URL: http://quotesgem.pro/vancouver-canucks-jokes
Submission: On February 28 via manual from CA

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 52 HTTP transactions. The main IP is 31.31.196.188, located in Russian Federation and belongs to AS-REG, RU. The main domain is quotesgem.pro.
This is the only time quotesgem.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 31.31.196.188 197695 (AS-REG)
4 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.139.128.10 20446 (HIGHWINDS3)
4 2a02:6b8:20::215 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.211.69.97 14618 (AMAZON-AES)
3 188.72.202.99 35415 (WEBZILLA)
9 54.69.49.68 16509 (AMAZON-02)
2 2 147.75.102.200 54825 (PACKET)
1 195.181.175.46 60068 (CDN77)
5 143.204.98.159 16509 (AMAZON-02)
10 13.225.84.132 16509 (AMAZON-02)
2 143.204.101.73 16509 (AMAZON-02)
1 52.3.92.65 14618 (AMAZON-AES)
2 6 2a02:6b8::1:119 13238 (YANDEX)
52 16
Domain Requested by
10 d3dytsf4vrjn5x.cloudfront.net quotesgem.pro
9 api.content-ad.net quotesgem.pro
api.content-ad.net
6 mc.yandex.ru 2 redirects
5 d32oduq093hvot.cloudfront.net api.content-ad.net
quotesgem.pro
4 netdna.bootstrapcdn.com quotesgem.pro
4 quotesgem.pro quotesgem.pro
3 serconmp.com quotesgem.pro
serconmp.com
2 yastatic.net yandex.st
2 cdn.distiltag.com api.content-ad.net
cdn.distiltag.com
2 loadus.exelator.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
quotesgem.pro
2 yandex.st quotesgem.pro
yandex.st
1 origin.distiltag.com cdn.distiltag.com
1 load77.exelator.com quotesgem.pro
1 dcba.popcash.net cdn.popcash.net
1 cdn.popcash.net quotesgem.pro
1 www.googletagmanager.com quotesgem.pro
52 17

This site contains links to these domains. Also see Links.

Domain
clk.content-ad.net
www.content.ad
d32oduq093hvot.cloudfront.net
share.yandex.net
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.popcash.net
COMODO RSA Domain Validation Secure Server CA
2017-04-05 -
2020-04-26
3 years crt.sh
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3
2020-01-21 -
2020-04-20
3 months crt.sh
*.distiltag.com
Amazon
2019-12-11 -
2021-01-11
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh

This page contains 4 frames:

Primary Page: http://quotesgem.pro/vancouver-canucks-jokes
Frame ID: 523FD67324D88AF6EC7C1DF2DC6FF22D
Requests: 50 HTTP requests in this frame

Frame: http://serconmp.com/fac.php
Frame ID: D5D550184FB61D8E0F1C6B2412149F5F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.distiltag.com/kitten?ak=6b58f6c7ca02140d3635ad33c64e2a70f&pk=pgaqWZ3qNz7ADt9KwF3gkQeXAHv7yF8vyt4s6DkQ&AYAH_VERSION=2.0&cookiesync=true&AYAH_P2=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&AYAH_P1=2020022717_6a0d6d971a34bf59ef0c9ff4053c4808&AYAH_F3=419796&AYAH_F2=quotesgem.pro
Frame ID: 6704BCC03306AC04D309238CC8509658
Requests: 1 HTTP requests in this frame

Frame: http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Fquotesgem.com%2F&services=facebook,twitter,gplus
Frame ID: 46992FAC7C1E78158FA8FDF870AABB15
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

52
Requests

25 %
HTTPS

31 %
IPv6

13
Domains

17
Subdomains

16
IPs

5
Countries

541 kB
Transfer

1360 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • http://loadus.exelator.com/load/?p=104&g=891&j=0&buid=5a65f92d4eba49f0906b0e672fa61e9b_be HTTP 301
  • https://loadus.exelator.com/load/?p=104&g=891&j=0&buid=5a65f92d4eba49f0906b0e672fa61e9b_be HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 46
  • http://mc.yandex.ru/metrika/watch.js HTTP 301
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 49
  • https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.0.3%22%7D&browser-info=ti%3A10%3Ans%3A1582853684578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200228023451%3Aet%3A1582853691%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A942963321%3Ahid%3A344619641%3Ads%3A1%2C13%2C221%2C54%2C0%2C0%2C0%2C5302%2C5%2C6426%2C6426%2C4%2C5542%3Afp%3A5493%3Agdpr%3A14%3Av%3A1816%3Ast%3A1582853691%3Au%3A15828536911044935973%3At%3AVancouver%20Canucks%20Jokes HTTP 302
  • https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.0.3%22%7D&browser-info=ti%3A10%3Ans%3A1582853684578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200228023451%3Aet%3A1582853691%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A942963321%3Ahid%3A344619641%3Ads%3A1%2C13%2C221%2C54%2C0%2C0%2C0%2C5302%2C5%2C6426%2C6426%2C4%2C5542%3Afp%3A5493%3Agdpr%3A14%3Av%3A1816%3Ast%3A1582853691%3Au%3A15828536911044935973%3At%3AVancouver%20Canucks%20Jokes

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set vancouver-canucks-jokes
quotesgem.pro/
112 KB
25 KB
Document
General
Full URL
http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
31.31.196.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
vip34.hosting.reg.ru
Software
nginx / PHP/5.6.36
Resource Hash
80c05396424fa4a9dfa158923060bda1b14bf2f971a24127190e3cccbf948173
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
quotesgem.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Fri, 28 Feb 2020 01:34:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.36
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
X-Clockwork-Id
1582853684.7461.908303299
X-Clockwork-Version
1.5
X-Frame-Options
SAMEORIGIN
Set-Cookie
laravel_session=eyJpdiI6Ik9GZE9QWG9YdE9cL082S1lRXC9SbmNSd3EzNVo0V0dRSHhqd0lqQkgwOVFQST0iLCJ2YWx1ZSI6IjdLdFNUd2RhRkZvbFNoXC9ta0sreHJHNWR1czYxV1hCK0k0cE5iY041VGxXXC9zYzYyRzJqNEd1bkR4Y3VQUVNaSHdqaWNNaEZxWXJKbG1NXC9oNzhqbjl3PT0iLCJtYWMiOiI0Mzc0NmQ5NTExODIxNjg3NDYyNmY0MmEwZTE4NjZmYTUyMDIwNzAzODhhZDUzYzJkZDAwNTRhN2NmZTNkODUyIn0%3D; expires=Fri, 28-Feb-2020 03:34:44 GMT; Max-Age=7200; path=/; httponly
Vary
Accept-Encoding
Content-Encoding
gzip
bootstrap.min.css
netdna.bootstrapcdn.com/bootswatch/3.1.0/cerulean/
103 KB
18 KB
Stylesheet
General
Full URL
http://netdna.bootstrapcdn.com/bootswatch/3.1.0/cerulean/bootstrap.min.css
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9b357a73a2498cf531afbb7e5471ab0e76a868991de328d76528198dadd6b045

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Dec 2018 18:34:21 GMT
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
ETag
"1544639661"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
17672
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/
17 KB
4 KB
Stylesheet
General
Full URL
http://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.min.css
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Dec 2018 18:35:19 GMT
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
ETag
"1544639719"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
4009
style.css
quotesgem.pro/css/
4 KB
2 KB
Stylesheet
General
Full URL
http://quotesgem.pro/css/style.css
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
31.31.196.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
vip34.hosting.reg.ru
Software
nginx /
Resource Hash
f5e86c4548b5872fc5d901eec08252ee694de18a8430594f08ce8dffc1b2ae54

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Mar 2015 11:42:55 GMT
Server
nginx
ETag
"308c3f0-10b6-510b14d424dc0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1335
Expires
Sun, 29 Mar 2020 01:34:44 GMT
js
www.googletagmanager.com/gtag/
75 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-88924927-19
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
676ed6bfa8adc779f54861f7128d025a53ba4f369604b04ba39e46deee2ad373
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 01:34:44 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28625
x-xss-protection
0
last-modified
Fri, 28 Feb 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Feb 2020 01:34:44 GMT
pop.js
cdn.popcash.net/
104 KB
36 KB
Script
General
Full URL
http://cdn.popcash.net/pop.js
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06b1ed5b43dab123088feaa1b2367f542ab55f53869dd5e73e7a6dd4007fcc54

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:49 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Mon, 27 Jan 2020 12:49:35 GMT
Server
cloudflare
ETag
W/"5e2edc5f-19fcc"
Vary
Accept-Encoding
X-HW
1582853684.cds001.wa1.h2,1582853689.cds001.wa1.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
56be3d172c42f2e4-WAW
Content-Length
36670
jquery.min.js
yandex.st/jquery/2.0.3/
82 KB
28 KB
Script
General
Full URL
http://yandex.st/jquery/2.0.3/jquery.min.js
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
28265
X-Amz-Expiration
expiry-date="Thu, 01 Jan 1970 00:00:00 UTC", rule-id=""
Last-Modified
Mon, 12 Nov 2018 13:14:00 GMT
Server
nginx/1.17.8
Etag
"15f3faaa67fca127e619f10d7925686c"
X-Nginx-Request-Id
5441c4aeb4239e9e
Strict-Transport-Security
max-age=43200000; includeSubDomains;
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Accept-Ranges
bytes
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
netdna.bootstrapcdn.com/bootstrap/3.1.0/js/
28 KB
8 KB
Script
General
Full URL
http://netdna.bootstrapcdn.com/bootstrap/3.1.0/js/bootstrap.min.js
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Dec 2018 18:33:51 GMT
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
ETag
"1544639631"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
7665
main.js
quotesgem.pro/js/
16 KB
5 KB
Script
General
Full URL
http://quotesgem.pro/js/main.js?3
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
31.31.196.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
vip34.hosting.reg.ru
Software
nginx /
Resource Hash
08b6846cc6f6938ec641b2555cfdec7e8a4caa9b8d70ebe028af7c8fce981c67

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2015 14:25:10 GMT
Server
nginx
ETag
"308c40d-41d7-5109f73ab3d80"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5025
Expires
Sun, 29 Mar 2020 01:34:44 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88924927-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6153
date
Thu, 27 Feb 2020 23:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Fri, 28 Feb 2020 01:52:11 GMT
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1571114856&t=pageview&_s=1&dl=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&ul=en-us&de=UTF-8&dt=Vancouver%20Canucks%20Jokes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1235203164&gjid=1914483915&cid=1568200925.1582853685&tid=UA-88924927-19&_gid=877051946.1582853685&_r=1&gtm=2ou2j0&z=565399692
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 28 Feb 2020 01:34:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
znWaa3gu
dcba.popcash.net/
0
117 B
XHR
General
Full URL
https://dcba.popcash.net/znWaa3gu
Requested by
Host: cdn.popcash.net
URL: http://cdn.popcash.net/pop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.69.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-69-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
Origin
http://quotesgem.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Fri, 28 Feb 2020 01:34:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
expires
0
apu.php
serconmp.com/
3 KB
2 KB
XHR
General
Full URL
http://serconmp.com/apu.php?zoneid=1639657&oo=1
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
188.72.202.99 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
6f60ec31f382355fbf44b7b71b4e5acfb1e9894ff386a43427fdfeac01e7880d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Origin
http://quotesgem.pro
Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
6fd7478126d84e4ee10e2c49ed728493
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.min.js
serconmp.com/
90 KB
29 KB
Script
General
Full URL
http://serconmp.com/tag.min.js
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
188.72.202.99 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
b6a1841e09cab8f9eaa8259228a7a27f37c1bc0fc9cec46348d8ea9c19dc1c6d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
28497
X-Trace-Id
ed97ca79045d7e8ea6c2c8e19ecc56eb
Pragma
no-cache
Last-Modified
Thu, 13 Feb 2020 14:57:49 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
sprite.png
quotesgem.pro/img/
7 KB
8 KB
Image
General
Full URL
http://quotesgem.pro/img/sprite.png?1
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
31.31.196.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
vip34.hosting.reg.ru
Software
nginx /
Resource Hash
671d6fcc495b89ee9ad2704decefce72465d343fcdd7100451cbf7cb31affd59

Request headers

Referer
http://quotesgem.pro/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Last-Modified
Sat, 07 Mar 2015 06:39:34 GMT
Server
nginx
ETag
"308c3f4-1d70-510ad10651580"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7536
Expires
Sun, 29 Mar 2020 01:34:50 GMT
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/
43 KB
44 KB
Font
General
Full URL
http://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Origin
http://quotesgem.pro
Referer
http://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Dec 2018 18:35:43 GMT
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
ETag
"1544639743"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
font/woff
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
44433
widget2.aspx
api.content-ad.net/Scripts/
16 KB
4 KB
Script
General
Full URL
http://api.content-ad.net/Scripts/widget2.aspx?id=31a2d597-a46c-4595-af78-e0687a76a4a0&d=cXVvdGVzZ2VtLnBybw%3D%3D&wid=683802&cb=1582853690067
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3d1cfd4622e71045ff5911e1f863a38db029b34bd9d09f18e4de10df8e4100bc

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
vary
accept-encoding
Connection
keep-alive
Transfer-Encoding
chunked
Content-Language
en-US
Content-Type
text/javascript;charset=ISO-8859-1
widget2.aspx
api.content-ad.net/Scripts/
16 KB
4 KB
Script
General
Full URL
http://api.content-ad.net/Scripts/widget2.aspx?id=3fbb088c-bb37-401d-8614-a720c7a0af07&d=cXVvdGVzZ2VtLnBybw%3D%3D&wid=419796&cb=1582853690084
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
682ab6113eabc4948010415158da34fe188995a5877a78faed86de6000ffd446

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
vary
accept-encoding
Connection
keep-alive
Transfer-Encoding
chunked
Content-Language
en-US
Content-Type
text/javascript;charset=ISO-8859-1
widget2.aspx
api.content-ad.net/Scripts/
16 KB
4 KB
Script
General
Full URL
http://api.content-ad.net/Scripts/widget2.aspx?id=42eb0948-0e2a-4ca9-a354-911735e4c24c&d=cXVvdGVzZ2VtLnBybw%3D%3D&wid=419789&cb=1582853690087
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b8ef8ec4c9f93850e23149a3924a23b1198ec21bc12771226e1efc9e2c6427e5

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
vary
accept-encoding
Connection
keep-alive
Transfer-Encoding
chunked
Content-Language
en-US
Content-Type
text/javascript;charset=ISO-8859-1
share.js
yandex.st/share/
53 KB
14 KB
Script
General
Full URL
http://yandex.st/share/share.js?_=1582853690113
Requested by
Host: yandex.st
URL: http://yandex.st/jquery/2.0.3/jquery.min.js
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 24 Oct 2018 16:00:42 GMT
Server
nginx/1.17.8
Etag
W/"db7132f94e4730c128b638f72b46c899"
X-Nginx-Request-Id
6a226d87f83405de
Strict-Transport-Security
max-age=43200000; includeSubDomains;
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3613
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Fri, 28 Feb 2020 02:34:56 GMT
fac.php
serconmp.com/ Frame D5D5
0
0
Document
General
Full URL
http://serconmp.com/fac.php
Requested by
Host: serconmp.com
URL: http://serconmp.com/tag.min.js
Protocol
HTTP/1.1
Server
188.72.202.99 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
serconmp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://quotesgem.pro/vancouver-canucks-jokes
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://quotesgem.pro/vancouver-canucks-jokes

Response headers

Server
nginx
Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
eac0a6e89c96626d3d3de8c7f7afef56
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
pixel.gif
load77.exelator.com/
Redirect Chain
  • http://loadus.exelator.com/load/?p=104&g=891&j=0&buid=5a65f92d4eba49f0906b0e672fa61e9b_be
  • https://loadus.exelator.com/load/?p=104&g=891&j=0&buid=5a65f92d4eba49f0906b0e672fa61e9b_be
  • https://load77.exelator.com/pixel.gif
43 B
272 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-46.datapacket.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 28 Feb 2020 01:34:50 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
195.181.175.44
x-age
51165
accept-ranges
bytes
content-length
43

Redirect headers

date
Fri, 28 Feb 2020 01:34:50 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
GetWidget.aspx
api.content-ad.net/
23 KB
6 KB
Script
General
Full URL
http://api.content-ad.net/GetWidget.aspx?id=31a2d597-a46c-4595-af78-e0687a76a4a0&d=cXVvdGVzZ2VtLnBybw==&wid=683802&cb=1582853690067&lazyLoad=false&server=api.content-ad.net&title=Vancouver%2520Canucks%2520Jokes&url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&ik=2020022717_c47a4f1de7160b10a5a84979552b0331&ikb=c47a4f1de7160b10a5a84979552b0331&duid=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&ls=ip-172-18-2-101.ec2.internal&dstlload=true
Requested by
Host: api.content-ad.net
URL: http://api.content-ad.net/Scripts/widget2.aspx?id=31a2d597-a46c-4595-af78-e0687a76a4a0&d=cXVvdGVzZ2VtLnBybw%3D%3D&wid=683802&cb=1582853690067
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
212eed6fbada95d2a4da60b5ed6c2c5a8b1ebc80858563148e668e099fe82138

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
vary
accept-encoding
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
GetWidget.aspx
api.content-ad.net/
32 KB
8 KB
Script
General
Full URL
http://api.content-ad.net/GetWidget.aspx?id=3fbb088c-bb37-401d-8614-a720c7a0af07&d=cXVvdGVzZ2VtLnBybw==&wid=419796&cb=1582853690084&lazyLoad=false&server=api.content-ad.net&title=Vancouver%2520Canucks%2520Jokes&url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&ik=2020022717_6a0d6d971a34bf59ef0c9ff4053c4808&ikb=6a0d6d971a34bf59ef0c9ff4053c4808&duid=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&ls=ip-172-18-2-151.ec2.internal&dstlload=true
Requested by
Host: api.content-ad.net
URL: http://api.content-ad.net/Scripts/widget2.aspx?id=3fbb088c-bb37-401d-8614-a720c7a0af07&d=cXVvdGVzZ2VtLnBybw%3D%3D&wid=419796&cb=1582853690084
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
59abbff9512200936f9c11a40dfe6e674f8375c9e8ccabd0bd20032ce2b5fe0f

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
vary
accept-encoding
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
GetWidget.aspx
api.content-ad.net/
22 KB
5 KB
Script
General
Full URL
http://api.content-ad.net/GetWidget.aspx?id=42eb0948-0e2a-4ca9-a354-911735e4c24c&d=cXVvdGVzZ2VtLnBybw==&wid=419789&cb=1582853690087&lazyLoad=false&server=api.content-ad.net&title=Vancouver%2520Canucks%2520Jokes&url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&ik=2020022717_e42d6ab747087ed1c0722ac987c0926b&ikb=e42d6ab747087ed1c0722ac987c0926b&duid=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&ls=ip-172-18-2-51.ec2.internal&dstlload=true
Requested by
Host: api.content-ad.net
URL: http://api.content-ad.net/Scripts/widget2.aspx?id=42eb0948-0e2a-4ca9-a354-911735e4c24c&d=cXVvdGVzZ2VtLnBybw%3D%3D&wid=419789&cb=1582853690087
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
070a07eceffdac1b3baaa54f3c579d3e8b31f8a2b0d823c7ec0eaa45bceeb346

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
vary
accept-encoding
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
lib.min.js
d32oduq093hvot.cloudfront.net/templates/library/
30 KB
8 KB
Script
General
Full URL
http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690754
Requested by
Host: api.content-ad.net
URL: http://api.content-ad.net/GetWidget.aspx?id=31a2d597-a46c-4595-af78-e0687a76a4a0&d=cXVvdGVzZ2VtLnBybw==&wid=683802&cb=1582853690067&lazyLoad=false&server=api.content-ad.net&title=Vancouver%2520Canucks%2520Jokes&url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&ik=2020022717_c47a4f1de7160b10a5a84979552b0331&ikb=c47a4f1de7160b10a5a84979552b0331&duid=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&ls=ip-172-18-2-101.ec2.internal&dstlload=true
Protocol
HTTP/1.1
Server
143.204.98.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-159.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79c95ea6e08a1e65faa9fe56531f7183c17a39ee03f09536d11a36c97b87550d

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 22:48:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:08:32 GMT
Server
AmazonS3
Age
9958
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
X-Amz-Cf-Id
1HzkDywZZvzPSh48Icy_WjHXIbTn8DrEEb8sPbvlzsweq5ZgsXF8xw==
074b8aed258114f203c8c38322e87f7d.jpg
d3dytsf4vrjn5x.cloudfront.net/130719/300x250/
9 KB
9 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/130719/300x250/074b8aed258114f203c8c38322e87f7d.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e2870a4bc7726aea1f5360f794a58cc1b09710187c7ddd7eeba1ea4b6fd3069

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 05:01:31 GMT
Via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Last-Modified
Tue, 07 Jan 2020 14:13:58 GMT
Server
AmazonS3
Age
74000
ETag
"ff027116145fc785d990d890d61c15d4"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9211
X-Amz-Cf-Id
hXTKuePI7Qsuo3YCrM5mszaVD6v2zcLsNKUOK3XZh_8LDD-rW3CEEA==
CVprEpX4Pj-KZATBIqxcg-e773d4ac9e20c21191500c46a61bcc45.jpg
d3dytsf4vrjn5x.cloudfront.net/130626/300x250/
16 KB
17 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/130626/300x250/CVprEpX4Pj-KZATBIqxcg-e773d4ac9e20c21191500c46a61bcc45.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca0ab8cdd7f483b775502f701920f71d949ec2b4c7f728f63f309b58db95d4b1

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 08:47:35 GMT
Via
1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Dec 2019 12:14:49 GMT
Server
AmazonS3
Age
60436
ETag
"77f20f8622cd2d35a07083469102fe1e"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16539
X-Amz-Cf-Id
PYgyksYcqobJfigL_DSLk_V8nIt1E82w1AHF4ee7hBMjlnH3nnBxYA==
icBjPyExyf-b52be93fbe00b9aba78692224467a2ab.jpg
d3dytsf4vrjn5x.cloudfront.net/127136/300x250/
14 KB
14 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/127136/300x250/icBjPyExyf-b52be93fbe00b9aba78692224467a2ab.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31f5d0c62671186064f2f392142127898bfc39d6bc0cfc460a2912b26bac9ac8

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 06:51:02 GMT
Via
1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Oct 2019 03:53:27 GMT
Server
AmazonS3
Age
67429
ETag
"2bb92a8587638b650f1d70d985b6188f"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14158
X-Amz-Cf-Id
6n6eInycd03--GHT9ER9GVzWkc5LPLwRrZbydAHFWMj84bsREiqqHg==
n7rLN11p8t-hDbSY1j3YP-c8c80e45938189e0da25d589a68aca19.jpg
d3dytsf4vrjn5x.cloudfront.net/130858/300x250/
12 KB
13 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/130858/300x250/n7rLN11p8t-hDbSY1j3YP-c8c80e45938189e0da25d589a68aca19.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcb88051646472ceb6334e5389064c14dd16c0e83cde2f5729745a3a47600443

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 09:32:37 GMT
Via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
Last-Modified
Wed, 15 Jan 2020 15:36:35 GMT
Server
AmazonS3
Age
57734
ETag
"f33a21ae12778eb1026642c6df974e80"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12763
X-Amz-Cf-Id
5tOeVNMbgRgYyq73EshfxdTlnqpqQ1mKSzbz2YqxoDKm_ThiznvhTg==
px.gif
api.content-ad.net/
42 B
328 B
Image
General
Full URL
http://api.content-ad.net/px.gif
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Content-Encoding
gzip
vary
accept-encoding
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
c_ad_logo.png
d32oduq093hvot.cloudfront.net/icons/
3 KB
4 KB
Image
General
Full URL
http://d32oduq093hvot.cloudfront.net/icons/c_ad_logo.png
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
143.204.98.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-159.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba31b1be413eed01b715f4638d22bfa6321d5d32d1b3b484ef5ad37e6aba69e5

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 23:42:16 GMT
Via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Last-Modified
Fri, 08 Jul 2016 21:51:57 GMT
Server
AmazonS3
Age
6754
ETag
"f12843a46b53859feb8df76010acd492"
X-Cache
Hit from cloudfront
Content-Type
image/png
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3387
X-Amz-Cf-Id
eELyX1k7IFKECqIa8HuJYXjtB9jaKCfRKAQXbOMjmgWL4fHPNlWqkw==
vw.gif
api.content-ad.net/px/
31 B
31 B
Image
General
Full URL
http://api.content-ad.net/px/vw.gif?s=ip-172-18-1-118.ec2.internal&ip=82.102.19.133&wid=683802&cb=1582853690553&c=BE&d=&ik=2020022717_c47a4f1de7160b10a5a84979552b0331&haid=42688&hdid=279303&user=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Server
awselb/2.0
Connection
keep-alive
Content-Length
31
Content-Type
text/plain; charset=utf-8
pgaqWZ3qNz7ADt9KwF3gkQeXAHv7yF8vyt4s6DkQ
cdn.distiltag.com/api/v1/defense/script/
88 KB
30 KB
Script
General
Full URL
https://cdn.distiltag.com/api/v1/defense/script/pgaqWZ3qNz7ADt9KwF3gkQeXAHv7yF8vyt4s6DkQ?AYAH_F2=quotesgem.pro&AYAH_F3=419796&AYAH_P1=2020022717_6a0d6d971a34bf59ef0c9ff4053c4808&AYAH_P2=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82
Requested by
Host: api.content-ad.net
URL: http://api.content-ad.net/GetWidget.aspx?id=3fbb088c-bb37-401d-8614-a720c7a0af07&d=cXVvdGVzZ2VtLnBybw==&wid=419796&cb=1582853690084&lazyLoad=false&server=api.content-ad.net&title=Vancouver%2520Canucks%2520Jokes&url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&ik=2020022717_6a0d6d971a34bf59ef0c9ff4053c4808&ikb=6a0d6d971a34bf59ef0c9ff4053c4808&duid=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&ls=ip-172-18-2-151.ec2.internal&dstlload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-73.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
f1a07e65360c8ffe14ed14f9c1d84cb0d078f5f3e92237eaffe714d51dc46dca

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 28 Feb 2020 01:28:21 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA50-C1
Age
389
X-Powered-By
Express
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
Cache-Control
public, max-age=600
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript
X-Amz-Cf-Id
A9O8q7-trNuEMdr0y69GsHM2rvz7pWkkbevlR4_RN3QsyiJnd8d86Q==
lib.min.js
d32oduq093hvot.cloudfront.net/templates/library/
30 KB
8 KB
Script
General
Full URL
http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690809
Requested by
Host: api.content-ad.net
URL: http://api.content-ad.net/GetWidget.aspx?id=3fbb088c-bb37-401d-8614-a720c7a0af07&d=cXVvdGVzZ2VtLnBybw==&wid=419796&cb=1582853690084&lazyLoad=false&server=api.content-ad.net&title=Vancouver%2520Canucks%2520Jokes&url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&ik=2020022717_6a0d6d971a34bf59ef0c9ff4053c4808&ikb=6a0d6d971a34bf59ef0c9ff4053c4808&duid=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&ls=ip-172-18-2-151.ec2.internal&dstlload=true
Protocol
HTTP/1.1
Server
143.204.98.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-159.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79c95ea6e08a1e65faa9fe56531f7183c17a39ee03f09536d11a36c97b87550d

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 22:48:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:08:32 GMT
Server
AmazonS3
Age
9958
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
X-Amz-Cf-Id
qQuUR4grzQ2UJMX9-vtH7D13ug8bsYfq-Omew89XAMEcOKDW2Qyb7w==
myh4CBIGFt-rrcQHGu2mY-cggMsz5BVe-ovzdX11AAl-d7b95d0581502670afd2f9098d0c35e1.jpg
d3dytsf4vrjn5x.cloudfront.net/130901/300x250/
19 KB
19 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/130901/300x250/myh4CBIGFt-rrcQHGu2mY-cggMsz5BVe-ovzdX11AAl-d7b95d0581502670afd2f9098d0c35e1.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74ab46b7aee221827ae91f2dd29438678985fb664bb08fcd805f6a898f1ce8c7

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 04:42:08 GMT
Via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
Last-Modified
Sun, 19 Jan 2020 12:01:57 GMT
Server
AmazonS3
Age
75163
ETag
"5f03db876b8240a48bde19856032557e"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19154
X-Amz-Cf-Id
dPrfHrLDTxfl0wUdaJTPFV5HkpGjgLpLREKvmAnDhg5alcFiyF32Tw==
CgjxbVwRRP-aRwB7OVPJn-f16LYDkw9B-447857c642ca627c8f2f00857f530002.jpg
d3dytsf4vrjn5x.cloudfront.net/127046/300x250/
19 KB
19 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/127046/300x250/CgjxbVwRRP-aRwB7OVPJn-f16LYDkw9B-447857c642ca627c8f2f00857f530002.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79fb420b97018dff21a439d4fcdbedf5c4fd5623a0fd8f4c8edeab2f672e83

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 06:53:59 GMT
Via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
Last-Modified
Fri, 25 Oct 2019 04:29:38 GMT
Server
AmazonS3
Age
67252
ETag
"997d8e75416ee0d0ef4c31cd4460e4b8"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19175
X-Amz-Cf-Id
bYOlVDb0APhyBchVVYP5y6FulF8TdMn7r0J1dqaRnySp1r0JUCbbog==
6N2Cv1dOB1-OIyURDjcLX-d7ab6d93c4a96b5087660e1bee62c9f7.jpg
d3dytsf4vrjn5x.cloudfront.net/130626/300x250/
14 KB
15 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/130626/300x250/6N2Cv1dOB1-OIyURDjcLX-d7ab6d93c4a96b5087660e1bee62c9f7.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21aed3a041422fdca470ccae11392924a560017abd618ccc1546ceb19ee4d811

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 06:38:35 GMT
Via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Dec 2019 12:14:50 GMT
Server
AmazonS3
Age
68176
ETag
"a8dc8b97eecadc72f9bc1636e752b83b"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14462
X-Amz-Cf-Id
SDR24iz7pq6ce6PijBCaRU0Zgxw--cPoZmziew4pLsRmbY0FUl_yjQ==
23b506ee176532175f5596b27ccf0dd7.jpg
d3dytsf4vrjn5x.cloudfront.net/125033/300x250/
12 KB
12 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/125033/300x250/23b506ee176532175f5596b27ccf0dd7.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
267541cfbfa055d65711ceb0f69bc69af670af72b63d4de004116bcf90c70ebf

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 07:30:10 GMT
Via
1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
Last-Modified
Fri, 13 Sep 2019 22:24:09 GMT
Server
AmazonS3
Age
65081
ETag
"817b488aa22c0e6bb8acdbb1ba6096b7"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12181
X-Amz-Cf-Id
M5jq3qem4R1qMZktQSnIFzJ2WA4VEhobGKmEIgeuY-EKNLXCEt7suw==
b3236ec022eccea8855338a0e5aef626.jpg
d3dytsf4vrjn5x.cloudfront.net/125033/300x250/
9 KB
9 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/125033/300x250/b3236ec022eccea8855338a0e5aef626.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
426ec956a1550ac10480686ee6c6553b4635663f1de065f35395004f84a0bc10

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 06:19:34 GMT
Via
1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
Last-Modified
Fri, 13 Sep 2019 22:58:01 GMT
Server
AmazonS3
Age
69317
ETag
"e3adaa8dbee7bdd438b41a5d822d9add"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8896
X-Amz-Cf-Id
svZtVOLki-wxVvxtA6shsDlWst8omL9zgX9xaXC2Ds6fX0gjm8TvYA==
b409a1d73de8d282daf3e6ab2efe0fc9.jpg
d3dytsf4vrjn5x.cloudfront.net/125033/300x250/
10 KB
10 KB
Image
General
Full URL
http://d3dytsf4vrjn5x.cloudfront.net/125033/300x250/b409a1d73de8d282daf3e6ab2efe0fc9.jpg
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
13.225.84.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9095682c56c0c9737f6b4677145724e14081673a56c69442b3467e5cb38c2c88

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 06:53:46 GMT
Via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
Last-Modified
Fri, 13 Sep 2019 23:00:13 GMT
Server
AmazonS3
Age
67265
ETag
"2f492abc8170b8e4ef9cd58fd81847c6"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9995
X-Amz-Cf-Id
ZCNkjG08rUIEbi1DhASyPgWXi6vTK9PenatkxSYGAaDZFVpSR9dozA==
lib.min.js
d32oduq093hvot.cloudfront.net/templates/library/
30 KB
8 KB
Script
General
Full URL
http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690812
Requested by
Host: api.content-ad.net
URL: http://api.content-ad.net/GetWidget.aspx?id=42eb0948-0e2a-4ca9-a354-911735e4c24c&d=cXVvdGVzZ2VtLnBybw==&wid=419789&cb=1582853690087&lazyLoad=false&server=api.content-ad.net&title=Vancouver%2520Canucks%2520Jokes&url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&ik=2020022717_e42d6ab747087ed1c0722ac987c0926b&ikb=e42d6ab747087ed1c0722ac987c0926b&duid=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&ls=ip-172-18-2-51.ec2.internal&dstlload=true
Protocol
HTTP/1.1
Server
143.204.98.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-159.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79c95ea6e08a1e65faa9fe56531f7183c17a39ee03f09536d11a36c97b87550d

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 27 Feb 2020 22:48:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:08:32 GMT
Server
AmazonS3
Age
9958
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
X-Amz-Cf-Id
ZcxxBBI-DSCIj-PcxCWXoArd05yxWNWWJvVXNIdbEUQbZ3pnVNI7rg==
vw.gif
api.content-ad.net/px/
31 B
31 B
Image
General
Full URL
http://api.content-ad.net/px/vw.gif?s=ip-172-18-1-27.ec2.internal&ip=82.102.19.133&wid=419789&cb=1582853690569&c=BE&d=&ik=2020022717_e42d6ab747087ed1c0722ac987c0926b&haid=42688&hdid=279303&user=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Server
54.69.49.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-49-68.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:50 GMT
Server
awselb/2.0
Connection
keep-alive
Content-Length
31
Content-Type
text/plain; charset=utf-8
sponsoredlinks_play_sm.png
d32oduq093hvot.cloudfront.net/icons/
635 B
1 KB
Image
General
Full URL
https://d32oduq093hvot.cloudfront.net/icons/sponsoredlinks_play_sm.png
Requested by
Host: quotesgem.pro
URL: http://quotesgem.pro/vancouver-canucks-jokes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-159.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6942aede0ce38fc1e417f499a30e3e7e33601a0b0729dfe400ef7255d42dee0b

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 27 Feb 2020 23:42:19 GMT
Via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Last-Modified
Tue, 24 Sep 2019 22:04:13 GMT
Server
AmazonS3
Age
6752
ETag
"9cea76753f0fd3cdd83eeb77c84a0e94"
X-Cache
Hit from cloudfront
Content-Type
image/png
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
635
X-Amz-Cf-Id
DSme0zpNKviGzZJ18XaYNClGGX0CICinp87v5Pq-m8tZHMWpPx61TA==
kitten
cdn.distiltag.com/ Frame 6704
0
0
Document
General
Full URL
https://cdn.distiltag.com/kitten?ak=6b58f6c7ca02140d3635ad33c64e2a70f&pk=pgaqWZ3qNz7ADt9KwF3gkQeXAHv7yF8vyt4s6DkQ&AYAH_VERSION=2.0&cookiesync=true&AYAH_P2=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82&AYAH_P1=2020022717_6a0d6d971a34bf59ef0c9ff4053c4808&AYAH_F3=419796&AYAH_F2=quotesgem.pro
Requested by
Host: cdn.distiltag.com
URL: https://cdn.distiltag.com/api/v1/defense/script/pgaqWZ3qNz7ADt9KwF3gkQeXAHv7yF8vyt4s6DkQ?AYAH_F2=quotesgem.pro&AYAH_F3=419796&AYAH_P1=2020022717_6a0d6d971a34bf59ef0c9ff4053c4808&AYAH_P2=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-73.fra50.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Host
cdn.distiltag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://quotesgem.pro/vancouver-canucks-jokes
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://quotesgem.pro/vancouver-canucks-jokes

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
X-Powered-By
Express
Content-Encoding
gzip
Date
Fri, 28 Feb 2020 01:34:16 GMT
Cache-Control
public, max-age=600
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
LhDyJPoh_rW_81IvCYvQbH795i12h4bABLmrhUpmrMg1gCTyivfFoA==
Age
35
events
origin.distiltag.com/
424 B
902 B
XHR
General
Full URL
https://origin.distiltag.com/events?cb=1582853690924:7623714&ak=6b58f6c7ca02140d3635ad33c64e2a70f
Requested by
Host: cdn.distiltag.com
URL: https://cdn.distiltag.com/api/v1/defense/script/pgaqWZ3qNz7ADt9KwF3gkQeXAHv7yF8vyt4s6DkQ?AYAH_F2=quotesgem.pro&AYAH_F3=419796&AYAH_P1=2020022717_6a0d6d971a34bf59ef0c9ff4053c4808&AYAH_P2=62ee8021e58aef1bc859388a8fab0e3bfe832746704f634b842a38c1c42bde82
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.92.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-92-65.compute-1.amazonaws.com
Software
/ Express
Resource Hash
5a30576300c2aa76d94432be8a42da4868ba0ae3fc715254d97cfadca296ae2d

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
Origin
http://quotesgem.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 28 Feb 2020 01:34:51 GMT
X-Powered-By
Express
Vary
Origin
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Access-Control-Allow-Origin
http://quotesgem.pro
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
424
ya-share-cnt.html
yastatic.net/share/ Frame 4699
0
0
Document
General
Full URL
http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Fquotesgem.com%2F&services=facebook,twitter,gplus
Requested by
Host: yandex.st
URL: http://yandex.st/share/share.js?_=1582853690113
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Host
yastatic.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://quotesgem.pro/vancouver-canucks-jokes
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://quotesgem.pro/vancouver-canucks-jokes

Response headers

Server
nginx/1.17.8
Date
Fri, 28 Feb 2020 01:34:51 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Nginx-Request-Id
1220a0577d5e236d
Access-Control-Allow-Origin
*
Etag
W/"b4410f26aa4a1448071c7f97e2a81e4c"
Expires
Fri, 28 Feb 2020 02:30:50 GMT
Last-Modified
Wed, 24 Oct 2018 16:00:42 GMT
Cache-Control
public, max-age=3609
Content-Encoding
gzip
Strict-Transport-Security
max-age=43200000; includeSubDomains;
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
135 KB
40 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
34b568eef0657824a10a891e354fa61980da7909f3e35bee2b2d5353371f9687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:51 GMT
Content-Encoding
br
Last-Modified
Tue, 25 Feb 2020 15:24:58 GMT
Server
nginx/1.14.2
ETag
"5e553c4a-9ea0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40608
Expires
Fri, 28 Feb 2020 02:34:51 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Date
Fri, 28 Feb 2020 01:34:51 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Length
185
Content-Type
text/html
b-share_counter_small.png
yastatic.net/share/static/
1 KB
2 KB
Image
General
Full URL
http://yastatic.net/share/static/b-share_counter_small.png
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
e78b6d74434a2318e1f3907c0a621a7f7b5883614e7589f79c180fbdad59e943
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 01:34:51 GMT
Vary
Accept-Encoding
X-Nginx-Request-Id
d75e2f2e776f8b4e
Connection
keep-alive
Content-Length
1058
Last-Modified
Wed, 24 Oct 2018 16:00:42 GMT
Server
nginx/1.17.8
Etag
"a41b8bd207e963b98646a45084f36f17"
Strict-Transport-Security
max-age=43200000; includeSubDomains;
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3609
Accept-Ranges
bytes
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Fri, 28 Feb 2020 02:34:14 GMT
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
1
mc.yandex.ru/watch/26812653/
Redirect Chain
  • https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.0.3%22%7D&browser-inf...
  • https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.0.3%22%7D&browser-i...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.0.3%22%7D&browser-info=ti%3A10%3Ans%3A1582853684578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200228023451%3Aet%3A1582853691%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A942963321%3Ahid%3A344619641%3Ads%3A1%2C13%2C221%2C54%2C0%2C0%2C0%2C5302%2C5%2C6426%2C6426%2C4%2C5542%3Afp%3A5493%3Agdpr%3A14%3Av%3A1816%3Ast%3A1582853691%3Au%3A15828536911044935973%3At%3AVancouver%20Canucks%20Jokes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 01:34:51 GMT
Last-Modified
Fri, 28-Feb-2020 01:34:51 GMT
Server
nginx/1.14.2
Location
/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.0.3%22%7D&browser-info=ti%3A10%3Ans%3A1582853684578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200228023451%3Aet%3A1582853691%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A942963321%3Ahid%3A344619641%3Ads%3A1%2C13%2C221%2C54%2C0%2C0%2C0%2C5302%2C5%2C6426%2C6426%2C4%2C5542%3Afp%3A5493%3Agdpr%3A14%3Av%3A1816%3Ast%3A1582853691%3Au%3A15828536911044935973%3At%3AVancouver%20Canucks%20Jokes
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
http://quotesgem.pro
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 28-Feb-2020 01:34:51 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 01:34:51 GMT
Last-Modified
Fri, 28-Feb-2020 01:34:51 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://quotesgem.pro
Strict-Transport-Security
max-age=31536000
Location
/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.0.3%22%7D&browser-info=ti%3A10%3Ans%3A1582853684578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200228023451%3Aet%3A1582853691%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A942963321%3Ahid%3A344619641%3Ads%3A1%2C13%2C221%2C54%2C0%2C0%2C0%2C5302%2C5%2C6426%2C6426%2C4%2C5542%3Afp%3A5493%3Agdpr%3A14%3Av%3A1816%3Ast%3A1582853691%3Au%3A15828536911044935973%3At%3AVancouver%20Canucks%20Jokes
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 28-Feb-2020 01:34:51 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 28 Feb 2020 01:34:51 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 28 Feb 2020 02:34:51 GMT
1
mc.yandex.ru/watch/26812653/
133 B
681 B
XHR
General
Full URL
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fquotesgem.pro%2Fvancouver-canucks-jokes&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%222.0.3%22%7D&browser-info=ti%3A10%3Ans%3A1582853684578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200228023451%3Aet%3A1582853691%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A942963321%3Ahid%3A344619641%3Ads%3A1%2C13%2C221%2C54%2C0%2C0%2C0%2C5302%2C5%2C6426%2C6426%2C4%2C5542%3Afp%3A5493%3Agdpr%3A14%3Av%3A1816%3Ast%3A1582853691%3Au%3A15828536911044935973%3At%3AVancouver%20Canucks%20Jokes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
422b04c48d3988193ef678e35ed993f22ac80a56699b99b36a231104b3cda79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://quotesgem.pro/vancouver-canucks-jokes
Origin
http://quotesgem.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 01:34:51 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 28-Feb-2020 01:34:51 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://quotesgem.pro
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Fri, 28-Feb-2020 01:34:51 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga string| uid string| wid object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| popns boolean| N3 object| IOarzRhPlP number| pop_fcap string| k object| _3uoj96jpz4p object| zfgformats function| setImmediate function| clearImmediate function| _mksas function| _fbkkkas function| $ function| jQuery boolean| fbsdk_l boolean| vk_init_l boolean| cloudTimeout function| vote function| pId function| vk_init function| vk_comments_handler function| fb_comments_handler function| load_fbsdk function| getCookie function| setCookie function| share_window function| addLink function| loadReformal function| loadAds function| loadYaShare function| redrawLinksCloud function| fbCommentsWorkaround function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| Ya object| match object| widget683802 string| key undefined| touchEnabled undefined| isMobile undefined| userAgent undefined| iPhoneIndex undefined| iPadIndex undefined| isIPhone undefined| isAndroid undefined| isOtherMobile undefined| d undefined| isInternetExplorer undefined| oldOnMouseMove object| widget419796 object| widget419789 function| contentAd683802 object| Grid_683802 function| initJQuery683802 function| familyFriendlyHandler function| ga_ca function| contentAd419789 function| initJQuery419789 function| contentAd419796 object| Grid_419796 function| initJQuery419796 object| sponsoredLinks function| libInit object| libParams object| Modal_683802 object| Modal_419789 object| Modal_419796 object| AyahPublisherOptions object| xhr string| AYAH_STARTED object| yaCounter26812653

3 Cookies

Domain/Path Name / Value
.quotesgem.pro/ Name: _gid
Value: GA1.2.1323808569.1582853691
.quotesgem.pro/ Name: _ga
Value: GA1.2.597172286.1582853691
.quotesgem.pro/ Name: __PPU_BACKCLCK_1639657
Value: true

14 Console Messages

Source Level URL
Text
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
Popunder Script @ popunderjs.com
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
Author: Phan Thanh Cong <contact@ptcong.com>
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
Version: 2.11.15
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
Release: 2020/1/2
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
111
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
[License] Domains: popcash.net,@network,.local,localhost,127.0.0.1
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
[License] Expires: 2021/2/15
console-api info URL: http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690754(Line 1)
Message:
WID 683802: Add Widget 683802 to library
console-api info URL: http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690754(Line 1)
Message:
[object Object]
console-api info URL: http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690754(Line 1)
Message:
WID 683802: Require Modal Extension:false
console-api info URL: http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690812(Line 1)
Message:
WID 419789: Add Widget 419789 to library
console-api info URL: http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690812(Line 1)
Message:
[object Object]
console-api info URL: http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690809(Line 1)
Message:
WID 419796: Add Widget 419796 to library
console-api info URL: http://d32oduq093hvot.cloudfront.net/templates/library/lib.min.js?cb=1582853690809(Line 1)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.content-ad.net
cdn.distiltag.com
cdn.popcash.net
d32oduq093hvot.cloudfront.net
d3dytsf4vrjn5x.cloudfront.net
dcba.popcash.net
load77.exelator.com
loadus.exelator.com
mc.yandex.ru
netdna.bootstrapcdn.com
origin.distiltag.com
quotesgem.pro
serconmp.com
www.google-analytics.com
www.googletagmanager.com
yandex.st
yastatic.net
13.225.84.132
143.204.101.73
143.204.98.159
147.75.102.200
151.139.128.10
18.211.69.97
188.72.202.99
195.181.175.46
2001:4de0:ac19::1:b:3b
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2008
2a02:6b8:20::215
2a02:6b8::1:119
31.31.196.188
52.3.92.65
54.69.49.68
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
06b1ed5b43dab123088feaa1b2367f542ab55f53869dd5e73e7a6dd4007fcc54
070a07eceffdac1b3baaa54f3c579d3e8b31f8a2b0d823c7ec0eaa45bceeb346
08b6846cc6f6938ec641b2555cfdec7e8a4caa9b8d70ebe028af7c8fce981c67
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
212eed6fbada95d2a4da60b5ed6c2c5a8b1ebc80858563148e668e099fe82138
21aed3a041422fdca470ccae11392924a560017abd618ccc1546ceb19ee4d811
267541cfbfa055d65711ceb0f69bc69af670af72b63d4de004116bcf90c70ebf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31f5d0c62671186064f2f392142127898bfc39d6bc0cfc460a2912b26bac9ac8
34b568eef0657824a10a891e354fa61980da7909f3e35bee2b2d5353371f9687
3d1cfd4622e71045ff5911e1f863a38db029b34bd9d09f18e4de10df8e4100bc
422b04c48d3988193ef678e35ed993f22ac80a56699b99b36a231104b3cda79e
426ec956a1550ac10480686ee6c6553b4635663f1de065f35395004f84a0bc10
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59abbff9512200936f9c11a40dfe6e674f8375c9e8ccabd0bd20032ce2b5fe0f
5a30576300c2aa76d94432be8a42da4868ba0ae3fc715254d97cfadca296ae2d
671d6fcc495b89ee9ad2704decefce72465d343fcdd7100451cbf7cb31affd59
676ed6bfa8adc779f54861f7128d025a53ba4f369604b04ba39e46deee2ad373
682ab6113eabc4948010415158da34fe188995a5877a78faed86de6000ffd446
6942aede0ce38fc1e417f499a30e3e7e33601a0b0729dfe400ef7255d42dee0b
6f60ec31f382355fbf44b7b71b4e5acfb1e9894ff386a43427fdfeac01e7880d
74ab46b7aee221827ae91f2dd29438678985fb664bb08fcd805f6a898f1ce8c7
79c95ea6e08a1e65faa9fe56531f7183c17a39ee03f09536d11a36c97b87550d
80c05396424fa4a9dfa158923060bda1b14bf2f971a24127190e3cccbf948173
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e2870a4bc7726aea1f5360f794a58cc1b09710187c7ddd7eeba1ea4b6fd3069
9095682c56c0c9737f6b4677145724e14081673a56c69442b3467e5cb38c2c88
944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114
9b357a73a2498cf531afbb7e5471ab0e76a868991de328d76528198dadd6b045
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
ab79fb420b97018dff21a439d4fcdbedf5c4fd5623a0fd8f4c8edeab2f672e83
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6a1841e09cab8f9eaa8259228a7a27f37c1bc0fc9cec46348d8ea9c19dc1c6d
b8ef8ec4c9f93850e23149a3924a23b1198ec21bc12771226e1efc9e2c6427e5
ba31b1be413eed01b715f4638d22bfa6321d5d32d1b3b484ef5ad37e6aba69e5
bcb88051646472ceb6334e5389064c14dd16c0e83cde2f5729745a3a47600443
ca0ab8cdd7f483b775502f701920f71d949ec2b4c7f728f63f309b58db95d4b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78b6d74434a2318e1f3907c0a621a7f7b5883614e7589f79c180fbdad59e943
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a07e65360c8ffe14ed14f9c1d84cb0d078f5f3e92237eaffe714d51dc46dca
f5e86c4548b5872fc5d901eec08252ee694de18a8430594f08ce8dffc1b2ae54