snapchat.com/ Frame AFA2
0
0
Document
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
456
pragma
no-cache
cache-control
no-cache
origin
https://www.funimation.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
accept-encoding
gzip, deflate, br
Origin
https://www.funimation.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000

Response headers

status
200
server
nginx
date
Thu, 23 May 2019 19:53:12 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgRUAIAQFwIm8l4/KOFSmMHx3ssRRKIKtIJ0vya+A5HHoOAHL081meyqzo8cHtvHIazIAAAA=;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
clear
p
tr.snapchat.com/ Frame BE00
0
0
Document
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W977WG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
456
pragma
no-cache
cache-control
no-cache
origin
https://www.funimation.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
accept-encoding
gzip, deflate, br
cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AMAQEwIkkKPrG0bSmMHzvokKzcalRRvZe08FmSoOc69DFmBF3hImkDn8bIQkqMgAAAA==
Origin
https://www.funimation.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000

Response headers

status
200
server
nginx
date
Thu, 23 May 2019 19:53:12 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
clear
optout_check
beacon.krxd.net/ Frame 5831
64 B
318 B
Script
General
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.funimation.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f0b61617fbc713883207cc130147aee2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.196.173 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-228-196-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
144d5673659d4798e0f5f1ef745b6a8f4ac5c7b83244f218b02921829779127a

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 19:53:16 GMT
Cache-Control
private, max-age=0, s-max-age=0
X-Request-Time
D=130 t=1558641196
Connection
keep-alive
X-Served-By
beacon-n008-dub.krxd.net
Content-Length
64
Content-Type
text/javascript
fbevents.js
connect.facebook.net/en_US/ Frame 5831
54 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.funimation.com
URL: https://www.funimation.com/blog/2019/05/23/announcement-attack-on-titan-sub-delay/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2da4bddb294dec8e9872bf3c62a19cc79557300ac8ae97da4ac318f58c6b3512
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
od4thi/T90C9NPLmzoRkXlgd6hsZTT0Hue7Xquc/zZkNL1rO7lq5dHWRzTmfb65srMCKJ7uoW9SyE8oiUdwwHw==
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 May 2019 19:53:16 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
16355
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
2021709321409994
connect.facebook.net/signals/config/ Frame 5831
317 KB
90 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2021709321409994?v=2.8.50&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c85ed5a9291fcd6a093a51c971f6b5671362b6a41b5d11941a420d2a42157e1a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
CwTJtwxOp1CBNcNkXnW5jpfQxo+0Pdvv0oFHc+nu+bsBWAR2RF99GTP6ebSp1mdLQfjVgq/1QDV+zfEBu7K/rA==
date
Thu, 23 May 2019 19:53:16 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ Frame 5831
1 KB
901 B
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.50
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
I7wIbLLjFrzfNThqDZWTF3EgKC3LNsWCuwC1O1IxfumBfCEF6t2tQes5H56GyCgzn790T3yiRn9TYA25KBQ8pQ==
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 May 2019 19:53:16 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
772
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
cx.atdmt.com/ Frame 5831
Redirect Chain
  • https://www.facebook.com/tr/?id=2021709321409994&ev=PageView&dl=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%2520...
  • https://cx.atdmt.com/?c=13052468909204954798&f=AYwonuagjCVDqtKQJw2QnFBCMK6pVNz673H29v3gSOShz02DyPO3Mja21PBH_8IDtUo06xy8zq__gU4YZhbcgxC0&id=2021709321409994&l=3&v=0
42 B
409 B
Image
General
Full URL
https://cx.atdmt.com/?c=13052468909204954798&f=AYwonuagjCVDqtKQJw2QnFBCMK6pVNz673H29v3gSOShz02DyPO3Mja21PBH_8IDtUo06xy8zq__gU4YZhbcgxC0&id=2021709321409994&l=3&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:202:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 23 May 2019 19:53:16 GMT
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 May 2019 19:53:16 GMT
server
proxygen-bolt
location
https://cx.atdmt.com/?c=13052468909204954798&f=AYwonuagjCVDqtKQJw2QnFBCMK6pVNz673H29v3gSOShz02DyPO3Mja21PBH_8IDtUo06xy8zq__gU4YZhbcgxC0&id=2021709321409994&l=3&v=0
content-type
text/plain
status
302
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
www.facebook.com/tr/ Frame 5831
44 B
155 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2021709321409994&ev=Microdata&dl=https%3A%2F%2Fwww.funimation.com%2F_Incapsula_Resource%3FCWUDNSAI%3D20%26xinfo%3D10-60600690-0%25200NNN%2520RT%25281558641186804%25200%2529%2520q%25280%2520-1%2520-1%25200%2529%2520r%25280%2520-1%2529%2520B16%25284%252c314%252c0%2529%2520U18%26incident_id%3D533001190044861048-229144979247007610%26edet%3D16%26cinfo%3D04000000&rl=https%3A%2F%2Fwww.funimation.com%2Fblog%2F2019%2F05%2F23%2Fannouncement-attack-on-titan-sub-delay%2F&if=true&ts=1558641197161&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Funimation%20%7C%20Out%20of%20Territory%22%2C%22meta%3Adescription%22%3A%22You%20should%20be%20watching%20anime%20and%20Asian%20drama%20episodes%20on%20Funimation.com%20available%20in%20English%20dubs%20and%20subtitles.%22%2C%22meta%3Akeywords%22%3A%22Funimation%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Funimation%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.funimation.com%2F%2Ffunimation.com%2Fstatic%2Fimg%2Ffunimation-share-logo.jpg%22%2C%22og%3Atitle%22%3A%22Funimation%20%7C%20Watch%20Anime%20Episodes%20Streaming%20Online%22%2C%22og%3Adescription%22%3A%22You%20should%20be%20watching%20anime%20and%20Asian%20drama%20episodes%20on%20Funimation.com%20available%20in%20English%20dubs%20and%20subtitles.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.50&r=stable&ec=1&o=30&fbp=fb.1.1558641196650.111856382&it=1558641196356&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.funimation.com/_Incapsula_Resource?CWUDNSAI=20&xinfo=10-60600690-0%200NNN%20RT%281558641186804%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%284%2c314%2c0%29%20U18&incident_id=533001190044861048-229144979247007610&edet=16&cinfo=04000000
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 19:53:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 23 May 2019 19:53:17 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5373334.fls.doubleclick.net
7324166.collect.igodigital.com
a2.adform.net
alb.reddit.com
bat.bing.com
beacon.krxd.net
cdn.krxd.net
connect.facebook.net
consumer.krxd.net
ct.pinterest.com
cx.atdmt.com
d.impactradius-event.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
mt.sitomobile.com
pixel.tapad.com
s.pinimg.com
s3-us-west-2.amazonaws.com
sc-static.net
sp.sitomobile.com
stats.g.doubleclick.net
tr.snapchat.com
www.facebook.com
www.funimation.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
13.35.253.121
13.35.253.54
151.101.0.175
151.101.0.84
151.101.1.140
172.217.16.134
185.167.164.37
209.197.3.15
216.58.208.34
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:820::2002
2a00:1450:4001:820::2008
2a00:1450:4001:821::2003
2a00:1450:400c:c07::9c
2a03:2880:f01c:202:face:b00c:0:8c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:9::84
34.225.65.223
35.186.226.184
35.227.248.159
45.60.33.173
52.218.201.200
54.156.255.160
54.173.248.156
54.228.196.173
54.234.26.255
54.84.177.104
02c12028c90522c06327c224fefc978df14d510bf337adeb97eb1fb719d2e63e
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
084213c73b652b7e1843a68de01613c72c28f2c5c4715c1b412ff95e5d78cee3
10c3b1b8d9b03f13651f16b74cddff7a133468381315b1dcef26afdca5df8958
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
144d5673659d4798e0f5f1ef745b6a8f4ac5c7b83244f218b02921829779127a
1772bb9221cb908badb4c99fa3eab2f23b638e14f72125673fe8394681bf4d32
19c26b4753e8e4921e64cb1bd3ec61710f9aceb8922b32edfab5bbad4c4f51f9
28bc95613c388fca0b84b909d79b44eac7999a4cf1652f8759503bc90dba986f
294d73f96bfcc3d13d314147b9f452e6bcb5e6f484dd04443d450df4c1498932
2bc27d8f4991df9b9afa4f526a8c30f7ba282067214b6cfe70055c8e1d6b5a2d
2da4bddb294dec8e9872bf3c62a19cc79557300ac8ae97da4ac318f58c6b3512
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3904573f2772d03206a493b1af9dd704502e10807bb96769d08a77889efaa277
41aed41d81f3e0c4887befa31a88c160ff7c2e0a599e56448d788ee4767bfee6
444fcc33e065e2597a8b67303ac2f1a311b1972387f0594bd428391b78c0dfcf
45c0386a77d51ec7c70f9ef72f6b5556099b1b361b22b4c411ba358251a90d17
469e165638eae1c45a3a6153dd0c2bb41fe87226109ca2fe80a6a31d749f50e9
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703
5123bcd79bcfc023aa815bfd8a7b260a7e243c15e2edad7363223f9a9fd7aa6d
5cc4d7a9723d9a612b35d86a0edd065a6f3e4956ef57d72066d6444907e982a7
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6648d11a44db3552f19d1ceb7b29b60616e39e451018a45f0a2546a8d175b7dd
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6ae5fe6757e4708c5aabe2e1f28786aef4f64708a1a1c61cf461609cbfdc9a73
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
876ca1a49921f2edd961766d20a313e54e9ccc3c04261a753f64db3df2eee98a
8d8ce1dee099f93817996508880b2712495e56ec490746dba4f9674282144539
ac325d09a2d4b42c1ae9a5f7abe638bae1533e8f63273a192372139e1bde0716
c85ed5a9291fcd6a093a51c971f6b5671362b6a41b5d11941a420d2a42157e1a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d0c13f0111d4e75ce435758e9620945dc40323f640a8b5681dde886899153e84
d1014dd86ebf5e5b98a0fdee2ff1a8cb6c30c2a4c2bfd3bc15b0aaa3a8dd93c2
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de27b655ccea21663ed8075b7d4ab0e08091fbb18cfe571d72c0689008aca84e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41c8ee709f15c6391ad2fb6c882d713180eedf542e589b1f5e2c695356b7c3f
e603712a2e3b332e0e535ca254e4796d90e02828f7e832176a4fd6fa886f193b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd9de3afabf343e13c305fa182024238ff8e24025e5c88c6c5d56b0a88480cd