urlscan.io logo urlscan.io
SecurityTrails logo

d1kw8twmbo353b.cloudfront.net Open in urlscan Pro
13.32.158.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.cn/RkZxDzg
Effective URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Submission: On August 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 64 HTTP transactions. The main IP is 13.32.158.142, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is d1kw8twmbo353b.cloudfront.net.
TLS certificate: Issued by DigiCert Global CA G2 on November 22nd 2017. Valid for: a year.
This is the only time d1kw8twmbo353b.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 116.211.169.137 58563 (CHINATELE...)
1 151.101.13.194 54113 (FASTLY)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
4 151.101.12.133 54113 (FASTLY)
3 2400:cb00:204... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 5 13.32.158.171 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 13.32.158.142 16509 (AMAZON-02)
10 36.229.117.193 3462 (HINET Dat...)
4 36.237.122.157 3462 (HINET Dat...)
6 216.58.206.2 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
64 15
1    116.211.169.137 (Wuhan, China)

ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)
t.cn
1    151.101.13.194 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
0rr32d.global.ssl.fastly.net
2    2400:cb00:2048:1::6810:5714 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.jsdelivr.net
7    2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
4    151.101.12.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
raw.githubusercontent.com
3    2400:cb00:2048:1::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
8    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
4    2a00:1450:4001:80b::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
5    13.32.158.171 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-171.fra56.r.cloudfront.net
d1kw8twmbo353b.cloudfront.net
2    2a00:1450:400c:c0c::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
4    13.32.158.142 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-142.fra56.r.cloudfront.net
d1kw8twmbo353b.cloudfront.net
10    36.229.117.193 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 36-229-117-193.dynamic-ip.hinet.net
36.229.117.193
4    36.237.122.157 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 36-237-122-157.dynamic-ip.hinet.net
36.237.122.157
6    216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
Domain Requested by
9 d1kw8twmbo353b.cloudfront.net 2 redirects cdn.jsdelivr.net
0rr32d.global.ssl.fastly.net
d1kw8twmbo353b.cloudfront.net
7 pagead2.googlesyndication.com 0rr32d.global.ssl.fastly.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
d1kw8twmbo353b.cloudfront.net
4 www.google-analytics.com 2 redirects 0rr32d.global.ssl.fastly.net
d1kw8twmbo353b.cloudfront.net
4 raw.githubusercontent.com cdn.jsdelivr.net
d1kw8twmbo353b.cloudfront.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 cdnjs.cloudflare.com 0rr32d.global.ssl.fastly.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 stats.g.doubleclick.net 0rr32d.global.ssl.fastly.net
d1kw8twmbo353b.cloudfront.net
2 adservice.google.com pagead2.googlesyndication.com
www.googletagservices.com
2 adservice.google.de pagead2.googlesyndication.com
www.googletagservices.com
2 cdn.jsdelivr.net 0rr32d.global.ssl.fastly.net
d1kw8twmbo353b.cloudfront.net
1 www.googletagservices.com d1kw8twmbo353b.cloudfront.net
1 0rr32d.global.ssl.fastly.net
1 t.cn 1 redirects
64 15

This site contains links to these domains. Also see Links.

Domain
36.229.117.193
github.com
t.cn
Subject Issuer Validity Valid
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-07-27 -
2019-02-01		 6 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-05-19 -
2018-11-25		 6 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2017-03-23 -
2020-05-13		 3 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-04-14 -
2018-10-21		 6 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2017-11-22 -
2018-11-21		 a year crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2018-08-07 -
2018-10-16		 2 months crt.sh

This page contains 7 frames:

Primary Page: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Frame ID: 6915712C6E0F76C51882315E6EB638CF
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180820/r20180604/zrt_lookup.html
Frame ID: 4CCC6F4D78DCC35B219B3526497C760B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Frame ID: 3FD8169F1038B30D38E827F9CCB5E5A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1535068063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535068063101&bpp=9&bdt=591&fdt=12&idt=95&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&correlator=662441782996&frm=20&pv=2&ga_vid=1416547390.1535068063&ga_sid=1535068063&ga_hid=777243856&ga_fc=0&iag=0&icsg=35488&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=8aSul9YPcm&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=116
Frame ID: DE8908B1DE5C716590A56AD516999EC8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Frame ID: 8476B7F2B03B0B89E2E1DCBB0476612D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1535068063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535068063113&bpp=6&bdt=603&fdt=115&idt=116&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=662441782996&frm=20&pv=1&ga_vid=1416547390.1535068063&ga_sid=1535068063&ga_hid=777243856&ga_fc=0&iag=0&icsg=559776&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=eRyplFz299&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=121
Frame ID: 23EEEF1C504407BF290B3FC673856492
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180820/r20110914/activeview/osd_listener.js
Frame ID: A674A69F2F85773EA88361F8EF94A0DF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.cn/RkZxDzg HTTP 302
    https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885 Page URL
  2. https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365e... HTTP 302
    https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=htt... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

64
Requests

69 %
HTTPS

47 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

1015 kB
Transfer

2540 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.cn/RkZxDzg HTTP 302
    https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885 Page URL
  2. https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365ef364 HTTP 302
    https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.cn/RkZxDzg HTTP 302
  • https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Request Chain 19
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=777243856&t=pageview&_s=1&dl=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=881796468&gjid=1813780902&cid=1416547390.1535068063&tid=UA-90274311-1&_gid=1474399391.1535068063&_r=1&z=673521415 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1416547390.1535068063&jid=881796468&_gid=1474399391.1535068063&gjid=1813780902&_v=j68&z=673521415
Request Chain 23
  • https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365ef364 HTTP 302
  • https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Request Chain 48
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1586984219&t=pageview&_s=1&dl=https%3A%2F%2Fd1kw8twmbo353b.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957317365ef364%26ag%3Dhttp%3A%2F%2F220%2F&dr=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&ul=en-us&de=UTF-8&dt=%E5%8A%A8%E6%80%81%E7%BD%91&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=909300157&gjid=135786145&cid=275376041.1535068067&tid=UA-90274311-1&_gid=72814554.1535068067&_r=1&z=967565202 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=275376041.1535068067&jid=909300157&_gid=72814554.1535068067&gjid=135786145&_v=j68&z=967565202

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set oo.aspx
0rr32d.global.ssl.fastly.net/
Redirect Chain
  • http://t.cn/RkZxDzg
  • https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
83 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
071219cf2bf4e18b792bdd8e79fc4db90dc39fb1a33ed76c835a90446a561056

Request headers

Host
0rr32d.global.ssl.fastly.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6915712C6E0F76C51882315E6EB638CF

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Set-Cookie
ASP.NET_SessionId=secaffesgc303hfndtrgw1mw; path=/; HttpOnly
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Accept-Ranges
bytes bytes
Age
0 0
Content-Length
19938
Date
Thu, 23 Aug 2018 23:47:42 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19138-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1535068062.955035,VS0,VE553
Vary
Accept-Encoding

Redirect headers

Date
Thu, 23 Aug 2018 23:47:41 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
280
Connection
keep-alive
Set-Cookie
aliyungf_tc=AQAAAI/08hXCqgoA/i37lBReclx80+CU; Path=/; HttpOnly
Server
nginx
Location
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
jquery.min.js
cdn.jsdelivr.net/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:5714 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cache
HIT, HIT
status
200
content-length
33793
x-served-by
cache-ams4136-AMS, cache-fra19140-FRA
timing-allow-origin
*
server
cloudflare
etag
"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
44f1773ebb1563a3-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
cff4686dc7e0e3878fce51018c4afe69cf7a3a9957f9d906f3e572af275aab2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27216
x-xss-protection
1; mode=block
server
cafe
etag
16279746278503256777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Aug 2018 23:47:43 GMT
oShowz.txt
raw.githubusercontent.com/onorm/Up/master/ 		808 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/onorm/Up/master/oShowz.txt?88255125
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
d1d06ef6078016333c902763fe8f3b4612a37fe345a7ed54c758fa7551497af0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
216ee10279502f1cede5ba3474b40ac794a3d615
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
212
ETag
"aa5f3e4f6a0f150fdbafeff3361f2f5d9efdfdde"
X-Served-By
cache-fra19123-FRA
X-Geo-Block-List
X-GitHub-Request-Id
8838:69CB:198C5:1C21C:5B7F479E
X-Timer
S1535068063.074352,VS0,VE91
X-Frame-Options
deny
Date
Thu, 23 Aug 2018 23:47:43 GMT
Source-Age
0
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Thu, 23 Aug 2018 23:52:43 GMT
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/ 		35 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/video-js.min.css
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7c27b219ef1c4b8e672bf3ce1f4f192235bf83b8d81c44c55a0a06f3f9c736
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 26 Jul 2018 20:45:50 GMT
server
cloudflare
etag
W/"5b5a32fe-8aa0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
44f177422be59738-FRA
expires
Tue, 13 Aug 2019 23:47:43 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/ 		471 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/video.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a19405088f969aecf491b8b729f0d9dbc87dac4f6092a9e8a0d883075ff2979
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.004
last-modified
Thu, 26 Jul 2018 20:45:50 GMT
server
cloudflare
etag
W/"5b5a32fe-75c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
44f177422be69738-FRA
expires
Tue, 13 Aug 2019 23:47:43 GMT
videojs-contrib-hls.min.js
cdnjs.cloudflare.com/ajax/libs/videojs-contrib-hls/5.14.1/ 		227 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/videojs-contrib-hls/5.14.1/videojs-contrib-hls.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e01d2473096e9ebafb493d80dce879d677d52f4bb5715df39c46de4ab7466b0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.009
last-modified
Thu, 17 May 2018 09:26:37 GMT
server
cloudflare
etag
W/"5afd4acd-38b13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
44f177422be89738-FRA
expires
Tue, 13 Aug 2019 23:47:43 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=0rr32d.global.ssl.fastly.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=0rr32d.global.ssl.fastly.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-9887006928691465.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		471 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-9887006928691465.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fa2dc680d1539f29a606b5ad3ddb03e4770e6a0a62a97996a194be2e51dfd2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 21:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Aug 2018 01:04:18 GMT
server
sffe
age
7797
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
232
x-xss-protection
1; mode=block
expires
Fri, 24 Aug 2018 09:37:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180820/r20180604/ Frame 4CCC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180820/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180820/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6915712C6E0F76C51882315E6EB638CF
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 21 Aug 2018 05:51:58 GMT
expires
Tue, 04 Sep 2018 05:51:58 GMT
content-type
text/html; charset=UTF-8
etag
15840095812326030575
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6941
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
237345
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/ Frame 3FD8 		190 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7cedf05ee2accb91776cca40a3434536d1049741ac51c7756c7865ee95307648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
71982
x-xss-protection
1; mode=block
server
cafe
etag
11381798742267309166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Aug 2018 23:47:43 GMT
a6bf1558-b7b3-4d28-a07e-ba5f1b2a46db
https://0rr32d.global.ssl.fastly.net/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://0rr32d.global.ssl.fastly.net/a6bf1558-b7b3-4d28-a07e-ba5f1b2a46db
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/video.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
1184
date
Thu, 23 Aug 2018 23:27:59 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Fri, 24 Aug 2018 01:27:59 GMT
oo.aspx
d1kw8twmbo353b.cloudfront.net/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_ooshow&ag=okHead&sign=cf23686d4e1cc9c615ef007f04957317365ef364
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-171.fra56.r.cloudfront.net
Software
/
Resource Hash
2251be9f296fb57faaf0127f1e27b8fdf1cd1d8ea10d09759b67875fe96dbeb9

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
ny8g7GGtssNUxNAX-ld25GSMssXaBs6F5tSnYRVZ2OsgwCC4rJFp3w==
via
1.1 9740f884e58cfb465c19a8a2b144f34f.cloudfront.net (CloudFront)
ads
googleads.g.doubleclick.net/pagead/ Frame DE89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1535068063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535068063101&bpp=9&bdt=591&fdt=12&idt=95&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&correlator=662441782996&frm=20&pv=2&ga_vid=1416547390.1535068063&ga_sid=1535068063&ga_hid=777243856&ga_fc=0&iag=0&icsg=35488&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=8aSul9YPcm&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1535068063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535068063101&bpp=9&bdt=591&fdt=12&idt=95&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&correlator=662441782996&frm=20&pv=2&ga_vid=1416547390.1535068063&ga_sid=1535068063&ga_hid=777243856&ga_fc=0&iag=0&icsg=35488&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=8aSul9YPcm&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=116
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6915712C6E0F76C51882315E6EB638CF
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Aug 2018 23:47:43 GMT
server
cafe
cache-control
private
content-length
386
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Fri, 24-Aug-2018 00:02:43 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 23 Aug 2018 23:47:43 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
8503fcb9a242a188721b8682b2dd39d1549bf4d466df791a80a63769342181d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 Aug 2018 05:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238005
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26406
x-xss-protection
1; mode=block
server
cafe
etag
7551003021869209732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Sep 2018 05:40:58 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/ Frame 8476 		190 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7cedf05ee2accb91776cca40a3434536d1049741ac51c7756c7865ee95307648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
71982
x-xss-protection
1; mode=block
server
cafe
etag
11381798742267309166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Aug 2018 23:47:43 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 23EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1535068063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535068063113&bpp=6&bdt=603&fdt=115&idt=116&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=662441782996&frm=20&pv=1&ga_vid=1416547390.1535068063&ga_sid=1535068063&ga_hid=777243856&ga_fc=0&iag=0&icsg=559776&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=eRyplFz299&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180820/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1535068063&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1535068063113&bpp=6&bdt=603&fdt=115&idt=116&shv=r20180820&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=662441782996&frm=20&pv=1&ga_vid=1416547390.1535068063&ga_sid=1535068063&ga_hid=777243856&ga_fc=0&iag=0&icsg=559776&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226401&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=eRyplFz299&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=121
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6915712C6E0F76C51882315E6EB638CF
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Aug 2018 23:47:43 GMT
server
cafe
cache-control
private
content-length
384
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Fri, 24-Aug-2018 00:02:43 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 23 Aug 2018 23:47:43 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=777243856&t=pageview&_s=1&dl=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1416547390.1535068063&jid=881796468&_gid=1474399391.1535068063&gjid=1813780902&_v=j68&z=673521415
35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1416547390.1535068063&jid=881796468&_gid=1474399391.1535068063&gjid=1813780902&_v=j68&z=673521415
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c0c::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Aug 2018 23:47:43 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Aug 2018 23:47:43 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1416547390.1535068063&jid=881796468&_gid=1474399391.1535068063&gjid=1813780902&_v=j68&z=673521415
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
oo.aspx
d1kw8twmbo353b.cloudfront.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_ooshow&ag=ogFoot&from=Email-web&tag=35991885&sign=cf23686d4e1cc9c615ef007f04957317365ef364
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-171.fra56.r.cloudfront.net
Software
/
Resource Hash
17a219f1bf472bfdcbcc999e84fc77594d26b0701773b532ae3e29bc07da4677

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:43 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
6v6Z1ZZbH8uwRzRfoGaYa_ouw8BPacqVzOrNSpuNkqsmr6IPxxsroQ==
via
1.1 9740f884e58cfb465c19a8a2b144f34f.cloudfront.net (CloudFront)
oGate.png
raw.githubusercontent.com/opipe/Up/master/A/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/opipe/Up/master/A/oGate.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
df7657d68bf3516e6fcb8ca6bbdeeea5f4497fa8af918875e9eb90714968b6cc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
9d719f9cee2ca348a32d8b37016999b5221f1407
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
HIT
X-Cache-Hits
1
Connection
keep-alive
Content-Length
7480
ETag
"2a4235ecb3129c2a7b8a97608822d53eddbd9a25"
X-Served-By
cache-fra19127-FRA
X-GitHub-Request-Id
0864:3376:2DA05:31C9C:5B7F4799
X-Timer
S1535068064.017568,VS0,VE0
X-Frame-Options
deny
Date
Thu, 23 Aug 2018 23:47:44 GMT
Source-Age
7
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Thu, 23 Aug 2018 23:52:44 GMT
ogHead.jpg
raw.githubusercontent.com/opipe/Up/master/A/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/opipe/Up/master/A/ogHead.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9a6af060cc89302f579f527a01b5efa3ea9cc20f783e7833ff1cb00db7530dcb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
a691e54b08b6651887c9741f810da28838b1fe22
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
HIT
X-Cache-Hits
1
Connection
keep-alive
Content-Length
145092
ETag
"f7f243ce8ab4be77f959e727f4b5a9c01ec9ca0a"
X-Served-By
cache-fra19127-FRA
X-GitHub-Request-Id
2060:1DFA:6C37D:70C26:5B7F4799
X-Timer
S1535068064.024272,VS0,VE0
X-Frame-Options
deny
Date
Thu, 23 Aug 2018 23:47:44 GMT
Source-Age
7
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Thu, 23 Aug 2018 23:52:44 GMT
oo.aspx
d1kw8twmbo353b.cloudfront.net/
Redirect Chain
  • https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365ef364
  • https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-171.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:44 GMT
via
1.1 9740f884e58cfb465c19a8a2b144f34f.cloudfront.net (CloudFront)
status
302
location
oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
content-length
221
x-amz-cf-id
Y58PAoX6uyTBzS4o3TuLLVZP83Tj-NqIVzlV1Ctv3Go3DmKjOKFXiA==

Redirect headers

date
Thu, 23 Aug 2018 23:47:44 GMT
via
1.1 9740f884e58cfb465c19a8a2b144f34f.cloudfront.net (CloudFront)
status
302
location
oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
content-length
221
x-amz-cf-id
Y58PAoX6uyTBzS4o3TuLLVZP83Tj-NqIVzlV1Ctv3Go3DmKjOKFXiA==
oo.aspx
d1kw8twmbo353b.cloudfront.net/ 		61 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-171.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
text/plain, */*; q=0.01
X-DevTools-Emulate-Network-Conditions-Client-Id
6915712C6E0F76C51882315E6EB638CF
Origin
https://0rr32d.global.ssl.fastly.net
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:44 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
yh_PNNE3-ek3HW97ZBlAq7nhknhMcZ5kygpZahzrHMoCmvd8h5Vx6Q==
via
1.1 9740f884e58cfb465c19a8a2b144f34f.cloudfront.net (CloudFront)
Primary Request oo.aspx
d1kw8twmbo353b.cloudfront.net/
Redirect Chain
  • https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=cf23686d4e1cc9c615ef007f04957317365ef364
  • https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
61 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-142.fra56.r.cloudfront.net
Software
/
Resource Hash
d773834d96b3afe076bb4aa04ab8cb0a7ccd240ba4913a0e8c4a8132e41fd2d4

Request headers

:method
GET
:authority
d1kw8twmbo353b.cloudfront.net
:scheme
https
:path
/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885
accept-encoding
gzip, deflate
cookie
ASP.NET_SessionId=nearceozveyijnqgpwh310cd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6915712C6E0F76C51882315E6EB638CF
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=r816728&key=kihgcsa2&from=Email-web&tag=35991885

Response headers

status
200
content-type
text/html; charset=utf-8
vary
Accept-Encoding
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
private
date
Thu, 23 Aug 2018 23:47:45 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 63db28734e1b9429c04087abd41a1692.cloudfront.net (CloudFront)
x-amz-cf-id
WQowZwOwQKTzc3wsNKWBl7HyjdIe_6uW-g0DX8mQUWwne0uZgq9Vmg==

Redirect headers

status
302
content-type
text/html; charset=utf-8
content-length
221
location
oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
private
date
Thu, 23 Aug 2018 23:47:45 GMT
set-cookie
ASP.NET_SessionId=nearceozveyijnqgpwh310cd; path=/; HttpOnly
x-cache
Miss from cloudfront
via
1.1 63db28734e1b9429c04087abd41a1692.cloudfront.net (CloudFront)
x-amz-cf-id
XtaTBxBe3uiWpKcMVfB_njDWKyXL3BPho-zJXLCKXKiFcw8-64NHxQ==
oo.aspx
d1kw8twmbo353b.cloudfront.net/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F220%2Floc%2Fimages%2Fglobal5.css
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-142.fra56.r.cloudfront.net
Software
/
Resource Hash
17dd7dea5e9641107c6b3a5fb393deff66c25d85369e3c2c524127365dc9dc32

Request headers

:path
/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F220%2Floc%2Fimages%2Fglobal5.css
pragma
no-cache
cookie
ASP.NET_SessionId=nearceozveyijnqgpwh310cd
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
d1kw8twmbo353b.cloudfront.net
referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
:scheme
https
:method
GET
Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:45 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
ti6sS0jDZoF6XCc6X_mnxhpkPejoZ20q9cHkMS7c5Zl2C_4XZ3uFAQ==
via
1.1 63db28734e1b9429c04087abd41a1692.cloudfront.net (CloudFront)
jquery.min.js
cdn.jsdelivr.net/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:5714 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-cache
HIT, HIT
status
200
content-length
33793
x-served-by
cache-ams4136-AMS, cache-fra19140-FRA
timing-allow-origin
*
server
cloudflare
etag
"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
44f17754696663a3-FRA
oo.aspx
d1kw8twmbo353b.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.158.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-142.fra56.r.cloudfront.net
Software
/
Resource Hash
12634d1b1307244e383bdcd869dc0754ab77b9dacdd506400f0cf187da16204f

Request headers

:path
/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
pragma
no-cache
cookie
ASP.NET_SessionId=nearceozveyijnqgpwh310cd
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
d1kw8twmbo353b.cloudfront.net
referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
:scheme
https
:method
GET
Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:45 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
CiOQp8OKgUfbBBnbTgoG-A84yR-rV1lblA-FcqilJUsb2aM5hYDngA==
via
1.1 63db28734e1b9429c04087abd41a1692.cloudfront.net (CloudFront)
MNV3s_JEt2.png
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976tDDD.ANpbc3PD3pb.VNv/sNV/Pv3buR/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976tDDD.ANpbc3PD3pb.VNv/sNV/Pv3buR/MNV3s_JEt2.png
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
bec1335031e588df78ce1bc5f0361ec161327d5590fc27b2d49ace451288953a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:39 GMT
Last-Modified
Tue, 17 Jul 2018 13:47:06 GMT
Server
Apache
Age
38647
ETag
"a79488-2e12-2e800a80"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11794
Expires
Thu, 06 Sep 2018 13:03:39 GMT
xv_PAj.png
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976FYYY.q5EATLsYLEA.B5C/45B/sCLAny/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976FYYY.q5EATLsYLEA.B5C/45B/sCLAny/xv_PAj.png
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
93e8935c30b890b403db343d6567541cd9c737748097a49bd4e11cb814a4f7bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Wed, 01 Mar 2017 08:54:42 GMT
Server
Apache
Age
38646
ETag
"a7ba23-e5c-769e3880"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3676
Expires
Thu, 06 Sep 2018 13:03:40 GMT
98_tUH0.png
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba539764VVV.zeoUy0FV0oU.meH/gem/FH0ULb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba539764VVV.zeoUy0FV0oU.meH/gem/FH0ULb/98_tUH0.png
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
73e3d2fd0a887baa7233b659c59ee421c2a24a06d4f5c31ee89e1e4740de2c0b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Wed, 01 Mar 2017 08:54:42 GMT
Server
Apache
Age
38646
ETag
"a7c1be-e67-769e3880"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3687
Expires
Thu, 06 Sep 2018 13:03:40 GMT
QaPPEJ4KP.jpg
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976grrr.paJqbM4rMJq.QaP/7aQ/4PMq0K/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976grrr.paJqbM4rMJq.QaP/7aQ/4PMq0K/QaPPEJ4KP.jpg
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
da7371ef02e19463b6993c8ca45b4416c4cfc160f38d4edd5faa57302258d5d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Mon, 27 Nov 2017 19:42:34 GMT
Server
Apache
Age
38647
ETag
"a79202-58ad-1a907e80"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22701
Expires
Thu, 06 Sep 2018 13:03:40 GMT
zoOg2DBo.jpg
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba539767BBB.OXDzK2gB2Dz.fXt/dXf/gt2zMA/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba539767BBB.OXDzK2gB2Dz.fXt/dXf/gt2zMA/zoOg2DBo.jpg
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
9f0eb95d005f028fcf89c6e873d564032324966ece6b962217577cd1df8c1924

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Fri, 13 Oct 2017 03:54:15 GMT
Server
Apache
Age
38647
ETag
"a79142-6842-9c42c7c0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26690
Expires
Thu, 06 Sep 2018 13:03:40 GMT
Gcwse7S6-d8duTd.jpg
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976dmmm.ES6pAw7mw6p.GSs/ISG/7swp2U/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976dmmm.ES6pAw7mw6p.GSs/ISG/7swp2U/Gcwse7S6-d8duTd.jpg
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
3bea924920206fd67b045b5b64ac4c151bb13cc0b9fd3ee6fc1bb06af8002ec3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Fri, 13 Oct 2017 03:54:15 GMT
Server
Apache
Age
38647
ETag
"a7912f-8a91-9c42c7c0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35473
Expires
Thu, 06 Sep 2018 13:03:40 GMT
oWYiw.jpg
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976IQQQ.ohYOUWdQWYO.ihF/uhi/dFWOwq/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976IQQQ.ohYOUWdQWYO.ihF/uhi/dFWOwq/oWYiw.jpg
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
75ae726a7aae89cb7fd13ba84aa43d63c0c50c6b10c1b413fdb3d519dc7d0af0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Wed, 23 Nov 2016 03:26:25 GMT
Server
Apache
Age
38647
ETag
"a7c1b9-a088-74231a40"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41096
Expires
Thu, 06 Sep 2018 13:03:40 GMT
q6IJZVE.png
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976ufff.JvVEqZIfZVE.1v4/3v1/I4ZEWz/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976ufff.JvVEqZIfZVE.1v4/3v1/I4ZEWz/q6IJZVE.png
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
544c8004499639b47998504ea6fb988ab864773b2fbe80e3de423a5ae5ee9e17

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Sun, 20 Jul 2014 16:38:49 GMT
Server
Apache
Age
38647
ETag
"a7ba5d-126f-9ffa9840"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4719
Expires
Thu, 06 Sep 2018 13:03:40 GMT
0Suro.png
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba539763GGG.D8rozcuGcro.l8g/n8l/ugcoZp/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba539763GGG.D8rozcuGcro.l8g/n8l/ugcoZp/0Suro.png
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
b234534878a2d9e11052313e2ce55372a0752e7d3165e9b6cccfc784da59dca5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Fri, 04 Jul 2008 15:27:34 GMT
Server
Apache
Age
38646
ETag
"a7b9e5-43ec-5d66a580"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17388
Expires
Thu, 06 Sep 2018 13:03:40 GMT
p3RBp3kCCWO.png
36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976niii.6CBJpR3iRBJ.xC7/LCx/37RJcO/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.229.117.193/hp22544d72d85658ce16b21660381b8b644ba53976niii.6CBJpR3iRBJ.xC7/LCx/37RJcO/p3RBp3kCCWO.png
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.229.117.193 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-229-117-193.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
1de9272d0960719fb1fc8b2d8c3ff205de41636d412db53226df6e0fa1c62c2f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 13:03:40 GMT
Last-Modified
Wed, 28 May 2014 21:30:59 GMT
Server
Apache
Age
38647
ETag
"a7ba2e-3c2e-87424ac0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
Expires
Thu, 06 Sep 2018 13:03:40 GMT
oGate.jpg
raw.githubusercontent.com/opipe/Up/master/Tools/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/opipe/Up/master/Tools/oGate.jpg
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
fd3ca4b2771dc70f499e6f0469096250e9ca4f439d6c8feaa3e9d0a66afa4dfe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
267bbb5227d1306525dca2db588387d8f5f2efc5
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
7877
ETag
"60305ebdf358846aaf2aad46a4ad4df20e75f63e"
X-Served-By
cache-fra19127-FRA
X-GitHub-Request-Id
2AE2:0D60:165A2:1863A:5B7F47A2
X-Timer
S1535068067.535159,VS0,VE120
X-Frame-Options
deny
Date
Thu, 23 Aug 2018 23:47:46 GMT
Source-Age
0
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Thu, 23 Aug 2018 23:52:46 GMT
gpt.js
www.googletagservices.com/tag/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dc51ebfab0a4b4a8144f6467bcb608d6f79aec2c270bf5cea872b94c945638ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"8 / 577 of 1000 / last-modified: 1535039776"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7799
x-xss-protection
1; mode=block
expires
Thu, 23 Aug 2018 23:47:46 GMT
U9sBBt9_J2_f9sT2t.jpg
36.237.122.157/hp22544d72d85658ce16b21660381b8b644ba53976XUUU.WfT2nsaUsT2.pfN/Sfp/aNs2tL/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.237.122.157/hp22544d72d85658ce16b21660381b8b644ba53976XUUU.WfT2nsaUsT2.pfN/Sfp/aNs2tL/U9sBBt9_J2_f9sT2t.jpg
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.237.122.157 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-237-122-157.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
50d450a0b9020ae027ebd16cc43357d44edfcea5b9e4f7f0a0d5b4185303ec5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 11:05:49 GMT
Last-Modified
Tue, 22 Mar 2011 01:15:54 GMT
Server
Apache
Age
45717
ETag
"a7ba3a-46c2-fc572680"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18114
Expires
Thu, 06 Sep 2018 11:05:49 GMT
ANc.gif
36.237.122.157/hp22544d72d85658ce16b21660381b8b644ba53976tDDD.ANpbc3PD3pb.VNv/sNV/Pv3buR/ 		45 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.237.122.157/hp22544d72d85658ce16b21660381b8b644ba53976tDDD.ANpbc3PD3pb.VNv/sNV/Pv3buR/ANc.gif
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.237.122.157 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-237-122-157.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
393be6a9918a4d36d4a7074444e02eaa4ceb2fc3b2390dd761c491e24c33b321

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 11:05:50 GMT
Last-Modified
Tue, 01 Jul 2008 19:18:19 GMT
Server
Apache
Age
45716
ETag
"a7ba01-2d-3d1a74c0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45
Expires
Thu, 06 Sep 2018 11:05:50 GMT
M1f_I4gR4k_1kgKZ4.png
36.237.122.157/hp22544d72d85658ce16b21660381b8b644ba53976vppp.R1KZMghpgKZ.o1e/81o/hegZ42/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.237.122.157/hp22544d72d85658ce16b21660381b8b644ba53976vppp.R1KZMghpgKZ.o1e/81o/hegZ42/M1f_I4gR4k_1kgKZ4.png
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.237.122.157 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-237-122-157.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
052939f0169df7aa01ecb1edfccd179af337a33de6859072506a4d66f115e652

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 11:05:49 GMT
Last-Modified
Tue, 22 Mar 2011 01:07:10 GMT
Server
Apache
Age
45717
ETag
"a7ba33-79bd-dd1b8b80"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31165
Expires
Thu, 06 Sep 2018 11:05:49 GMT
DRLLGy_DhRsU.gif
36.237.122.157/hp22544d72d85658ce16b21660381b8b644ba53976Sqqq.ZGywLFXqFyw.OGk/hGO/XkFws0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://36.237.122.157/hp22544d72d85658ce16b21660381b8b644ba53976Sqqq.ZGywLFXqFyw.OGk/hGO/XkFws0/DRLLGy_DhRsU.gif
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
HTTP/1.1
Server
36.237.122.157 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
36-237-122-157.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
094b67d2a2aeafee95e78f19b6cfb06546d7a80850b91c3c4ae04ade9ac2b99e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 Aug 2018 11:05:49 GMT
Last-Modified
Wed, 20 Aug 2008 15:07:16 GMT
Server
Apache
Age
45717
ETag
"a7b9f2-d52-8f581100"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3410
Expires
Thu, 06 Sep 2018 11:05:49 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
1187
date
Thu, 23 Aug 2018 23:27:59 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Fri, 24 Aug 2018 01:27:59 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d1kw8twmbo353b.cloudfront.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Aug 2018 23:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d1kw8twmbo353b.cloudfront.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Aug 2018 23:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_241.js
securepubads.g.doubleclick.net/gpt/ 		184 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
7eeb03b3f1cb34afb42020d0c4dac55a1323d2e92eddcca1f383db218aacd1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Aug 2018 13:58:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
65033
x-xss-protection
1; mode=block
expires
Thu, 23 Aug 2018 23:47:46 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1586984219&t=pageview&_s=1&dl=https%3A%2F%2Fd1kw8twmbo353b.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f0495...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=275376041.1535068067&jid=909300157&_gid=72814554.1535068067&gjid=135786145&_v=j68&z=967565202
35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=275376041.1535068067&jid=909300157&_gid=72814554.1535068067&gjid=135786145&_v=j68&z=967565202
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c0c::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Aug 2018 23:47:46 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Aug 2018 23:47:46 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=275376041.1535068067&jid=909300157&_gid=72814554.1535068067&gjid=135786145&_v=j68&z=967565202
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
414
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		489 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3697822197162864&correlator=3041553568421790&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&vrg=241&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=37445998%2CDongtaiwang_frontpage_native_text_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x25%7C300x25&cookie_enabled=1&bc=7&abxe=1&lmt=1535068066&dt=1535068066744&dlt=1535068065977&idt=751&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=2057630717&gut=v2&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fd1kw8twmbo353b.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957317365ef364%26ag%3Dhttp%3A%2F%2F220%2F&ref=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&dssz=19&icsg=2282&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x-1&msz=250x-1&ga_vid=275376041.1535068067&ga_sid=1535068067&ga_hid=1586984219&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
f67e37efc637572c007ed697dc6ce51e6364e644da78135e9c99fcb966bce4ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Origin
https://d1kw8twmbo353b.cloudfront.net

Response headers

date
Thu, 23 Aug 2018 23:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
351
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d1kw8twmbo353b.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_241.js
securepubads.g.doubleclick.net/gpt/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_241.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
sffe /
Resource Hash
881bc3379b41db1b97e81932c8c0189952837c2733011c03c80e3295e061e4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Aug 2018 13:58:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16634
x-xss-protection
1; mode=block
expires
Thu, 23 Aug 2018 23:47:46 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires
Sat, 17 Aug 2019 12:59:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
content-type
text/html
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3697822197162864&correlator=3041553568421790&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&vrg=241&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=37445998%2CDongtaiwang_frontpage_native_text_2%2CDongtaiwang_frontpage_native_text_3%2CDongtaiwang_frontpage_native_text_4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x25%2C300x25%2C300x25&cookie_enabled=1&bc=7&abxe=1&lmt=1535068066&dt=1535068066764&dlt=1535068065977&idt=751&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C0%2C0&adys=0%2C0%2C0&adks=769640528%2C3546408455%2C2299917106&gut=v2&ifi=3&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fd1kw8twmbo353b.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957317365ef364%26ag%3Dhttp%3A%2F%2F220%2F&ref=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&dssz=20&icsg=35050&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x-1%7C340x-1%7C340x-1&msz=300x-1%7C300x-1%7C300x-1&ga_vid=275376041.1535068067&ga_sid=1535068067&ga_hid=1586984219&fws=4%2C4%2C4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
75d044c0afa70ac1aa5038cbe91b1c94ec607ab4c43c4fb3a8ba4ebf1c2e8968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Origin
https://d1kw8twmbo353b.cloudfront.net

Response headers

date
Thu, 23 Aug 2018 23:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2537
x-xss-protection
1; mode=block
google-lineitem-id
4572498669,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138224736366,-2,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d1kw8twmbo353b.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		476 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3697822197162864&correlator=3041553568421790&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fifs&adsid=NT&json_a=1&vrg=241&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=37445998%2CDongtaiwang_frontpage_native_text_5&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x25&cookie_enabled=1&bc=7&abxe=1&lmt=1535068066&dt=1535068066775&dlt=1535068065977&idt=751&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=1488856244&gut=v2&ifi=7&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fd1kw8twmbo353b.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3Dcf23686d4e1cc9c615ef007f04957317365ef364%26ag%3Dhttp%3A%2F%2F220%2F&ref=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dkihgcsa2%26from%3DEmail-web%26tag%3D35991885&dssz=20&icsg=35050&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x-1&msz=300x-1&ga_vid=275376041.1535068067&ga_sid=1535068067&ga_hid=1586984219&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
1845b818dd47a393299d49a125fa994cc34aae2c209390112b0c6749250373bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Origin
https://d1kw8twmbo353b.cloudfront.net

Response headers

date
Thu, 23 Aug 2018 23:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
342
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d1kw8twmbo353b.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180820/r20110914/activeview/ Frame A674 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180820/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
d846246696c06289b344f18538990a5ed07c9ddb8e4da5638a909e08dfc8b19a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 20 Aug 2018 22:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26453
x-xss-protection
1; mode=block
server
cafe
etag
17101195751394620809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Sep 2018 22:10:54 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_241.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
8503fcb9a242a188721b8682b2dd39d1549bf4d466df791a80a63769342181d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 Aug 2018 23:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
883
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26406
x-xss-protection
1; mode=block
server
cafe
etag
7551003021869209732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Aug 2018 00:33:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A674 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM3EKML9hZBopYdFTgVYJxDbyxH-yzmbdzABNe8PzSYoPdHN1y90TS2YnQb6kAT7joqvcy_otL2ZYBWQCzaqvBJI2q_z4T_C6eXbWAuUZmDW_sLo6f-nzta6Tm7whKnZVoztBXAzxYUJkpOKsq-q2M4sDaprr-yyIm7wRWqRIvNcM88jvhzVwwY57VBMP5l_zSI4WxGR4RsX3jc97U_oQyKef2H83q63nOZUVoN7cad4MuhOEeWLleCUDu9XuZKTAYd-wJQU2yBfbMpoEtJJx_CRfLpq43A1UGkBeMrVN2IDOhobeG1O65zgVR8LkJoKFrAtqeGTgWKwrTpKHoiw&sai=AMfl-YQ_Pitt4Y4c5mW-9dn3Bec3XN7G_78Tff8g2umC62sDs357Tthjee_FOQ8PX1v4hxZo64joMeJpNxNYox6BzgId9VhLtqrMf2XB_uaM&sig=Cg0ArKJSzMuvNnOVN_03EAE&urlfix=1&adurl=
Requested by
Host: d1kw8twmbo353b.cloudfront.net
URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
cache-control
private
expires
Thu, 23 Aug 2018 23:47:46 GMT
truncated
/ Frame A674 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59e701079ec9cf2114903d73aec72ed34a5fcdcbf345ec140883c2f51c25189e

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame A674 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVAJYzeblaP-rBSV-AvCsN7ANZXyWEMAywmv-nrCVCcx5aXdh-ltcDfueUD8d_M7UBwAJEHKICLD529Dvfw_EpbNkr34AfD4Y&sig=Cg0ArKJSzGX1Z3H0Et7SEAE&adk=769640528&tt=164&bs=1585%2C1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&p=889,313,914,613&xza=1&mza=1&mcvt=1011&rs=3&ht=0&tfs=23&tls=1034&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1535068066823&rpt=38&ioa=1&bos=1600%2C1200&ps=1585%2C1534&ss=1600%2C1200&pt=870&deb=1-1-1-5-12-12-84-10&tvt=1024&op=1&r=v&srmi=1&id=osdim&ti=1&uc=83&tgt=BODY&cl=1&cec=6&clc=0&cac=0&cd=300x25&v=r20180820
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Aug 2018 23:47:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| googletag function| chkplayer object| qr_fgp object| qr_fgma function| reset_qr string| GoogleAnalyticsObject function| ga object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| gaplugins object| gaGlobal object| gaData object| GPT_jstiming object| closure_memoize_cache_ undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

4 Cookies

Domain/Path Name / Value
.d1kw8twmbo353b.cloudfront.net/ Name: _gid
Value: GA1.3.72814554.1535068067
.d1kw8twmbo353b.cloudfront.net/ Name: _ga
Value: GA1.3.275376041.1535068067
.d1kw8twmbo353b.cloudfront.net/ Name: _gat
Value: 1
d1kw8twmbo353b.cloudfront.net/ Name: ASP.NET_SessionId
Value: nearceozveyijnqgpwh310cd

2 Console Messages

Source Level URL
Text
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/video.js/7.2.0/video.min.js(Line 12)
Message:
VIDEOJS:
console-api log URL: https://d1kw8twmbo353b.cloudfront.net/oo.aspx?name=get_oopipe&sign=cf23686d4e1cc9c615ef007f04957317365ef364&ag=http://220/(Line 315)
Message:
removing player

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0rr32d.global.ssl.fastly.net
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
cdnjs.cloudflare.com
d1kw8twmbo353b.cloudfront.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
raw.githubusercontent.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.cn
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
116.211.169.137
13.32.158.142
13.32.158.171
151.101.12.133
151.101.13.194
216.58.206.2
2400:cb00:2048:1::6810:5714
2400:cb00:2048:1::6813:c597
2a00:1450:4001:80b::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:821::2001
2a00:1450:4001:825::2002
2a00:1450:400c:c0c::9b
36.229.117.193
36.237.122.157
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
052939f0169df7aa01ecb1edfccd179af337a33de6859072506a4d66f115e652
071219cf2bf4e18b792bdd8e79fc4db90dc39fb1a33ed76c835a90446a561056
094b67d2a2aeafee95e78f19b6cfb06546d7a80850b91c3c4ae04ade9ac2b99e
12634d1b1307244e383bdcd869dc0754ab77b9dacdd506400f0cf187da16204f
17a219f1bf472bfdcbcc999e84fc77594d26b0701773b532ae3e29bc07da4677
17dd7dea5e9641107c6b3a5fb393deff66c25d85369e3c2c524127365dc9dc32
1845b818dd47a393299d49a125fa994cc34aae2c209390112b0c6749250373bb
1de9272d0960719fb1fc8b2d8c3ff205de41636d412db53226df6e0fa1c62c2f
2251be9f296fb57faaf0127f1e27b8fdf1cd1d8ea10d09759b67875fe96dbeb9
393be6a9918a4d36d4a7074444e02eaa4ceb2fc3b2390dd761c491e24c33b321
3bea924920206fd67b045b5b64ac4c151bb13cc0b9fd3ee6fc1bb06af8002ec3
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
50d450a0b9020ae027ebd16cc43357d44edfcea5b9e4f7f0a0d5b4185303ec5e
544c8004499639b47998504ea6fb988ab864773b2fbe80e3de423a5ae5ee9e17
59e701079ec9cf2114903d73aec72ed34a5fcdcbf345ec140883c2f51c25189e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
73e3d2fd0a887baa7233b659c59ee421c2a24a06d4f5c31ee89e1e4740de2c0b
75ae726a7aae89cb7fd13ba84aa43d63c0c50c6b10c1b413fdb3d519dc7d0af0
75d044c0afa70ac1aa5038cbe91b1c94ec607ab4c43c4fb3a8ba4ebf1c2e8968
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a19405088f969aecf491b8b729f0d9dbc87dac4f6092a9e8a0d883075ff2979
7cedf05ee2accb91776cca40a3434536d1049741ac51c7756c7865ee95307648
7eeb03b3f1cb34afb42020d0c4dac55a1323d2e92eddcca1f383db218aacd1bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8503fcb9a242a188721b8682b2dd39d1549bf4d466df791a80a63769342181d5
881bc3379b41db1b97e81932c8c0189952837c2733011c03c80e3295e061e4c2
93e8935c30b890b403db343d6567541cd9c737748097a49bd4e11cb814a4f7bc
9a6af060cc89302f579f527a01b5efa3ea9cc20f783e7833ff1cb00db7530dcb
9e01d2473096e9ebafb493d80dce879d677d52f4bb5715df39c46de4ab7466b0
9f0eb95d005f028fcf89c6e873d564032324966ece6b962217577cd1df8c1924
af7c27b219ef1c4b8e672bf3ce1f4f192235bf83b8d81c44c55a0a06f3f9c736
b234534878a2d9e11052313e2ce55372a0752e7d3165e9b6cccfc784da59dca5
bec1335031e588df78ce1bc5f0361ec161327d5590fc27b2d49ace451288953a
cff4686dc7e0e3878fce51018c4afe69cf7a3a9957f9d906f3e572af275aab2a
d1d06ef6078016333c902763fe8f3b4612a37fe345a7ed54c758fa7551497af0
d773834d96b3afe076bb4aa04ab8cb0a7ccd240ba4913a0e8c4a8132e41fd2d4
d846246696c06289b344f18538990a5ed07c9ddb8e4da5638a909e08dfc8b19a
da7371ef02e19463b6993c8ca45b4416c4cfc160f38d4edd5faa57302258d5d1
dc51ebfab0a4b4a8144f6467bcb608d6f79aec2c270bf5cea872b94c945638ef
df7657d68bf3516e6fcb8ca6bbdeeea5f4497fa8af918875e9eb90714968b6cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67e37efc637572c007ed697dc6ce51e6364e644da78135e9c99fcb966bce4ce
fa2dc680d1539f29a606b5ad3ddb03e4770e6a0a62a97996a194be2e51dfd2f7
fd3ca4b2771dc70f499e6f0469096250e9ca4f439d6c8feaa3e9d0a66afa4dfe