urlscan.io logo urlscan.io
SecurityTrails logo

d2rbq3do73esad.cloudfront.net Open in urlscan Pro
13.35.254.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.cn/EiockpJ
Effective URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/...
Submission: On April 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 58 HTTP transactions. The main IP is 13.35.254.155, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is d2rbq3do73esad.cloudfront.net.
TLS certificate: Issued by DigiCert Global CA G2 on October 8th 2018. Valid for: a year.
This is the only time d2rbq3do73esad.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 116.211.169.137 58563 (CHINATELE...)
1 151.101.1.194 54113 (FASTLY)
2 151.101.2.109 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 58.251.149.95 135061 (UNICOM-SH...)
1 151.101.0.133 54113 (FASTLY)
1 5 13.35.254.204 16509 (AMAZON-02)
19 118.166.67.117 3462 (HINET Dat...)
1 4 13.35.254.155 16509 (AMAZON-02)
1 151.101.192.133 54113 (FASTLY)
4 111.254.4.74 3462 (HINET Dat...)
4 216.58.207.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
58 16
1    116.211.169.137 (Wuhan, China)

ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)
t.cn
1    151.101.1.194 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
cwhytbdjpybhd.global.ssl.fastly.net
2    151.101.2.109 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
cdn.jsdelivr.net
5    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
4    2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
www.googletagservices.com
3    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
3    58.251.149.95 (Shenzhen, China)

ASN135061 (UNICOM-SHENZHEN-IDC China Unicom Guangdong IP network, CN)
PTR: reverse.gdsz.cncnet.net
cdn.bootcss.com
1    151.101.0.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
raw.githubusercontent.com
5    13.35.254.204 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-204.fra6.r.cloudfront.net
d2rbq3do73esad.cloudfront.net
19    118.166.67.117 (Hsinchu, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 118-166-67-117.dynamic-ip.hinet.net
hsoawvbm.248.goseek.xyz
hiacbxpr.248.goseek.xyz
4    13.35.254.155 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-155.fra6.r.cloudfront.net
d2rbq3do73esad.cloudfront.net
1    151.101.192.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
raw.githubusercontent.com
4    111.254.4.74 (Tainan, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 111-254-4-74.dynamic-ip.hinet.net
pvwuavwj.nsy.goside.xyz
4    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:818::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    2404:6800:4001:80e::2003 (Australia)

ASN15169 (GOOGLE - Google LLC, US)
csi.gstatic.com
Domain Requested by
11 hiacbxpr.248.goseek.xyz d2rbq3do73esad.cloudfront.net
9 d2rbq3do73esad.cloudfront.net 2 redirects cdn.jsdelivr.net
cwhytbdjpybhd.global.ssl.fastly.net
d2rbq3do73esad.cloudfront.net
8 hsoawvbm.248.goseek.xyz cwhytbdjpybhd.global.ssl.fastly.net
5 pagead2.googlesyndication.com cwhytbdjpybhd.global.ssl.fastly.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
4 pvwuavwj.nsy.goside.xyz d2rbq3do73esad.cloudfront.net
3 cdn.bootcss.com cwhytbdjpybhd.global.ssl.fastly.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 raw.githubusercontent.com cdn.jsdelivr.net
d2rbq3do73esad.cloudfront.net
2 www.googletagservices.com pagead2.googlesyndication.com
d2rbq3do73esad.cloudfront.net
2 adservice.google.com pagead2.googlesyndication.com
www.googletagservices.com
2 adservice.google.de pagead2.googlesyndication.com
www.googletagservices.com
2 cdn.jsdelivr.net cwhytbdjpybhd.global.ssl.fastly.net
d2rbq3do73esad.cloudfront.net
1 csi.gstatic.com pagead2.googlesyndication.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 cwhytbdjpybhd.global.ssl.fastly.net
1 t.cn 1 redirects
58 17

This site contains links to these domains. Also see Links.

Domain
hiacbxpr.248.goseek.xyz
Subject Issuer Validity Valid
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-01-02 -
2020-01-03		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-10-21 -
2019-04-27		 6 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.bootcss.com
Let's Encrypt Authority X3		 2019-02-09 -
2019-05-10		 3 months crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2017-03-23 -
2020-05-13		 3 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.248.goseek.xyz
Let's Encrypt Authority X3		 2019-03-21 -
2019-06-19		 3 months crt.sh
*.nsy.goside.xyz
Let's Encrypt Authority X3		 2019-03-21 -
2019-06-19		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Frame ID: 59759856D2807A14E5281D5F59E78844
Requests: 54 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Frame ID: 8EAF3D11E42E263C56F154819EE4F85D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190327/r20190131/zrt_lookup.html
Frame ID: 1A20FF36AED2FD65AF48D286FD6D1EF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1554240584&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcwhytbdjpybhd.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dakxpyhghkzcr%26from%3DEmail-web%26tag%3D52432336&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1554240583990&bpp=16&bdt=42&fdt=58&idt=56&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&correlator=320485045818&frm=20&pv=2&ga_vid=904325446.1554240584&ga_sid=1554240584&ga_hid=1754576329&ga_fc=0&iag=0&icsg=554&dssz=6&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2272079287&ifi=1&uci=1.9s1p7xxju89n&fsb=1&xpc=yOQYH115Ld&p=https%3A//cwhytbdjpybhd.global.ssl.fastly.net&dtd=78
Frame ID: 6505A113A6A995BAEB585ADDE1E1BAB2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=3612225798&w=1200&fwrn=4&fwrnh=100&lmt=1554240584&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcwhytbdjpybhd.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dakxpyhghkzcr%26from%3DEmail-web%26tag%3D52432336&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1554240584504&bpp=6&bdt=556&fdt=7&idt=-M&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=320485045818&frm=20&pv=1&ga_vid=904325446.1554240584&ga_sid=1554240584&ga_hid=1754576329&ga_fc=0&iag=0&icsg=10410&dssz=9&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2272079287&ifi=2&uci=2.cu39vx3bjlj0&fsb=1&xpc=5wjHlhzisP&p=https%3A//cwhytbdjpybhd.global.ssl.fastly.net&dtd=10
Frame ID: EF170CF2F1750307679F1C185426DBE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.cn/EiockpJ HTTP 302
    https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336 Page URL
  2. https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=2feb31403a85747149f32793deaad1ec8cd4... HTTP 302
    https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=htt... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

58
Requests

100 %
HTTPS

35 %
IPv6

14
Domains

17
Subdomains

16
IPs

5
Countries

1382 kB
Transfer

2570 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.cn/EiockpJ HTTP 302
    https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336 Page URL
  2. https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=2feb31403a85747149f32793deaad1ec8cd43f44 HTTP 302
    https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.cn/EiockpJ HTTP 302
  • https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Request Chain 26
  • https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=2feb31403a85747149f32793deaad1ec8cd43f44 HTTP 302
  • https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set oo.aspx
cwhytbdjpybhd.global.ssl.fastly.net/
Redirect Chain
  • http://t.cn/EiockpJ
  • https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
34 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
88e31e7b599e552b42d5cc9b1fd62db7758d8ff94820c1bde4f8b12802ecdefc

Request headers

Host
cwhytbdjpybhd.global.ssl.fastly.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Set-Cookie
ASP.NET_SessionId=zmhyganofdf0e2y4vni14cei; path=/; HttpOnly
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Accept-Ranges
bytes bytes
Age
0 0
Content-Length
35129
Date
Tue, 02 Apr 2019 21:29:43 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19126-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1554240583.365253,VS0,VE578

Redirect headers

Date
Tue, 02 Apr 2019 21:29:43 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
291
Connection
keep-alive
Set-Cookie
aliyungf_tc=AQAAAMwSpxoZ0QAAWhD+BTI772lKqmxC; Path=/; HttpOnly
Server
nginx
Location
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
jquery.min.js
cdn.jsdelivr.net/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 02 Apr 2019 21:29:43 GMT
content-length
33793
x-served-by
cache-ams21020-AMS, cache-fra19120-FRA
etag
W/"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		83 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5c34eab1f9644f69609cfe3f01de3481dcb9ef19e47357d989bbb1ae14e2598c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
31902
x-xss-protection
0
server
cafe
etag
4547307378320404790
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Apr 2019 21:29:43 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cwhytbdjpybhd.global.ssl.fastly.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cwhytbdjpybhd.global.ssl.fastly.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/ 		203 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3647cb4d72a5035b8d5580e571f570eb91c5e808b39493ca98139206db4ca28c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
77289
x-xss-protection
0
server
cafe
etag
14579856234811158707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Apr 2019 21:29:44 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/ Frame 8EAF 		203 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3647cb4d72a5035b8d5580e571f570eb91c5e808b39493ca98139206db4ca28c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
77289
x-xss-protection
0
server
cafe
etag
14579856234811158707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Apr 2019 21:29:44 GMT
ca-pub-9887006928691465.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		431 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-9887006928691465.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81c2b631558702c10d3f1ec7a8e0a4bb42f9492a734a54248d0275b9bd9f1bef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 19:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Apr 2019 19:23:32 GMT
server
sffe
age
7234
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
231
x-xss-protection
0
expires
Wed, 03 Apr 2019 07:29:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190327/r20190131/ Frame 1A20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190327/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190327/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 27 Mar 2019 22:10:13 GMT
expires
Wed, 10 Apr 2019 22:10:13 GMT
content-type
text/html; charset=UTF-8
etag
4425972840952340538
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6619
x-xss-protection
0
cache-control
public, max-age=1209600
age
515971
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ads
googleads.g.doubleclick.net/pagead/ Frame 6505 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1554240584&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcwhytbdjpybhd.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dakxpyhghkzcr%26from%3DEmail-web%26tag%3D52432336&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1554240583990&bpp=16&bdt=42&fdt=58&idt=56&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&correlator=320485045818&frm=20&pv=2&ga_vid=904325446.1554240584&ga_sid=1554240584&ga_hid=1754576329&ga_fc=0&iag=0&icsg=554&dssz=6&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2272079287&ifi=1&uci=1.9s1p7xxju89n&fsb=1&xpc=yOQYH115Ld&p=https%3A//cwhytbdjpybhd.global.ssl.fastly.net&dtd=78
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1554240584&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcwhytbdjpybhd.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dakxpyhghkzcr%26from%3DEmail-web%26tag%3D52432336&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1554240583990&bpp=16&bdt=42&fdt=58&idt=56&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&correlator=320485045818&frm=20&pv=2&ga_vid=904325446.1554240584&ga_sid=1554240584&ga_hid=1754576329&ga_fc=0&iag=0&icsg=554&dssz=6&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2272079287&ifi=1&uci=1.9s1p7xxju89n&fsb=1&xpc=yOQYH115Ld&p=https%3A//cwhytbdjpybhd.global.ssl.fastly.net&dtd=78
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Apr 2019 21:29:44 GMT
server
cafe
content-length
18607
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Apr-2019 21:44:44 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Tue, 02 Apr 2019 21:29:44 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
10e71de24e6718e3151b4e9601dc25f5f1151a1074a5010c8399e0439ce5a84f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1554125279408425"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29076
x-xss-protection
0
expires
Tue, 02 Apr 2019 21:29:44 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EF17 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=3612225798&w=1200&fwrn=4&fwrnh=100&lmt=1554240584&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcwhytbdjpybhd.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dakxpyhghkzcr%26from%3DEmail-web%26tag%3D52432336&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1554240584504&bpp=6&bdt=556&fdt=7&idt=-M&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=320485045818&frm=20&pv=1&ga_vid=904325446.1554240584&ga_sid=1554240584&ga_hid=1754576329&ga_fc=0&iag=0&icsg=10410&dssz=9&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2272079287&ifi=2&uci=2.cu39vx3bjlj0&fsb=1&xpc=5wjHlhzisP&p=https%3A//cwhytbdjpybhd.global.ssl.fastly.net&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190327/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=3612225798&w=1200&fwrn=4&fwrnh=100&lmt=1554240584&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fcwhytbdjpybhd.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dakxpyhghkzcr%26from%3DEmail-web%26tag%3D52432336&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1554240584504&bpp=6&bdt=556&fdt=7&idt=-M&shv=r20190327&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=320485045818&frm=20&pv=1&ga_vid=904325446.1554240584&ga_sid=1554240584&ga_hid=1754576329&ga_fc=0&iag=0&icsg=10410&dssz=9&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C21063245&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2272079287&ifi=2&uci=2.cu39vx3bjlj0&fsb=1&xpc=5wjHlhzisP&p=https%3A//cwhytbdjpybhd.global.ssl.fastly.net&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnM9qnR2LTa0QKwadHs3dfanCZf46QJHn_k9zF7mwLhw-K7PJtg8LmDcSlV; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Apr 2019 21:29:44 GMT
server
cafe
content-length
13483
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
video-js.min.css
cdn.bootcss.com/video.js/5.20.0/ 		38 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/video.js/5.20.0/video-js.min.css
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.251.149.95 Shenzhen, China, ASN135061 (UNICOM-SHENZHEN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
reverse.gdsz.cncnet.net
Software
NWSs /
Resource Hash
9baa64fcf1cd5463f08ae2f67beaf38163af4cb370ede51e293bac554663522b

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:47 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Thu, 17 May 2018 09:27:34 GMT
server
NWSs
access-control-allow-origin
*
content-type
text/css
status
200
cache-control
public, max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
2d11fb2e-b3ae-48c9-b25b-15448e771365
content-length
13038
expires
Thu, 02 May 2019 21:29:46 GMT
video.min.js
cdn.bootcss.com/video.js/5.20.0/ 		244 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/video.js/5.20.0/video.min.js
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.251.149.95 Shenzhen, China, ASN135061 (UNICOM-SHENZHEN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
reverse.gdsz.cncnet.net
Software
NWSs /
Resource Hash
9179755d90204a5f79ad81e199e49d5a502d2505b62d967898b5d8303f0b9441

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:47 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Thu, 17 May 2018 09:27:34 GMT
server
NWSs
access-control-allow-origin
*
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
b9c83ac7-0a13-475c-82a9-2d6d6727a46a
content-length
53478
expires
Thu, 02 May 2019 21:29:46 GMT
videojs-contrib-hls.min.js
cdn.bootcss.com/videojs-contrib-hls/5.15.0/ 		227 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/videojs-contrib-hls/5.15.0/videojs-contrib-hls.min.js
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.251.149.95 Shenzhen, China, ASN135061 (UNICOM-SHENZHEN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
reverse.gdsz.cncnet.net
Software
NWSs /
Resource Hash
22fee1d86825cc66a155c1e2747cdd801e7bd4aff6b9584e2c280e343e5fb38f

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:47 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Wed, 14 Nov 2018 23:15:53 GMT
server
NWSs
access-control-allow-origin
*
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
8fa5de61-701f-4260-8328-a99f5bdae16e
content-length
58299
expires
Thu, 02 May 2019 21:29:46 GMT
oShowz.txt
raw.githubusercontent.com/guadguadt/Up/master/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/guadguadt/Up/master/oShowz.txt?18577925
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a6e2cb6c58b912905bb587ca95cb54724ce53c2745b554d25b5ab83017eb7a5e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Origin
https://cwhytbdjpybhd.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
8f70a6cd2af31e173b336e46d3e69ed9ede095bc
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
452
ETag
"dbe78b455fbd96167fc2dab474a364cbf8a1ed67"
X-Served-By
cache-fra19124-FRA
X-Geo-Block-List
X-GitHub-Request-Id
AF68:1C49:D9CEA9:F5709A:5CA3D446
X-Timer
S1554240585.831301,VS0,VE139
X-Frame-Options
deny
Date
Tue, 02 Apr 2019 21:29:44 GMT
Source-Age
0
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Tue, 02 Apr 2019 21:34:44 GMT
oo.aspx
d2rbq3do73esad.cloudfront.net/ 		28 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_ooshow&ag=ogHead&sign=2feb31403a85747149f32793deaad1ec8cd43f44
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.204 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-204.fra6.r.cloudfront.net
Software
/
Resource Hash
9d12f0688889b2e8d49d5abb384aaee92107ab97d18fc172532662dbc68ed575

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Origin
https://cwhytbdjpybhd.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:43 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
IcZV1FIVAJaYa5sZ0xcDzOg8Jq2jXgGOJcD6FOBIaBsxJgiAgPB6_Q==
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
oo.aspx
d2rbq3do73esad.cloudfront.net/ 		1 KB
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_ooshow&ag=ogFoot&from=Email-web&tag=52432336&sign=2feb31403a85747149f32793deaad1ec8cd43f44
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.204 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-204.fra6.r.cloudfront.net
Software
/
Resource Hash
c096942acae9f6f1823565c6f6bc25d072f111d69875919f261a85771b4180b9

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Origin
https://cwhytbdjpybhd.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:45 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
6eMGVWBTUtH1ezkixa7CGlEZ17TfgR0fljfF7uEswZJPE2Io869xAw==
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
!ae!Ca!CY!ae!CG!Kw!ag!KC!CX!ad!jX!Cg!ag!KK!CX!ae!Xg!Xj.Z.jpg
hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdlnY.wwj.lje.je/qOF/!ad!KI!jl!ad!XK!jj/!ad!KI!jl!aj!jd!XC/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdlnY.wwj.lje.je/qOF/!ad!KI!jl!ad!XK!jj/!ad!KI!jl!aj!jd!XC/!ae!Ca!CY!ae!CG!Kw!ag!KC!CX!ad!jX!Cg!ag!KK!CX!ae!Xg!Xj.Z.jpg
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:03:08 GMT
ETag
"9dacb496d7d3d41:0"
Last-Modified
Wed, 06 Mar 2019 04:46:40 GMT
Server
Microsoft-IIS/7.5
Age
5199
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86712
!XV!NV!A2!Xa!N7!N2!X7!AS!AS!Xa!S7!SI!XH!Aa!NA.c.jpg
hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdxLV.WWN.xNa.Na/zE4/!XI!Au!Nx!XI!SA!NN/!XI!Au!Nx!XN!NI!SH/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdxLV.WWN.xNa.Na/zE4/!XI!Au!Nx!XI!SA!NN/!XI!Au!Nx!XN!NI!SH/!XV!NV!A2!Xa!N7!N2!X7!AS!AS!Xa!S7!SI!XH!Aa!NA.c.jpg
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:03:08 GMT
ETag
"6d44a446fde5d41:0"
Last-Modified
Fri, 29 Mar 2019 07:01:47 GMT
Server
Microsoft-IIS/7.5
Age
5199
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
117947
!Sd!UP!h3!SX!hd!hS!Sr!P0!PX!Sr!Ph!hX!SX!U9!Pw!Su!kh!Pd!Su!Uh!hZ!SP!Pk!UZ!Sk!Uy!Uk!Sk!Uy!hw.R.jpg
hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fd90r.ZZk.9kX.kX/pog/!Su!U3!k9!Su!hU!kk/!Su!U3!k9!Sk!ku!hP/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fd90r.ZZk.9kX.kX/pog/!Su!U3!k9!Su!hU!kk/!Su!U3!k9!Sk!ku!hP/!Sd!UP!h3!SX!hd!hS!Sr!P0!PX!Sr!Ph!hX!SX!U9!Pw!Su!kh!Pd!Su!Uh!hZ!SP!Pk!UZ!Sk!Uy!Uk!Sk!Uy!hw.R.jpg
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:03:08 GMT
ETag
"1724324ad7d3d41:0"
Last-Modified
Wed, 06 Mar 2019 04:44:31 GMT
Server
Microsoft-IIS/7.5
Age
5199
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96858
!hS!q3!5n!hB!55!vh.T.jpg
hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdjMB.cc5.j5S.5S/OJ7/!h3!qn!5j!h3!vq!55/!h3!qn!5j!h5!53!vt/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdjMB.cc5.j5S.5S/OJ7/!h3!qn!5j!h3!vq!55/!h3!qn!5j!h5!53!vt/!hS!q3!5n!hB!55!vh.T.jpg
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:03:08 GMT
ETag
"245facf8d7d3d41:0"
Last-Modified
Wed, 06 Mar 2019 04:49:24 GMT
Server
Microsoft-IIS/7.5
Age
5199
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120721
!vh!8u!8n!ve!ee!sm!vm!em!zZ!ve!en!zz!vs!8n!82!vs!8x!zz.y.jpg
hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdN2m.RRe.Neh.eh/EDd/!vn!zL!eN!vn!8z!ee/!vn!zL!eN!ve!en!8s/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdN2m.RRe.Neh.eh/EDd/!vn!zL!eN!vn!8z!ee/!vn!zL!eN!ve!en!8s/!vh!8u!8n!ve!ee!sm!vm!em!zZ!ve!en!zz!vs!8n!82!vs!8x!zz.y.jpg
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:03:08 GMT
ETag
"af6825c1d7d3d41:0"
Last-Modified
Wed, 06 Mar 2019 04:47:51 GMT
Server
Microsoft-IIS/7.5
Age
5199
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93398
!8L!p0!ak!8a!aL!CF.T.png
hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdkwQ.TTa.kav.av/o6I/!8L!p0!ak!8L!Cp!aa/!8L!p0!ak!8a!aL!CF/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdkwQ.TTa.kav.av/o6I/!8L!p0!ak!8L!Cp!aa/!8L!p0!ak!8a!aL!CF/!8L!p0!ak!8a!aL!CF.T.png
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ca9abfb158dfe4070ab47036bb2f1a28b7d14ff4afbb85529c70f66020523f01

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:03:08 GMT
ETag
"c9d7665b14c8d41:0"
Last-Modified
Tue, 19 Feb 2019 05:31:25 GMT
Server
Microsoft-IIS/7.5
Age
5199
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5402
!RJ!5U!55!R2!TL!5c.png
hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdLBs.ii2.L2c.2c/XvE/!R6!5Y!2L!R6!T5!22/!R6!5Y!2L!R2!26!TU/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdLBs.ii2.L2c.2c/XvE/!R6!5Y!2L!R6!T5!22/!R6!5Y!2L!R2!26!TU/!RJ!5U!55!R2!TL!5c.png
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f146b9d5882ba239306b9748459da132c667fd485cb957b064986c95a8be4f8a

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:11:55 GMT
ETag
"5d8c85ca14c8d41:0"
Last-Modified
Tue, 19 Feb 2019 05:34:32 GMT
Server
Microsoft-IIS/7.5
Age
4672
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6584
!KV!SO!AA!KV!SA!SA.png
hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdwG7.99c.wcb.cb/8P6/!KB!Sm!cw!KB!AS!cc/!KB!Sm!cw!Kc!cB!AO/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsoawvbm.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdwG7.99c.wcb.cb/8P6/!KB!Sm!cw!KB!AS!cc/!KB!Sm!cw!Kc!cB!AO/!KV!SO!AA!KV!SA!SA.png
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
59d02c06a035464ad0cb143cf91882537177310668bd134c81480d77b27444c7

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:11:55 GMT
ETag
"df1f428c14c8d41:0"
Last-Modified
Tue, 19 Feb 2019 05:32:47 GMT
Server
Microsoft-IIS/7.5
Age
4672
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6772
oo.aspx
d2rbq3do73esad.cloudfront.net/
Redirect Chain
  • https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=2feb31403a85747149f32793deaad1ec8cd43f44
  • https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.204 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-204.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:45 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
access-control-allow-origin
*
location
oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
status
302
cache-control
private
x-cache
Miss from cloudfront
content-length
248
x-amz-cf-id
6NQqL6cHjVCGAU22z7gmCq7gqolkZArnWQHEaoTECYZOVtcaXtyJEQ==

Redirect headers

date
Tue, 02 Apr 2019 21:29:45 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
status
302
location
oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
content-length
248
x-amz-cf-id
6NQqL6cHjVCGAU22z7gmCq7gqolkZArnWQHEaoTECYZOVtcaXtyJEQ==
oo.aspx
d2rbq3do73esad.cloudfront.net/ 		60 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.204 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-204.fra6.r.cloudfront.net
Software
/
Resource Hash
013caf6296cbc571f4a9e17f8367f85b0c2390ee5a40f9f06762371fc2d9abbc

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Origin
https://cwhytbdjpybhd.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:45 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
1HdL1zi3zdiHdx3HyWH7Q9v6pdbe4LLu7EorfvkObz1x3DOAifoznw==
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
Primary Request oo.aspx
d2rbq3do73esad.cloudfront.net/
Redirect Chain
  • https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_ooshow&ag=r816728&sign=2feb31403a85747149f32793deaad1ec8cd43f44
  • https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
60 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Requested by
Host: cwhytbdjpybhd.global.ssl.fastly.net
URL: https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.155 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-155.fra6.r.cloudfront.net
Software
/
Resource Hash
642c8202f63ef39eb77dc767e49ab37a3ab7c9064c02507fa9cd879b73448dfb

Request headers

:method
GET
:authority
d2rbq3do73esad.cloudfront.net
:scheme
https
:path
/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336
accept-encoding
gzip, deflate, br
cookie
ASP.NET_SessionId=xs2sqgj3tyv4l3ebqxujoi3o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cwhytbdjpybhd.global.ssl.fastly.net/oo.aspx?name=r816728&key=akxpyhghkzcr&from=Email-web&tag=52432336

Response headers

status
200
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
private
access-control-allow-methods
GET,POST
access-control-allow-origin
*
date
Tue, 02 Apr 2019 21:29:46 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-amz-cf-id
lz-EyiAjD8b5zG7379v3B1poKTZhr48RRgIQQ1LH2ZybyW87f3yWmQ==

Redirect headers

status
302
content-type
text/html; charset=utf-8
content-length
248
location
oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
cache-control
private
set-cookie
ASP.NET_SessionId=xs2sqgj3tyv4l3ebqxujoi3o; path=/; HttpOnly
access-control-allow-methods
GET,POST
access-control-allow-origin
*
date
Tue, 02 Apr 2019 21:29:46 GMT
x-cache
Miss from cloudfront
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-amz-cf-id
tZktdadkXXhHp4d3X98_0SOsHPIOiNhmav0hY9sWVbUMEZY1ejr7vg==
oo.aspx
d2rbq3do73esad.cloudfront.net/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2Fdongtaiwang.com%2Floc%2Fimages%2Fglobal5.css
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.155 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-155.fra6.r.cloudfront.net
Software
/
Resource Hash
368d4626a00b8590cdd18daaf621e24c381146efc10b210f9237ad8a524bec7f

Request headers

:path
/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2Fdongtaiwang.com%2Floc%2Fimages%2Fglobal5.css
pragma
no-cache
cookie
ASP.NET_SessionId=xs2sqgj3tyv4l3ebqxujoi3o
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
d2rbq3do73esad.cloudfront.net
referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
:scheme
https
:method
GET
Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:47 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
wz5NTdhAQ5gOIJo0sFpZeHeROmmkgM-qcXNzIygb19CBkl0c_XLCWA==
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
jquery.min.js
cdn.jsdelivr.net/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 02 Apr 2019 21:29:49 GMT
content-length
33793
x-served-by
cache-ams21020-AMS, cache-fra19120-FRA
etag
W/"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
oo.aspx
d2rbq3do73esad.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.155 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-155.fra6.r.cloudfront.net
Software
/
Resource Hash
d9921434b72f958c9d142d8089b8b96fc33e74622ab0b8cdc758d026315c616f

Request headers

:path
/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
pragma
no-cache
cookie
ASP.NET_SessionId=xs2sqgj3tyv4l3ebqxujoi3o
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
d2rbq3do73esad.cloudfront.net
referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
:scheme
https
:method
GET
Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:47 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-cache
Miss from cloudfront
x-amz-cf-id
Rq0UiELzcdRr0_LGR3t88wILIkROLYKiZVky2H604_V2gzeFAdEo-w==
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
8Wff85qn.jpg
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdmsq7PvjBnj7P.Mq6/QqM/B6jP98/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdmsq7PvjBnj7P.Mq6/QqM/B6jP98/8Wff85qn.jpg
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
ca9813cdf1d1dca0022a0087ea11527365a6bf06b51a18d7beffa189d8bb6048

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:07:39 GMT
Last-Modified
Wed, 31 Oct 2018 20:00:52 GMT
Server
Apache
Age
19374
ETag
"121b69-44ed-c25f6500"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17645
Expires
Tue, 16 Apr 2019 16:07:39 GMT
B4H_7SU3v.gif
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdQFzdt8NmLNdt.2zY/fz2/mYNtjC/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdQFzdt8NmLNdt.2zY/fz2/mYNtjC/B4H_7SU3v.gif
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
3e6e7bf996839adb123f1036a40a80324595b3506c3f9347a76c2123dcacfd9d

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:07:39 GMT
Last-Modified
Wed, 23 Jan 2019 15:20:58 GMT
Server
Apache
Age
19375
ETag
"121b0f-4d98-a40aca80"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19864
Expires
Tue, 16 Apr 2019 16:07:39 GMT
AY_mFq.png
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdGgOuFH5fM5uF.WOr/iOW/fr5FkP/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdGgOuFH5fM5uF.WOr/iOW/fr5FkP/AY_mFq.png
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
93e8935c30b890b403db343d6567541cd9c737748097a49bd4e11cb814a4f7bc

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:07:39 GMT
Last-Modified
Wed, 01 Mar 2017 08:54:42 GMT
Server
Apache
Age
19375
ETag
"121b5c-e5c-769e3880"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3676
Expires
Tue, 16 Apr 2019 16:07:39 GMT
UV_Q4Be.png
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdi7E34PeG2e34.ZEB/1EZ/GBe45t/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdi7E34PeG2e34.ZEB/1EZ/GBe45t/UV_Q4Be.png
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
73e3d2fd0a887baa7233b659c59ee421c2a24a06d4f5c31ee89e1e4740de2c0b

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:07:39 GMT
Last-Modified
Wed, 01 Mar 2017 08:54:42 GMT
Server
Apache
Age
19375
ETag
"121b5b-e67-769e3880"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3687
Expires
Tue, 16 Apr 2019 16:07:39 GMT
RJQQ3L1FQ.jpg
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdlIJL7sX1WXL7.RJQ/xJR/1QX7aF/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdlIJL7sX1WXL7.RJQ/xJR/1QX7aF/RJQQ3L1FQ.jpg
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
da7371ef02e19463b6993c8ca45b4416c4cfc160f38d4edd5faa57302258d5d1

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 15:02:22 GMT
Last-Modified
Mon, 27 Nov 2017 19:42:34 GMT
Server
Apache
Age
23293
ETag
"121b30-58ad-1a907e80"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22701
Expires
Tue, 16 Apr 2019 15:02:22 GMT
dnulS0Zn.jpg
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdxuD0dFSlZS0d.TDf/9DT/lfSdX4/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdxuD0dFSlZS0d.TDf/9DT/lfSdX4/dnulS0Zn.jpg
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
9f0eb95d005f028fcf89c6e873d564032324966ece6b962217577cd1df8c1924

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 15:02:22 GMT
Last-Modified
Fri, 13 Oct 2017 03:54:15 GMT
Server
Apache
Age
23293
ETag
"121b4b-6842-9c42c7c0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26690
Expires
Tue, 16 Apr 2019 15:02:22 GMT
yChGox6M-9r9NP9.jpg
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fd936MI4hxchMI.y6G/j6y/xGhISg/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fd936MI4hxchMI.y6G/j6y/xGhISg/yChGox6M-9r9NP9.jpg
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
3bea924920206fd67b045b5b64ac4c151bb13cc0b9fd3ee6fc1bb06af8002ec3

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 15:02:22 GMT
Last-Modified
Fri, 13 Oct 2017 03:54:15 GMT
Server
Apache
Age
23292
ETag
"121b2e-8a91-9c42c7c0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35473
Expires
Tue, 16 Apr 2019 15:02:22 GMT
nv2bh.jpg
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdjnY2ugv9Rv2u.bYi/NYb/9ivuh7/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdjnY2ugv9Rv2u.bYi/NYb/9ivuh7/nv2bh.jpg
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
75ae726a7aae89cb7fd13ba84aa43d63c0c50c6b10c1b413fdb3d519dc7d0af0

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 15:02:22 GMT
Last-Modified
Wed, 23 Nov 2016 03:26:25 GMT
Server
Apache
Age
23292
ETag
"121b31-a088-74231a40"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41096
Expires
Tue, 16 Apr 2019 15:02:22 GMT
7MjL8w3.png
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdNLVw378jT8w3.KV1/kVK/j183vd/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdNLVw378jT8w3.KV1/kVK/j183vd/7MjL8w3.png
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
544c8004499639b47998504ea6fb988ab864773b2fbe80e3de423a5ae5ee9e17

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:07:39 GMT
Last-Modified
Sun, 20 Jul 2014 16:38:49 GMT
Server
Apache
Age
19374
ETag
"121b72-126f-9ffa9840"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4719
Expires
Tue, 16 Apr 2019 16:07:39 GMT
a6NWn.png
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdk0rWndCNyCWn.Arl/5rA/NlCn8I/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdk0rWndCNyCWn.Arl/5rA/NlCn8I/a6NWn.png
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
b234534878a2d9e11052313e2ce55372a0752e7d3165e9b6cccfc784da59dca5

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 18:58:02 GMT
Last-Modified
Fri, 04 Jul 2008 15:27:34 GMT
Server
Apache
Age
9152
ETag
"121b0e-43ec-5d66a580"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17388
Expires
Tue, 16 Apr 2019 18:58:02 GMT
IkHZIkOBBvu.png
hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fd5MBZLIHkbHZL.UBx/eBU/kxHLCu/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hiacbxpr.248.goseek.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fd5MBZLIHkbHZL.UBx/eBU/kxHLCu/IkHZIkOBBvu.png
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.166.67.117 Hsinchu, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
118-166-67-117.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
1de9272d0960719fb1fc8b2d8c3ff205de41636d412db53226df6e0fa1c62c2f

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 15:02:22 GMT
Last-Modified
Wed, 28 May 2014 21:30:59 GMT
Server
Apache
Age
23291
ETag
"121b6a-3c2e-87424ac0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
Expires
Tue, 16 Apr 2019 15:02:22 GMT
oGate.jpg
raw.githubusercontent.com/opipe/Up/master/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/opipe/Up/master/oGate.jpg
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
fd3ca4b2771dc70f499e6f0469096250e9ca4f439d6c8feaa3e9d0a66afa4dfe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
9549698f2c5336befc07a3b4be4ef1cebb944a9f
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Cache
MISS
Cache-Control
max-age=300
Date
Tue, 02 Apr 2019 21:29:50 GMT
Connection
keep-alive
Vary
Authorization,Accept-Encoding
Content-Length
7877
X-XSS-Protection
1; mode=block
X-Served-By
cache-fra19149-FRA
X-GitHub-Request-Id
8D84:6FC3:C4006F:DCDEB4:5CA3D44E
X-Timer
S1554240590.120879,VS0,VE176
ETag
"60305ebdf358846aaf2aad46a4ad4df20e75f63e"
Source-Age
0
X-Frame-Options
deny
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Expires
Tue, 02 Apr 2019 21:34:50 GMT
X-Geo-Block-List
Accept-Ranges
bytes
X-Cache-Hits
0
gpt.js
www.googletagservices.com/tag/js/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2F140%2Fjs%2FDjy%2FDongtaiwangHomepage.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2b6b21518c8705b599cdb7f273679741b2873c6c68c32a44c4fca1273aa356f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"125 / 541 of 1000 / last-modified: 1554230888"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
11282
x-xss-protection
0
expires
Tue, 02 Apr 2019 21:29:50 GMT
AxtrrPx_oM_QxtRMP.jpg
pvwuavwj.nsy.goside.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdawQRM3teAtRM.zQj/XQz/ejtMPn/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pvwuavwj.nsy.goside.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdawQRM3teAtRM.zQj/XQz/ejtMPn/AxtrrPx_oM_QxtRMP.jpg
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.254.4.74 Tainan, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
111-254-4-74.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
50d450a0b9020ae027ebd16cc43357d44edfcea5b9e4f7f0a0d5b4185303ec5e

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2Fdongtaiwang.com%2Floc%2Fimages%2Fglobal5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:42:07 GMT
Last-Modified
Tue, 22 Mar 2011 01:15:54 GMT
Server
Apache
Age
17307
ETag
"121b77-46c2-fc572680"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18114
Expires
Tue, 16 Apr 2019 16:42:07 GMT
0iQ_dF4cFN_iN4bWF.png
pvwuavwj.nsy.goside.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdhcibW04Sz4bW.Ei5/viE/S54WFM/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pvwuavwj.nsy.goside.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdhcibW04Sz4bW.Ei5/viE/S54WFM/0iQ_dF4cFN_iN4bWF.png
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.254.4.74 Tainan, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
111-254-4-74.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
052939f0169df7aa01ecb1edfccd179af337a33de6859072506a4d66f115e652

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2Fdongtaiwang.com%2Floc%2Fimages%2Fglobal5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:42:07 GMT
Last-Modified
Tue, 22 Mar 2011 01:07:10 GMT
Server
Apache
Age
17307
ETag
"121b6f-79bd-dd1b8b80"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31165
Expires
Tue, 16 Apr 2019 16:42:07 GMT
JcnnfT_JSctA.gif
pvwuavwj.nsy.goside.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdXWfT2nsaUsT2.pfN/Sfp/aNs2tL/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pvwuavwj.nsy.goside.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdXWfT2nsaUsT2.pfN/Sfp/aNs2tL/JcnnfT_JSctA.gif
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.254.4.74 Tainan, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
111-254-4-74.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
094b67d2a2aeafee95e78f19b6cfb06546d7a80850b91c3c4ae04ade9ac2b99e

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2Fdongtaiwang.com%2Floc%2Fimages%2Fglobal5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:42:07 GMT
Last-Modified
Wed, 20 Aug 2008 15:07:16 GMT
Server
Apache
Age
17307
ETag
"121b1f-d52-8f581100"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3410
Expires
Tue, 16 Apr 2019 16:42:07 GMT
KjZ.gif
pvwuavwj.nsy.goside.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdPKjzyZuHJuzy.Yjh/tjY/HhuyIc/ 		45 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pvwuavwj.nsy.goside.xyz/hpf361257a0df585ba5e5ceed05ecf31be6fc292fdPKjzyZuHJuzy.Yjh/tjY/HhuyIc/KjZ.gif
Requested by
Host: d2rbq3do73esad.cloudfront.net
URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.254.4.74 Tainan, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
111-254-4-74.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
393be6a9918a4d36d4a7074444e02eaa4ceb2fc3b2390dd761c491e24c33b321

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http%3A%2F%2Fdongtaiwang.com%2Floc%2Fimages%2Fglobal5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 16:42:07 GMT
Last-Modified
Tue, 01 Jul 2008 19:18:19 GMT
Server
Apache
Age
17307
ETag
"121b35-2d-3d1a74c0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45
Expires
Tue, 16 Apr 2019 16:42:07 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d2rbq3do73esad.cloudfront.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d2rbq3do73esad.cloudfront.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019032901.js
securepubads.g.doubleclick.net/gpt/ 		158 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019032901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
43001733235888c4a12ee8147a20fb01643d6be427b730fc021e0b04a111abf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Mar 2019 14:59:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
58393
x-xss-protection
0
expires
Tue, 02 Apr 2019 21:29:50 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		520 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=141233536734975&correlator=1383032365570328&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061508%2C21060610%2C21060698%2C21061498&vrg=2019032901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu_parts=37445998%2CDongtaiwang_frontpage_native_text_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x25%7C300x25&cookie_enabled=1&bc=15&abxe=1&lmt=1554240590&dt=1554240590300&dlt=1554240589131&idt=1150&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=2057630717&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fd2rbq3do73esad.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3D2feb31403a85747149f32793deaad1ec8cd43f44%26ag%3Dhttp%3A%2F%2Fdongtaiwang.com%2Floc%2Fphome.php&ref=https%3A%2F%2Fcwhytbdjpybhd.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dakxpyhghkzcr%26from%3DEmail-web%26tag%3D52432336&dssz=14&icsg=2282&std=0&rumc=988513354131018&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x2&msz=250x25&blev=1&bisch=1&ga_vid=312509470.1554240590&ga_sid=1554240590&ga_hid=1702280585&fws=128
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019032901.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
437857694329ce537c7e2961f686c8f15a2ea51f9e3939b943e41bad3ec22b7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Origin
https://d2rbq3do73esad.cloudfront.net

Response headers

date
Tue, 02 Apr 2019 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
344
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d2rbq3do73esad.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019032901.js
securepubads.g.doubleclick.net/gpt/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019032901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019032901.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
75af473fa5f320b8def25c02a8853b4b66f77c275a06c46fc642a2fbf30fb14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 21:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Mar 2019 14:59:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27615
x-xss-protection
0
expires
Tue, 02 Apr 2019 21:29:50 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019032901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		838 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=141233536734975&correlator=1383032365570328&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21061508%2C21060610%2C21060698%2C21061498&vrg=2019032901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu_parts=37445998%2CDongtaiwang_frontpage_native_text_2%2CDongtaiwang_frontpage_native_text_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x25%2C300x25&cookie_enabled=1&bc=15&abxe=1&lmt=1554240590&dt=1554240590317&dlt=1554240589131&idt=1150&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C0&adys=0%2C0&adks=769640528%2C3546408455&ucis=3%7C4&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fd2rbq3do73esad.cloudfront.net%2Foo.aspx%3Fname%3Dget_oopipe%26sign%3D2feb31403a85747149f32793deaad1ec8cd43f44%26ag%3Dhttp%3A%2F%2Fdongtaiwang.com%2Floc%2Fphome.php&ref=https%3A%2F%2Fcwhytbdjpybhd.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dr816728%26key%3Dakxpyhghkzcr%26from%3DEmail-web%26tag%3D52432336&dssz=15&icsg=10474&std=0&rumc=988513354131018&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x2%7C340x2&msz=300x-1%7C300x-1&blev=1&bisch=1&ga_vid=312509470.1554240590&ga_sid=1554240590&ga_hid=1702280585&fws=128%2C128
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019032901.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
032afb326bf930f8042fcaeb5cd8b7393a423b6894d80eb94275da8a39ddc89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Origin
https://d2rbq3do73esad.cloudfront.net

Response headers

date
Tue, 02 Apr 2019 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
362
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://d2rbq3do73esad.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019032901.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
d80fec95f21229c80e91fa0c1cb07b3b8947a9145e5326f9b68a53c8826799bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 20:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
16188
x-xss-protection
0
server
cafe
etag
1160382428385253969
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Apr 2019 21:32:22 GMT
csi
csi.gstatic.com/ 		0
202 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ju0apusk&c=988513354131018&e=21061508%2C21060610%2C21060698%2C21061498&ctx=1&met.9=1.1kn~2.1me~7_1.1~3_1.1n9~7_2.1~7_3.1~3_2.1nj~4_1.1on~5_1.1oq~4_2.1p0~5_2.1p1~5_3.1p1&met.10=1_3.IOMQEAAIABiwi3QoAA~1_2.IOMQEAAIABiwi3QoAA~1_1.IOMQEAAIABiwi3QoAA&met.3=112.1ow_2~113.2np_1&met.1=1.ju0apt3n~4.3~5.9t~6.9t~7.9t~8.9t~9.9t~10.9t~12.9u~13.o7~14.qf~15.qg~16.1jd~17.1jd~18.1ka~19.2no~20.2no~21.2no~22.1k5~23.1k5&qqid.1=CPegobKtsuECFcwX4AodbXcGWg&qqid.2=CPPyobKtsuECFcwm4AodGPUMOA&qqid.3=CPTyobKtsuECFcwm4AodGPUMOA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4001:80e::2003 , Australia, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php
Origin
https://d2rbq3do73esad.cloudfront.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Apr 2019 21:29:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| googletag function| chkplayer object| qr_fgp object| qr_fgma function| reset_qr object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming boolean| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state object| gaGlobal object| _google_rum_ns_ function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| google_rum_config undefined| google_timing_params object| __google_ad_urls undefined| google_rum_values

1 Cookies

Domain/Path Name / Value
d2rbq3do73esad.cloudfront.net/ Name: ASP.NET_SessionId
Value: xs2sqgj3tyv4l3ebqxujoi3o

1 Console Messages

Source Level URL
Text
console-api log URL: https://d2rbq3do73esad.cloudfront.net/oo.aspx?name=get_oopipe&sign=2feb31403a85747149f32793deaad1ec8cd43f44&ag=http://dongtaiwang.com/loc/phome.php(Line 313)
Message:
removing player

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.bootcss.com
cdn.jsdelivr.net
csi.gstatic.com
cwhytbdjpybhd.global.ssl.fastly.net
d2rbq3do73esad.cloudfront.net
googleads.g.doubleclick.net
hiacbxpr.248.goseek.xyz
hsoawvbm.248.goseek.xyz
pagead2.googlesyndication.com
pvwuavwj.nsy.goside.xyz
raw.githubusercontent.com
securepubads.g.doubleclick.net
t.cn
tpc.googlesyndication.com
www.googletagservices.com
111.254.4.74
116.211.169.137
118.166.67.117
13.35.254.155
13.35.254.204
151.101.0.133
151.101.1.194
151.101.192.133
151.101.2.109
216.58.207.34
2404:6800:4001:80e::2003
2a00:1450:4001:816::2002
2a00:1450:4001:817::2002
2a00:1450:4001:818::2001
2a00:1450:4001:820::2002
2a00:1450:4001:825::2002
58.251.149.95
013caf6296cbc571f4a9e17f8367f85b0c2390ee5a40f9f06762371fc2d9abbc
032afb326bf930f8042fcaeb5cd8b7393a423b6894d80eb94275da8a39ddc89b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
052939f0169df7aa01ecb1edfccd179af337a33de6859072506a4d66f115e652
094b67d2a2aeafee95e78f19b6cfb06546d7a80850b91c3c4ae04ade9ac2b99e
10e71de24e6718e3151b4e9601dc25f5f1151a1074a5010c8399e0439ce5a84f
1de9272d0960719fb1fc8b2d8c3ff205de41636d412db53226df6e0fa1c62c2f
22fee1d86825cc66a155c1e2747cdd801e7bd4aff6b9584e2c280e343e5fb38f
2b6b21518c8705b599cdb7f273679741b2873c6c68c32a44c4fca1273aa356f1
3647cb4d72a5035b8d5580e571f570eb91c5e808b39493ca98139206db4ca28c
368d4626a00b8590cdd18daaf621e24c381146efc10b210f9237ad8a524bec7f
393be6a9918a4d36d4a7074444e02eaa4ceb2fc3b2390dd761c491e24c33b321
3bea924920206fd67b045b5b64ac4c151bb13cc0b9fd3ee6fc1bb06af8002ec3
3e6e7bf996839adb123f1036a40a80324595b3506c3f9347a76c2123dcacfd9d
43001733235888c4a12ee8147a20fb01643d6be427b730fc021e0b04a111abf6
437857694329ce537c7e2961f686c8f15a2ea51f9e3939b943e41bad3ec22b7f
50d450a0b9020ae027ebd16cc43357d44edfcea5b9e4f7f0a0d5b4185303ec5e
544c8004499639b47998504ea6fb988ab864773b2fbe80e3de423a5ae5ee9e17
59d02c06a035464ad0cb143cf91882537177310668bd134c81480d77b27444c7
5c34eab1f9644f69609cfe3f01de3481dcb9ef19e47357d989bbb1ae14e2598c
642c8202f63ef39eb77dc767e49ab37a3ab7c9064c02507fa9cd879b73448dfb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
73e3d2fd0a887baa7233b659c59ee421c2a24a06d4f5c31ee89e1e4740de2c0b
75ae726a7aae89cb7fd13ba84aa43d63c0c50c6b10c1b413fdb3d519dc7d0af0
75af473fa5f320b8def25c02a8853b4b66f77c275a06c46fc642a2fbf30fb14c
81c2b631558702c10d3f1ec7a8e0a4bb42f9492a734a54248d0275b9bd9f1bef
88e31e7b599e552b42d5cc9b1fd62db7758d8ff94820c1bde4f8b12802ecdefc
9179755d90204a5f79ad81e199e49d5a502d2505b62d967898b5d8303f0b9441
93e8935c30b890b403db343d6567541cd9c737748097a49bd4e11cb814a4f7bc
9baa64fcf1cd5463f08ae2f67beaf38163af4cb370ede51e293bac554663522b
9d12f0688889b2e8d49d5abb384aaee92107ab97d18fc172532662dbc68ed575
9f0eb95d005f028fcf89c6e873d564032324966ece6b962217577cd1df8c1924
a6e2cb6c58b912905bb587ca95cb54724ce53c2745b554d25b5ab83017eb7a5e
b234534878a2d9e11052313e2ce55372a0752e7d3165e9b6cccfc784da59dca5
c096942acae9f6f1823565c6f6bc25d072f111d69875919f261a85771b4180b9
ca9813cdf1d1dca0022a0087ea11527365a6bf06b51a18d7beffa189d8bb6048
ca9abfb158dfe4070ab47036bb2f1a28b7d14ff4afbb85529c70f66020523f01
d80fec95f21229c80e91fa0c1cb07b3b8947a9145e5326f9b68a53c8826799bc
d9921434b72f958c9d142d8089b8b96fc33e74622ab0b8cdc758d026315c616f
da7371ef02e19463b6993c8ca45b4416c4cfc160f38d4edd5faa57302258d5d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f146b9d5882ba239306b9748459da132c667fd485cb957b064986c95a8be4f8a
fd3ca4b2771dc70f499e6f0469096250e9ca4f439d6c8feaa3e9d0a66afa4dfe