Submitted URL: http://ticff.org
Effective URL: http://www.ticff.org/
Submission: On January 25 via api from DE

Summary

This website contacted 21 IPs in 9 countries across 20 domains to perform 57 HTTP transactions.
The main IP is 45.196.205.174, located in Johannesburg, South Africa and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is www.ticff.org.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 20 45.196.205.174 134548 (DXTL-HK D...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 107.154.192.175 19551 (INCAPSULA)
1 2600:9000:205... 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 111.206.37.189 4808 (CHINA169-...)
2 103.235.46.191 55967 (CNNIC-BAI...)
1 45.196.207.102 134548 (DXTL-HK D...)
2 12 2a03:2880:f22... 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 34.198.122.35 14618 (AMAZON-AES)
2 95.101.176.176 16625 (AKAMAI-AS)
1 209.87.149.24 30152 (BEYOND-HO...)
2 143.204.214.124 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a03:2880:f22... 32934 (FACEBOOK)
1 192.28.144.124 15224 (OMNITURE)
57 21
Domain
Subdomains
Transfer
20 ticff.org
7 MB
7 cdninstagram.com
399 KB
7 instagram.com
3 KB
4 google-analytics.com
20 KB
4 baidu.com
15 KB
4 juicer.io
21 KB
3 xavier.edu
2 KB
2 youvisit.com
29 KB
2 marketo.net
6 KB
2 googletagmanager.com
30 KB
1 mktoresp.com
303 B
1 ytimg.com
10 KB
1 google.de
109 B
1 google.com
181 B
1 doubleclick.net
160 B
1 youtube.com
1 KB
1 hbguanwei.com
0 B
1 zjdymz.com
1 KB
1 hbwobu.com
32 KB
1 bootstrapcdn.com
7 KB
57 20
Domain Requested by
19 www.ticff.org www.ticff.org
7 scontent.cdninstagram.com www.ticff.org
5 api.instagram.com 2 redirects www.ticff.org
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
www.ticff.org
3 www.juicer.io www.ticff.org
2 www.instagram.com 1 redirects www.ticff.org
2 www.youvisit.com www.googletagmanager.com
www.youvisit.com
2 munchkin.marketo.net www.ticff.org
munchkin.marketo.net
2 hm.baidu.com www.ticff.org
2 www.googletagmanager.com 1 redirects www.ticff.org
1 582-dxf-976.mktoresp.com munchkin.marketo.net
1 s.ytimg.com www.youtube.com
1 www.google.de www.ticff.org
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.xavier.edu www.googletagmanager.com
1 admit.xavier.edu www.googletagmanager.com
1 admissions.xavier.edu www.googletagmanager.com
1 www.youtube.com www.ticff.org
1 www.hbguanwei.com www.ticff.org
1 api.share.baidu.com www.ticff.org
1 www.zjdymz.com www.ticff.org
1 push.zhanzhang.baidu.com www.ticff.org
1 assets.juicer.io www.ticff.org
1 img.hbwobu.com www.ticff.org
1 stackpath.bootstrapcdn.com www.ticff.org
1 ticff.org 1 redirects
57 27
Subject / Issuer Validity Valid
*.naotan020.com
TrustOcean SSL CA - RSA - 2018
2019-12-04 -
2020-10-31
a year
*.google-analytics.com
GTS CA 1O1
2020-01-07 -
2020-03-31
3 months
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2020-01-13 -
2020-06-25
5 months
www.zjdymz.com
Let's Encrypt Authority X3
2019-12-03 -
2020-03-02
3 months
*.instagram.com
DigiCert SHA2 High Assurance Server CA
2019-12-07 -
2020-03-06
3 months
admissions.xavier.edu
Let's Encrypt Authority X3
2019-12-16 -
2020-03-15
3 months
admit.xavier.edu
Let's Encrypt Authority X3
2019-12-16 -
2020-03-15
3 months
*.xavier.edu
Thawte TLS RSA CA G1
2018-03-22 -
2020-06-24
2 years
www.youvisit.com
Amazon
2019-09-19 -
2020-10-19
a year
www.google.de
GTS CA 1O1
2020-01-07 -
2020-03-31
3 months
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA
2019-12-08 -
2020-03-06
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • http://ticff.org/
  • http://www.ticff.org/
61 KB
61 KB
Document
General
Full URL
http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
8a2dcec8412729ee92ece835ea3b9088efad24c8a20b9ead47aaac770da17bcc

Request headers

Host
www.ticff.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server
nginx/1.10.3
Date
Sat, 25 Jan 2020 04:03:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
62139
Connection
keep-alive

Redirect headers

Server
nginx/1.10.3
Date
Sat, 25 Jan 2020 04:02:53 GMT
Content-Type
text/html
Content-Length
185
Connection
keep-alive
Location
http://www.ticff.org/
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css
30 KB
7 KB
Stylesheet
General
Full URL
http://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Dec 2018 18:35:20 GMT
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
ETag
"1544639720"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
7050
main.css
/_V5/_assets/css
131 KB
131 KB
Stylesheet
General
Full URL
http://www.ticff.org/_V5/_assets/css/main.css
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
c602784baedc5c049d1d66d5fd54516030c513dcb00d72b065b50bf448f4934d

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:02 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
133799
Content-Type
text/css; charset=utf-8
push.js
912 B
1 KB
Script
General
Full URL
http://www.ticff.org/push.js
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
bd1b02895a92f07e2b158893adb953fe30f67a8e7b8f9820021510ff785e403f

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:02 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
912
Content-Type
application/javascript; charset=utf-8
220.jpg
img.hbwobu.com
31 KB
32 KB
Image
General
Full URL
https://img.hbwobu.com/220.jpg
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.192.175.ip.incapdns.net
Software
/
Resource Hash
b33aae11917318f98316c2dc647e118f1af425cc4ba85419132836cd69af39aa

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:02 GMT
Last-Modified
Wed, 04 Dec 2019 13:50:33 GMT
X-CDN
Incapsula
Etag
"5de7b9a9-7c9f"
Content-Type
image/jpeg
X-Iinfo
10-15052642-15051589 2CNN RT(1579924982551 24) q(0 0 0 0) r(0 0) U18
Cache-Control
max-age=0
Content-Length
31903
placement-rate1.svg
/images
12 KB
13 KB
Image
General
Full URL
http://www.ticff.org/images/placement-rate1.svg
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
ecd6e5e330c163c76dbf9322337bba9596773eaac07b4c3e99e96e42ce7ebbf5

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:04 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
12789
Content-Type
image/svg+xml; charset=utf-8
studentcommitment_2x.jpg
/_V5/_assets/images/homepage
5 MB
5 MB
Image
General
Full URL
http://www.ticff.org/_V5/_assets/images/homepage/studentcommitment_2x.jpg
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
036a916c6b4a8812412855a1b4f81fc76efb24d8eb4f1403442c93c82a24db7c

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
5702670
Content-Type
image/jpeg
06039adb234b34ca.js
/js
579 KB
579 KB
Script
General
Full URL
http://www.ticff.org/js/06039adb234b34ca.js
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
199e881ef3583afed5d65f626d5b6fea367c6c7caabb6c300300885a9ae031a7

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:04 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
592653
Content-Type
application/javascript; charset=utf-8
embed.css
assets.juicer.io
95 KB
14 KB
Stylesheet
General
Full URL
http://assets.juicer.io/embed.css
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
2600:9000:2057:b400:e:cdf0:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5ed14880aac78feeef4c0c30b77ad73d5c457d7232c5a04f831cab96e2aa00b

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 22 Jan 2020 11:40:53 GMT
Content-Encoding
gzip
Age
231734
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
13777
Last-Modified
Wed, 22 Jan 2020 11:40:37 GMT
Server
AmazonS3
ETag
"feff00a25c7268444afe38229ad31667"
Content-Type
text/css
Via
1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
-qerQrYAKcpCNFO_5ktltl_wFs1bEpeSAacN5ABYLXIchBOkHJZPYA==
Expires
Wed, 29 Jan 2020 11:40:17 GMT
4ec11dffdb69be94.js
/js
94 KB
94 KB
Script
General
Full URL
http://www.ticff.org/js/4ec11dffdb69be94.js
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:07 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
95931
Content-Type
application/javascript; charset=utf-8
base.js
/_V5/_assets/js
14 KB
15 KB
Script
General
Full URL
http://www.ticff.org/_V5/_assets/js/base.js
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
32ae139e151f7791e98d343689350f9ea789051a75fd35e26bc77230fc77ea12

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:07 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
14825
Content-Type
application/javascript; charset=utf-8
plyr.js
/_V5/_assets/js
305 KB
306 KB
Script
General
Full URL
http://www.ticff.org/_V5/_assets/js/plyr.js
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
1f47cbf7179821eba87b0ad304123e058ab5142e1db50163fd51709397d53dca

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:07 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
312662
Content-Type
application/javascript; charset=utf-8
gtm.js?id=GTM-T78V54
www.googletagmanager.com
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-T78V54
  • https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
117 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38d748decf09006c66457d34c7cabafa95b8695fd0208f99519c94f3283e8714
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 25 Jan 2020 04:03:08 GMT
content-encoding
br
last-modified
Sat, 25 Jan 2020 03:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
30411
x-xss-protection
0
expires
Sat, 25 Jan 2020 04:03:08 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
Date
Sat, 25 Jan 2020 04:03:08 GMT
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
push.js
push.zhanzhang.baidu.com
281 B
752 B
Script
General
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/push.js
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
227
Expires
Sun, 24 Jan 2021 04:03:08 GMT
hm.js?c5357786477b2fb26f65a5e835f492da
hm.baidu.com
37 KB
14 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?c5357786477b2fb26f65a5e835f492da
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/push.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
95bbfeab69fc7b8c1f1b1f2cacad72aabf8b449131aca92cfe63e18fd4dc8a38
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:10 GMT
Content-Encoding
gzip
Server
apache
Etag
6327755ae8c5c1aeba6fcf36e10ea454
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13507
jquery-1.10.2.min_65682a2.js?v=1579924983841
www.zjdymz.com
1 KB
1 KB
Script
General
Full URL
https://www.zjdymz.com/jquery-1.10.2.min_65682a2.js?v=1579924983841
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/push.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.196.207.102 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
86d65b82d1cfca6ff13d4cd3b4f3d68a4cffc684a95217cbda34966fb4b96880

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 25 Jan 2020 04:03:10 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
1276
Content-Type
application/javascript; charset=utf-8
/
api.share.baidu.com/s.gif?l=http://www.ticff.org
0
116 B
Image
General
Full URL
http://api.share.baidu.com/s.gif?l=http://www.ticff.org/
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:10 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
Cookie set ?channel=S005&ref=
www.hbguanwei.com
0
0
Document
General
Full URL
https://www.hbguanwei.com/?channel=S005&ref=
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.175 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.192.175.ip.incapdns.net
Software
nginx/1.10.2 /
Resource Hash

Request headers

Host
www.hbguanwei.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
http://www.ticff.org/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://www.ticff.org/

Response headers

Server
nginx/1.10.2
Date
Sat, 25 Jan 2020 04:03:10 GMT
Content-Type
text/html
Last-Modified
Wed, 04 Dec 2019 13:46:33 GMT
Connection
keep-alive
ETag
"5de7b8b9-3214"
Accept-Ranges
bytes
Set-Cookie
visid_incap_2179699=wdUdXVj3SqeoTvZDcZuLBf69K14AAAAAQUIPAAAAAADosUB6eddPVp3bOVcCLuIA; expires=Sat, 23 Jan 2021 12:34:53 GMT; path=/; Domain=.hbguanwei.com incap_ses_1185_2179699=P4RLMPJmBnHdXi3PjQJyEP69K14AAAAAbGRy683LHQaAG3z1D58LvQ==; path=/; Domain=.hbguanwei.com ___utmvmZIBuisaZZ=rOInQGOuIdQ; path=/; Max-Age=900 ___utmvaZIBuisaZZ=VCVLMDn; path=/; Max-Age=900 ___utmvbZIBuisaZZ=yZP XPSOZalL: Xtb; path=/; Max-Age=900
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
2-6076933-6076934 nNNN RT(1579924990268 21) q(0 0 5 0) r(7 7) U12
hub_hero_2020_1xnew2.jpg
/images
300 KB
0
Image
General
Full URL
http://www.ticff.org/images/hub_hero_2020_1xnew2.jpg
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:14 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
1419008
Content-Type
image/jpeg
virtualtour_mod_2x_high.jpg
/images
297 KB
297 KB
Image
General
Full URL
http://www.ticff.org/images/virtualtour_mod_2x_high.jpg
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
86f43ffc0bc5bc71f0b33c16092f91d7d10776839e1c6b2bb93ff3789eac7425

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
303961
Content-Type
image/jpeg
blue.jpg
/images
2 KB
2 KB
Image
General
Full URL
http://www.ticff.org/images/blue.jpg
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
ec34c8fd553d6f472357e519075b485773f28f7afa96416f1f3b499ce3bc5d72

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
1667
Content-Type
image/jpeg
placement-rate-bkg.svg
/images
1 KB
2 KB
Image
General
Full URL
http://www.ticff.org/images/placement-rate-bkg.svg
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
fe385d016031c215aaeb337fd288db2c444972ff1432f1d5a86f4b9c2ebec06e

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
1415
Content-Type
image/svg+xml; charset=utf-8
xguides_mod_2x_high.jpg
/images
100 KB
100 KB
Image
General
Full URL
http://www.ticff.org/images/xguides_mod_2x_high.jpg
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
32bec30863d5d4a683c021ded4e0814055ec1c235ca53837073364fd2e0408f4

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:13 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
102564
Content-Type
image/jpeg
data:truncated
data:truncated
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
656926c4ad6ebcea262d759065af619cc579b37ffc1cab4b34283e90ee6c0f84

Request headers

Referer
http://www.ticff.org/_V5/_assets/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
70ad2f15-9e1e-4a42-8fdc-30327ef510c3.woff
/_V5/_assets/fonts
33 KB
33 KB
Font
General
Full URL
http://www.ticff.org/_V5/_assets/fonts/70ad2f15-9e1e-4a42-8fdc-30327ef510c3.woff
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
e4333dc906a57ee08a1af60932f4da4140732c86aaed6659706e619dd5bfe4bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://www.ticff.org/_V5/_assets/css/main.css
Origin
http://www.ticff.org

Response headers

Date
Sat, 25 Jan 2020 04:03:10 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
33944
Content-Type
text/html; charset=utf-8
3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
/_V5/_assets/fonts
45 KB
45 KB
Font
General
Full URL
http://www.ticff.org/_V5/_assets/fonts/3fbbd6b1-cfa7-4ff0-97ea-af1b2c489f15.woff
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
f08e70626ae1cc87844b612d3c90fe60bfc4eb42708c19bb279efb046011eb27

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://www.ticff.org/_V5/_assets/css/main.css
Origin
http://www.ticff.org

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
46323
Content-Type
text/html; charset=utf-8
e2ade8a9-bd48-45e7-95e6-9dc917ba4f74.woff
/_V5/_assets/fonts
44 KB
45 KB
Font
General
Full URL
http://www.ticff.org/_V5/_assets/fonts/e2ade8a9-bd48-45e7-95e6-9dc917ba4f74.woff
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
21b119071dde9b34a19317e57ba99f03df8d73c133a573fed3b88dff39b34eba

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://www.ticff.org/_V5/_assets/css/main.css
Origin
http://www.ticff.org

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
45531
Content-Type
text/html; charset=utf-8
9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
/_V5/_assets/fonts
38 KB
38 KB
Font
General
Full URL
http://www.ticff.org/_V5/_assets/fonts/9aa32a81-1124-4c43-b3db-15bfb1f7aed2.woff
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
632f30ff405b737d566889cd6aa2faf93fb83959f34793394241ac89c4a415d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://www.ticff.org/_V5/_assets/css/main.css
Origin
http://www.ticff.org

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
39091
Content-Type
text/html; charset=utf-8
f74530f5-a39c-47e3-97d9-6821fc4df8c0.woff
/_V5/_assets/fonts
38 KB
38 KB
Font
General
Full URL
http://www.ticff.org/_V5/_assets/fonts/f74530f5-a39c-47e3-97d9-6821fc4df8c0.woff
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
45.196.205.174 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
3912291454371fb11b4b8336f60ba1d0501040bfe65e1e5b4bb0c53e1956ecc6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://www.ticff.org/_V5/_assets/css/main.css
Origin
http://www.ticff.org

Response headers

Date
Sat, 25 Jan 2020 04:03:13 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
39197
Content-Type
application/font-woff
&hidecaption=true&omitscript=true
api.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW
Redirect Chain
  • https://api.instagram.com/oembed?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
  • https://api.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
0
-1 B
XHR
General
Full URL
https://api.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT
x-content-type-options
nosniff
x-aed
15
status
301
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-trip-id
2050670934
location
https://api.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
x-frame-options
SAMEORIGIN
vary
Accept-Language, Cookie
content-language
en
access-control-allow-origin
http://www.ticff.org
access-control-expose-headers
X-IG-Set-WWW-Claim
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

date
Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT
x-content-type-options
nosniff
access-control-allow-origin
http://www.ticff.org
x-aed
15
status
301
vary
Accept-Language, Cookie
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-trip-id
2050670934
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-language
en
location
https://api.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
access-control-expose-headers
X-IG-Set-WWW-Claim
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
expires
Sat, 01 Jan 2000 00:00:00 GMT
xavier-university?per=6&page=1
www.juicer.io/api/feeds
18 KB
5 KB
XHR
General
Full URL
http://www.juicer.io/api/feeds/xavier-university?per=6&page=1
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/js/06039adb234b34ca.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945fa7e621df51d30cc75166393cf8e11263f9a6aa6e3c75e6558af3e230669c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://www.ticff.org/
Origin
http://www.ticff.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding, Origin
X-Xss-Protection
1; mode=block
X-Request-Id
3ddeffed-5643-4645-9993-9f793dd78212
X-Runtime
0.019368
Last-Modified
Fri, 24 Jan 2020 16:36:52 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Via
1.1 vegur
Access-Control-Expose-Headers
Cache-Control
max-age=300, public
CF-RAY
55a75b168f4dc2f4-FRA
iframe_api
www.youtube.com
858 B
1 KB
Script
General
Full URL
http://www.youtube.com/iframe_api
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
0e5a62530601bcfd83a56fb46fa5af17c9aa6961d66a015e1ceae744aeb749aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:10 GMT
X-Content-Type-Options
nosniff
Server
YouTube Frontend Proxy
Content-Type
application/javascript
Cache-Control
no-cache
Content-Length
858
X-XSS-Protection
0
Expires
Tue, 27 Apr 1971 19:44:06 GMT
analytics.js
www.google-analytics.com
43 KB
18 KB
Script
General
Full URL
http://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19 Aug 2019 17:22:41 GMT
Server
Golfe2
Age
1308
Date
Sat, 25 Jan 2020 03:41:22 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=7200
Content-Length
17803
Expires
Sat, 25 Jan 2020 05:41:22 GMT
ping
admissions.xavier.edu
5 B
748 B
Script
General
Full URL
https://admissions.xavier.edu/ping
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.122.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-122-35.compute-1.amazonaws.com
Software
/
Resource Hash
ef3b0c34fb0314b0f90400905b924d6805c692ce2b53f750cd12f88bd9aa32d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Date
Sat, 25 Jan 2020 04:03:10 GMT
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Content-Length
25
Expires
Sat, 25 Jan 2020 04:33:10 GMT
ping
admit.xavier.edu
5 B
749 B
Script
General
Full URL
https://admit.xavier.edu/ping
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.122.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-122-35.compute-1.amazonaws.com
Software
/
Resource Hash
ef3b0c34fb0314b0f90400905b924d6805c692ce2b53f750cd12f88bd9aa32d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Date
Sat, 25 Jan 2020 04:03:10 GMT
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Content-Length
25
Expires
Sat, 25 Jan 2020 04:33:10 GMT
munchkin.js
munchkin.marketo.net
1 KB
1 KB
Script
General
Full URL
http://munchkin.marketo.net/munchkin.js
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-176-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a6ce7e8796b3ad20ebca195d3424b34e0397063ae0fa76e340ca1c263694f99

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 02:01:16 GMT
Server
Apache
ETag
"0b691ed6f4fce14e966035ea72b61af4:1578967276"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
homegrown-ma.js
www.xavier.edu/x-guides/scripts
540 B
900 B
Script
General
Full URL
https://www.xavier.edu/x-guides/scripts/homegrown-ma.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.87.149.24 , United States, ASN30152 (BEYOND-HOSTING, US),
Reverse DNS
209-87-149-24.bhsrv.net
Software
/
Resource Hash
a173db8ee13efa9fc8b7fb8ff66be08f9b82821a4c4a4350385ae1ff5a5622d6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 26 Jul 2019 19:45:31 GMT
ETag
"5d3b585b-21c"
X-Frame-Options
DENY
Content-Type
application/javascript
Strict-Transport-Security
max-age=0; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
540
X-XSS-Protection
1; mode=block
js3
www.youvisit.com/tour/Embed
11 KB
5 KB
Script
General
Full URL
https://www.youvisit.com/tour/Embed/js3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.124 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-124.fra53.r.cloudfront.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
d7771fac935d7abad932b211a4393d7ab6dae444a902194dfe5fb8a6d52fb85f

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 25 Jan 2020 04:03:11 GMT
content-encoding
gzip
user-cache-control
max-age=1800
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
content-length
4739
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
pragma
cache
server
Apache/2.4.10 (Debian)
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
false
x-amz-cf-id
N9WwmMIH8Cnn8IVkJ8biQlU5vMVrPIccrsWA37BcGKTUNcZPqGhxLw==
expires
Sat, 25 Jan 2020 04:33:11
linkid.js
www.google-analytics.com/plugins/ua
2 KB
1 KB
Script
General
Full URL
http://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 03:26:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:15:00 GMT
Server
sffe
Age
2184
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Content-Length
859
X-XSS-Protection
0
Expires
Sat, 25 Jan 2020 04:26:47 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_v=j79&z=2001339941&slf_rd=1&random=2929652335
www.google.de/ads
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1725850830&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.ticff.org%2F&ul=en-us&de=UTF-8&dt=%E8%B5%8C%E5%8D%9A%E7%BD%91_%E6%AD%A3%E8%A7%84%E7%BD%91%E8%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_gid=1330039965.1579924990&gjid=2144731937&_v=j79&z=2001339941
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_v=j79&z=2001339941
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_v=j79&z=2001339941&slf_rd=1&random=2929652335
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_v=j79&z=2001339941&slf_rd=1&random=2929652335
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Jan 2020 04:03:11 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Jan 2020 04:03:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_v=j79&z=2001339941&slf_rd=1&random=2929652335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfleSrT7y
27 KB
10 KB
Script
General
Full URL
http://s.ytimg.com/yts/jsbin/www-widgetapi-vfleSrT7y/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: http://www.youtube.com/iframe_api
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e3482f9a3a582ab789faacf7c391aa49bd21f5f0fd4ca2d8ee8b3951bdb971b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 08:44:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 19 Jan 2020 08:40:17 GMT
Server
sffe
Age
501540
Vary
Accept-Encoding, Origin
Content-Type
text/javascript
Cache-Control
public, max-age=691200
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Content-Length
10209
X-XSS-Protection
0
Expires
Mon, 27 Jan 2020 08:44:11 GMT
&hidecaption=true&omitscript=true
www.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW
Redirect Chain
  • https://api.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
  • https://www.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
0
-1 B
XHR
General
Full URL
https://www.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT
x-content-type-options
nosniff
x-aed
15
status
302
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-trip-id
2050670934
location
https://www.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
x-frame-options
SAMEORIGIN
vary
Accept-Language
content-language
en
access-control-allow-origin
http://www.ticff.org
access-control-expose-headers
X-IG-Set-WWW-Claim
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

date
Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT
x-content-type-options
nosniff
access-control-allow-origin
http://www.ticff.org
x-aed
15
status
302
vary
Accept-Language
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-trip-id
2050670934
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-language
en
location
https://www.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
access-control-expose-headers
X-IG-Set-WWW-Claim
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
expires
Sat, 01 Jan 2000 00:00:00 GMT
&hidecaption=true&omitscript=true
api.instagram.com/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW
Redirect Chain
  • https://www.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
  • https://api.instagram.com/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
0
-1 B
XHR
General
Full URL
https://api.instagram.com/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT
x-content-type-options
nosniff
x-aed
15
status
302
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-trip-id
1679558926
location
https://api.instagram.com/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
x-frame-options
SAMEORIGIN
vary
Accept-Language
content-language
en
access-control-allow-origin
null
access-control-expose-headers
X-IG-Set-WWW-Claim
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

date
Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT
x-content-type-options
nosniff
access-control-allow-origin
null
x-aed
15
status
302
vary
Accept-Language
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-trip-id
1679558926
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-language
en
location
https://api.instagram.com/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
access-control-expose-headers
X-IG-Set-WWW-Claim
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
expires
Sat, 01 Jan 2000 00:00:00 GMT
&hidecaption=true&omitscript=true
api.instagram.com/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW
12 B
58 B
XHR
General
Full URL
https://api.instagram.com/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
035861ded82b8f8d2c595f267b64f5ff129075f8b4061cc560d6b6e8faab8526
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
http://www.ticff.org/
Origin
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT, Sat, 25 Jan 2020 04:03:10 GMT
x-content-type-options
nosniff
x-aed
15
status
400
vary
Accept-Language, Cookie
content-length
12
x-xss-protection
0
pragma
no-cache
x-fb-trip-id
2050670934
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-language
en
access-control-allow-origin
null
access-control-expose-headers
X-IG-Set-WWW-Claim
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
expires
Sat, 01 Jan 2000 00:00:00 GMT
page_views
www.juicer.io/api
0
561 B
XHR
General
Full URL
http://www.juicer.io/api/page_views
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/js/06039adb234b34ca.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://www.ticff.org
Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Via
1.1 vegur
CF-Cache-Status
DYNAMIC
Server
cloudflare
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
55a75b18dad0c2f4-FRA
Access-Control-Allow-Headers
content-type
54248103_470747243464658_5643464805059657728_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=rdwf-SGu_XIAX8dBaG_&oh=7f0bc0e95d9aa7fd5897bcfd4b8b4e3f&oe=5ECCB0BA
scontent.cdninstagram.com/v/t51.2885-19/s150x150
5 KB
5 KB
Image
General
Full URL
https://scontent.cdninstagram.com/v/t51.2885-19/s150x150/54248103_470747243464658_5643464805059657728_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=rdwf-SGu_XIAX8dBaG_&oh=7f0bc0e95d9aa7fd5897bcfd4b8b4e3f&oe=5ECCB0BA
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
25d78094a2e4f5266d730955bd18bb8e8726830ad1ca68b5ac3682244a2ff9f3

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
2813302699
date
Sat, 25 Jan 2020 04:03:11 GMT, Sat, 25 Jan 2020 04:03:11 GMT
x-fb-trip-id
780166575
last-modified
Wed, 27 Mar 2019 12:35:16 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
3912698986
x-fb-config-version-olb-prod
677
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
4640
83211073_788639688310980_3603060609599998933_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=-GnF4llnRRoAX9W4VAD&oh=8226c349ee1b53a649e69b762581f968&oe=5E2D9A75
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640
64 KB
64 KB
Image
General
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/83211073_788639688310980_3603060609599998933_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=-GnF4llnRRoAX9W4VAD&oh=8226c349ee1b53a649e69b762581f968&oe=5E2D9A75
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4532110595f6cca1eaff73527222c42dffde95b49aa72b33243be4735942362

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
4115929928
date
Sat, 25 Jan 2020 04:03:11 GMT, Sat, 25 Jan 2020 04:03:11 GMT
x-fb-trip-id
780166575
last-modified
Fri, 24 Jan 2020 16:10:39 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
4054983584
x-fb-config-version-olb-prod
687
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
65318
82823323_167232691205077_8449961693324946753_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=njuuck9wJyUAX9HEk_E&oh=3c5e85f5e6427a9e61f5e4ccc96f6631&oe=5ED2F1F3
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640
80 KB
80 KB
Image
General
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/82823323_167232691205077_8449961693324946753_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=njuuck9wJyUAX9HEk_E&oh=3c5e85f5e6427a9e61f5e4ccc96f6631&oe=5ED2F1F3
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ba12b6334b65e731a558d1ff6227562ec65a6d08d33a1bb871be4bf25eb77e6

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
2654157673
date
Sat, 25 Jan 2020 04:03:11 GMT, Sat, 25 Jan 2020 04:03:11 GMT
x-fb-trip-id
780166575
last-modified
Thu, 23 Jan 2020 17:21:11 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
3460945478
x-fb-config-version-olb-prod
687
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
82292
80839476_2506710182791303_2406265210456326028_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=4WTmkrLAYBEAX9QDC7V&oh=df509e0cf3216949c92d5515642162aa&oe=5EDAEA23
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640
99 KB
99 KB
Image
General
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/80839476_2506710182791303_2406265210456326028_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=4WTmkrLAYBEAX9QDC7V&oh=df509e0cf3216949c92d5515642162aa&oe=5EDAEA23
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce485811156af83a4bda87a54ccf32ba85836b0aeb6273a75b4aa34bff25f1d5

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
745746894
date
Sat, 25 Jan 2020 04:03:11 GMT, Sat, 25 Jan 2020 04:03:11 GMT
x-fb-trip-id
780166575
last-modified
Wed, 15 Jan 2020 20:49:37 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
691
x-fb-edge-debug
5PQeLhh8USDIQExYxrUTE2_kpBVj7oTJCoS_wr3WtY3eUBF7o8qiKDhndHeUN5Ljwn7HqRirfaS2maA4_lw7Hw
x-needle-checksum
2852577803
x-fb-config-version-olb-prod
691
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
100868
81303591_639828019892116_5590593213842837418_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=knDtTPO_dsoAX__prZw&oh=0efc17308f0e1441332817c054fd177e&oe=5ED33579
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640
68 KB
69 KB
Image
General
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/81303591_639828019892116_5590593213842837418_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=knDtTPO_dsoAX__prZw&oh=0efc17308f0e1441332817c054fd177e&oe=5ED33579
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86f41347e3343ad51258a0f1877715ec60d10f6222371dd9fd8481c19b665df9

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
1361423893
date
Sat, 25 Jan 2020 04:03:11 GMT, Sat, 25 Jan 2020 04:03:11 GMT
x-fb-trip-id
780166575
last-modified
Mon, 13 Jan 2020 22:53:01 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
691
x-fb-edge-debug
LDhoPYeNmUustalpPAuy5fIGFd8K4p-IX5XUCJBRUUscjL9pliLGYhX2DHXZZhre6W5Jpkkb692FfFzyjiZEHA
x-needle-checksum
1372444181
x-fb-config-version-olb-prod
691
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
70036
80003230_114737069828264_5092402770059736312_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=SYjzq5ItfE8AX_H7lha&oh=e5676b8dce757e2b3038dbad5d18147a&oe=5E2D8943
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640
36 KB
36 KB
Image
General
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/80003230_114737069828264_5092402770059736312_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=SYjzq5ItfE8AX_H7lha&oh=e5676b8dce757e2b3038dbad5d18147a&oe=5E2D8943
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d80c935baba6c6d22c6f60122f5080c68e9fb9aeb1c64d3744f68f0031f57b33

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
3653084253
date
Sat, 25 Jan 2020 04:03:11 GMT, Sat, 25 Jan 2020 04:03:11 GMT
x-fb-trip-id
780166575
last-modified
Fri, 10 Jan 2020 17:20:15 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
691
x-fb-edge-debug
DKxn4fVsJ1_1b9mmxY2NKlGCNkuG_Ch-gz8kBkkzfPe81EeSIim10lkajVMtL7PJFSaoU8IcZ9_NdzUU8Y5NKA
x-needle-checksum
2595218926
x-fb-config-version-olb-prod
691
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
36647
81248449_1217729405087662_6648290410568881421_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=7kHotlHAOTMAX9muM_L&oh=eb3cb68e7bf5e2b20efb83a1417d6125&oe=5E2D86C8
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640
46 KB
47 KB
Image
General
Full URL
https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/81248449_1217729405087662_6648290410568881421_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=7kHotlHAOTMAX9muM_L&oh=eb3cb68e7bf5e2b20efb83a1417d6125&oe=5E2D86C8
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f22d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d7b0b4006fda304521724c5679e08a271a6ef81b93d0c7602d103ad22c1006f

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
3469732852
date
Sat, 25 Jan 2020 04:03:11 GMT, Sat, 25 Jan 2020 04:03:11 GMT
x-fb-trip-id
780166575
last-modified
Thu, 09 Jan 2020 17:09:40 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
2848932840
x-fb-config-version-olb-prod
688
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
47549
munchkin.js
munchkin.marketo.net/156
9 KB
5 KB
Script
General
Full URL
http://munchkin.marketo.net/156/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: http://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Server
95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-176-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 20:22:41 GMT
Server
Apache
ETag
"24e78e4d5137c385c6e3393d80cfd6bf:1568751761"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4198
Expires
Mon, 04 May 2020 04:03:11 GMT
collect?v=1&_v=j79&a=1725850830&t=pageview&ni=1&_s=2&dl=http%3A%2F%2Fwww.ticff.org%2F&ul=en-us&de=UTF-8&dt=%E8%B5%8C%E5%8D%9A%E7%BD%91_%E6%AD%A3%E8%A7%84%E7%BD%91%E8%B5%8C%E4%B8%8B%E8%BD%BD&sd=24-b...
www.google-analytics.com
35 B
386 B
Image
General
Full URL
http://www.google-analytics.com/collect?v=1&_v=j79&a=1725850830&t=pageview&ni=1&_s=2&dl=http%3A%2F%2Fwww.ticff.org%2F&ul=en-us&de=UTF-8&dt=%E8%B5%8C%E5%8D%9A%E7%BD%91_%E6%AD%A3%E8%A7%84%E7%BD%91%E8%B5%8C%E4%B8%8B%E8%BD%BD&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgAAjB~&jid=&gjid=&cid=1319189626.1579924990&tid=UA-16154757-9&_gid=1330039965.1579924990&gtm=2wg1f1T78V54&z=500819239
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Jan 2020 18:25:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 17 May 1998 03:00:00 GMT
Server
Golfe2
Age
207483
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
35
Expires
Mon, 01 Jan 1990 00:00:00 GMT
page_views
www.juicer.io/api
0
823 B
XHR
General
Full URL
http://www.juicer.io/api/page_views
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://www.ticff.org/
Origin
http://www.ticff.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 25 Jan 2020 04:03:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding, Origin
X-Xss-Protection
1; mode=block
X-Request-Id
41ad95d5-9315-4a13-86eb-016b4cb3c1bb
X-Runtime
0.007165
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Via
1.1 vegur
Access-Control-Expose-Headers
Cache-Control
no-cache
CF-RAY
55a75b1addb7c2f4-FRA
visitWebPage?_mchNc=1579924991186&_mchCn=&_mchId=582-DXF-976&_mchTk=_mch-ticff.org-1579924991186-76568&_mchHo=www.ticff.org&_mchPo=&_mchRu=%2F&_mchPc=http%3A&_mchVr=156&_mchHa=&_mchRe=&_mchQp=
582-dxf-976.mktoresp.com/webevents
2 B
303 B
XHR
General
Full URL
http://582-dxf-976.mktoresp.com/webevents/visitWebPage?_mchNc=1579924991186&_mchCn=&_mchId=582-DXF-976&_mchTk=_mch-ticff.org-1579924991186-76568&_mchHo=www.ticff.org&_mchPo=&_mchRu=%2F&_mchPc=http%3A&_mchVr=156&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: http://munchkin.marketo.net/156/munchkin.js
Protocol
HTTP/1.1
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
akka-http/10.1.7 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://www.ticff.org/
Origin
http://www.ticff.org

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 25 Jan 2020 04:03:11 GMT
Content-Encoding
gzip
Server
akka-http/10.1.7
Transfer-Encoding
chunked
X-Request-Id
745129b4-8380-439f-84ab-8236ddb25682
Content-Type
text/plain; charset=UTF-8
hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1139500389&si=c5357786477b2fb26f65a5e835f492da&v=1.2.68&lv=1&sn=7211&ct=!!&tt=%E8%B5%8C%E5%8D%9A%E7%BD%91_%E6%AD%A3%E8%A7...
hm.baidu.com
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1139500389&si=c5357786477b2fb26f65a5e835f492da&v=1.2.68&lv=1&sn=7211&ct=!!&tt=%E8%B5%8C%E5%8D%9A%E7%BD%91_%E6%AD%A3%E8%A7%84%E7%BD%91%E8%B5%8C%E4%B8%8B%E8%BD%BD
Requested by
Host: www.ticff.org
URL: http://www.ticff.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Jan 2020 04:03:11 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
smartscript.js?v=2020.01.24.0
www.youvisit.com/SmartScript/latest
91 KB
24 KB
Script
General
Full URL
https://www.youvisit.com/SmartScript/latest/smartscript.js?v=2020.01.24.0
Requested by
Host: www.youvisit.com
URL: https://www.youvisit.com/tour/Embed/js3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.124 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-124.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd3cbb8f5e6198231569ea6d1331ee95e0da23bb634f73f3f1a167b94954337d

Request headers

Referer
http://www.ticff.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 24 Jan 2020 16:37:41 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 18:05:10 GMT
server
AmazonS3
age
41131
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
status
200
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
wgK8CgEjIE2EEUtS0E5XUUovUoxmAj6nhbUqNJLD_Ya-YaEiZjYFkA==
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://ticff.org/
  • http://www.ticff.org/
Request 12
  • http://www.googletagmanager.com/gtm.js?id=GTM-T78V54
  • https://www.googletagmanager.com/gtm.js?id=GTM-T78V54
Request 29
  • https://api.instagram.com/oembed?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
  • https://api.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
Request 39
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1725850830&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.ticff.org%2F&ul=en-us&de=UTF-8&dt=%E8%B5%8C%E5%8D%9A%E7%BD%91_%E6%AD%A3%E8%A7%84%E7%BD%91%E8%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_gid=1330039965.1579924990&gjid=2144731937&_v=j79&z=2001339941
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_v=j79&z=2001339941
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16154757-9&cid=1319189626.1579924990&jid=135632476&_v=j79&z=2001339941&slf_rd=1&random=2929652335
Request 41
  • https://api.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
  • https://www.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
Request 42
  • https://www.instagram.com/publicapi/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true
  • https://api.instagram.com/oembed/?url=//www.instagram.com/p/B7WrO9KhgkW/&hidecaption=true&omitscript=true

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| dataLayer object| _hmt object| google_tag_manager string| referrer string| channel string| ss function| $ function| jQuery undefined| _ undefined| Backbone function| _u object| JuicerBackbone function| EventEmitter object| eventie function| imagesLoaded function| strftime function| strftimeTZ function| strftimeUTC function| localizedStrftime function| jQueryBridget function| getWindowSize function| EvEmitter function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery object| Juicer object| JST object| Skim function| detectmob object| instas string| insta string| focusableElementsString undefined| focusedElementBeforeModal undefined| id function| trapEscapeKey function| trapTabKey function| setFocusToFirstItem function| openDrawer function| closeDrawer function| delay function| searchArray function| buildTabs function| buildResult function| search object| h boolean| stuck number| stickPoint function| getDistance object| Tabs object| vid function| Plyr number| jInterval object| tag object| firstScriptTag object| videoArray object| playerArray string| videoURL function| onYouTubeIframeAPIReady function| onPlayerReady string| PageviewURL boolean| _pauseFlag function| onPlayerStateChange function| enableYouTubeAPI function| _ytMigrateObjectEmbed string| iframeSrc object| jQuery1112019374382371738585 string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady number| diff number| w object| jQuery1124038222591025294905 function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| MunchkinTracker boolean| _bdhm_loaded_c5357786477b2fb26f65a5e835f492da object| mini_tangram_log_tn4e7j boolean| vt_initialized object| link string| vt_base_url string| vt_image_assets_url boolean| vt_run_checks object| vt_options undefined| yv_instid string| yv_detect_js_url boolean| vt_immediateLaunch string| page_session_id object| vt_links object| vt_bad_links boolean| inst_id_mismatch object| YVScript object| EmbedScript object| SuccessScript object| Success object| Analytics object| YVSmartScript

0 Cookies

4 Console Messages

Source Level URL
Text
console-api log URL: , Line 2, Column128
Message:
line 23
console-api log URL: , Line 2, Column151
Message:
[object Object]
console-api log URL: , Line 2, Column166
Message:
https://www.hbguanwei.com/?channel=S005&ref=
console-api log URL: https://www.youvisit.com/SmartScript/latest/smartscript.js?v=2020.01.24.0, Line 1, Column45511
Message:
RUNNING

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

582-dxf-976.mktoresp.com
admissions.xavier.edu
admit.xavier.edu
api.instagram.com
api.share.baidu.com
assets.juicer.io
hm.baidu.com
img.hbwobu.com
munchkin.marketo.net
push.zhanzhang.baidu.com
s.ytimg.com
scontent.cdninstagram.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
ticff.org
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hbguanwei.com
www.instagram.com
www.juicer.io
www.ticff.org
www.xavier.edu
www.youtube.com
www.youvisit.com
www.zjdymz.com


103.235.46.191
107.154.192.175
111.206.37.189
143.204.214.124
192.28.144.124
2001:4de0:ac19::1:b:1b
209.87.149.24
2600:9000:2057:b400:e:cdf0:6e80:93a1
2606:4700:20::681a:d57
2a00:1450:4001:800::200e
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:820::2003
2a00:1450:4001:820::2008
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9d
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
34.198.122.35
45.196.205.174
45.196.207.102
95.101.176.176

035861ded82b8f8d2c595f267b64f5ff129075f8b4061cc560d6b6e8faab8526
036a916c6b4a8812412855a1b4f81fc76efb24d8eb4f1403442c93c82a24db7c
0e5a62530601bcfd83a56fb46fa5af17c9aa6961d66a015e1ceae744aeb749aa
199e881ef3583afed5d65f626d5b6fea367c6c7caabb6c300300885a9ae031a7
1ba12b6334b65e731a558d1ff6227562ec65a6d08d33a1bb871be4bf25eb77e6
1d7b0b4006fda304521724c5679e08a271a6ef81b93d0c7602d103ad22c1006f
1e3482f9a3a582ab789faacf7c391aa49bd21f5f0fd4ca2d8ee8b3951bdb971b
1f47cbf7179821eba87b0ad304123e058ab5142e1db50163fd51709397d53dca
21b119071dde9b34a19317e57ba99f03df8d73c133a573fed3b88dff39b34eba
25d78094a2e4f5266d730955bd18bb8e8726830ad1ca68b5ac3682244a2ff9f3
2a6ce7e8796b3ad20ebca195d3424b34e0397063ae0fa76e340ca1c263694f99
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
32ae139e151f7791e98d343689350f9ea789051a75fd35e26bc77230fc77ea12
32bec30863d5d4a683c021ded4e0814055ec1c235ca53837073364fd2e0408f4
38d748decf09006c66457d34c7cabafa95b8695fd0208f99519c94f3283e8714
3912291454371fb11b4b8336f60ba1d0501040bfe65e1e5b4bb0c53e1956ecc6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
632f30ff405b737d566889cd6aa2faf93fb83959f34793394241ac89c4a415d4
656926c4ad6ebcea262d759065af619cc579b37ffc1cab4b34283e90ee6c0f84
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86d65b82d1cfca6ff13d4cd3b4f3d68a4cffc684a95217cbda34966fb4b96880
86f41347e3343ad51258a0f1877715ec60d10f6222371dd9fd8481c19b665df9
86f43ffc0bc5bc71f0b33c16092f91d7d10776839e1c6b2bb93ff3789eac7425
8a2dcec8412729ee92ece835ea3b9088efad24c8a20b9ead47aaac770da17bcc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
945fa7e621df51d30cc75166393cf8e11263f9a6aa6e3c75e6558af3e230669c
95bbfeab69fc7b8c1f1b1f2cacad72aabf8b449131aca92cfe63e18fd4dc8a38
a173db8ee13efa9fc8b7fb8ff66be08f9b82821a4c4a4350385ae1ff5a5622d6
b33aae11917318f98316c2dc647e118f1af425cc4ba85419132836cd69af39aa
b5ed14880aac78feeef4c0c30b77ad73d5c457d7232c5a04f831cab96e2aa00b
bd1b02895a92f07e2b158893adb953fe30f67a8e7b8f9820021510ff785e403f
bd3cbb8f5e6198231569ea6d1331ee95e0da23bb634f73f3f1a167b94954337d
c4532110595f6cca1eaff73527222c42dffde95b49aa72b33243be4735942362
c602784baedc5c049d1d66d5fd54516030c513dcb00d72b065b50bf448f4934d
ce485811156af83a4bda87a54ccf32ba85836b0aeb6273a75b4aa34bff25f1d5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7771fac935d7abad932b211a4393d7ab6dae444a902194dfe5fb8a6d52fb85f
d80c935baba6c6d22c6f60122f5080c68e9fb9aeb1c64d3744f68f0031f57b33
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4333dc906a57ee08a1af60932f4da4140732c86aaed6659706e619dd5bfe4bc
e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf
ec34c8fd553d6f472357e519075b485773f28f7afa96416f1f3b499ce3bc5d72
ecd6e5e330c163c76dbf9322337bba9596773eaac07b4c3e99e96e42ce7ebbf5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b0c34fb0314b0f90400905b924d6805c692ce2b53f750cd12f88bd9aa32d0
f08e70626ae1cc87844b612d3c90fe60bfc4eb42708c19bb279efb046011eb27
fe385d016031c215aaeb337fd288db2c444972ff1432f1d5a86f4b9c2ebec06e