urlscan.io logo urlscan.io
SecurityTrails logo

159.89.215.96 Open in urlscan Pro
159.89.215.96  Public Scan

Go To Rescan Add Verdict Report
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Submission: On August 10 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 31 HTTP transactions. The main IP is 159.89.215.96, located in Vancouver, Canada and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is 159.89.215.96.
This is the only time 159.89.215.96 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 159.89.215.96 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 205.185.208.52 20446 (HIGHWINDS3)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
31 10
12    159.89.215.96 (Vancouver, Canada)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
159.89.215.96
matkafasi.com
1    2a00:1450:4001:81c::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2400:cb00:2048:1::6818:1241 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.mathjax.org
5    2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
2    2400:cb00:2048:1::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
2    2a00:1450:4001:810::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
3    2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
Domain Requested by
5 pagead2.googlesyndication.com 159.89.215.96
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 matkafasi.com 159.89.215.96
2 fonts.gstatic.com 159.89.215.96
2 www.google-analytics.com 159.89.215.96
2 cdnjs.cloudflare.com cdn.mathjax.org
cdnjs.cloudflare.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 code.jquery.com 159.89.215.96
1 cdn.mathjax.org 159.89.215.96
1 fonts.googleapis.com 159.89.215.96
31 11

This site contains links to these domains. Also see Links.

Domain
www.q2apro.com
twitter.com
plus.google.com
www.facebook.com
Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-04-14 -
2018-10-21		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-07-24 -
2018-10-02		 2 months crt.sh
*.google.com
Google Internet Authority G3		 2018-07-24 -
2018-10-02		 2 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-07-24 -
2018-10-02		 2 months crt.sh

This page contains 6 frames:

Primary Page: http://159.89.215.96/benefits-returns-depos/750f54e754d
Frame ID: 81FCC66425C44273DEC9D4E95E5825BA
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180806/r20180604/zrt_lookup.html
Frame ID: D584EB9F89A47A02BC72A9FBDD5B58DB
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Frame ID: BA8B04A5E9DD4BAA42218FDAD3DD2B91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8666334690488866&output=html&adk=1812271804&adf=3025194257&lmt=1533925460&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A34635776&guci=1.2.0.0.2.2.0&format=0x0&url=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1533925460563&bpp=9&bdt=244&fdt=15&idt=152&shv=r20180806&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=6229080604634&frm=20&pv=2&ga_vid=1466257758.1533925461&ga_sid=1533925461&ga_hid=1199594050&ga_fc=0&iag=0&icsg=8532778&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226400&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=0&fsb=1&dtd=185
Frame ID: 3047DB4DDC90C1DFA8E855CD7B39DF60
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Frame ID: D8EF2F25696892EE0561BA9A94628883
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8666334690488866&output=html&h=450&slotname=9101065879&adk=3018653034&adf=1873231546&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1533925460&rafmt=9&guci=1.2.0.0.2.2.0&format=750x450&url=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1533925460579&bpp=10&bdt=260&fdt=182&idt=184&shv=r20180806&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6229080604634&frm=20&pv=1&ga_vid=1466257758.1533925461&ga_sid=1533925461&ga_hid=1199594050&ga_fc=0&iag=0&icsg=42087210&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226400&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=rI9xlhqcgP&p=http%3A//159.89.215.96&dtd=193
Frame ID: 3A3EADB942737A4EBBE2FDDAB4C75A67
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\.\/qa-content\/qa-page\.js\?([0-9.]+)/i
Overall confidence: 100%
Detected patterns
  • script /mathjax\.js/i
  • env /^MathJax$/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.\/qa-content\/qa-page\.js\?([0-9.]+)/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

31
Requests

35 %
HTTPS

80 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

395 kB
Transfer

1162 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 20
  • http://www.google-analytics.com/r/collect?v=1&_v=j68&a=1199594050&t=pageview&_s=1&dl=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ul=en-us&de=UTF-8&dt=Matematik%20Kafas%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1807848765&gjid=1469594458&cid=1466257758.1533925461&tid=UA-58949255-1&_gid=1038240038.1533925461&_r=1&z=761146349 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1199594050&t=pageview&_s=1&dl=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ul=en-us&de=UTF-8&dt=Matematik%20Kafas%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1807848765&gjid=1469594458&cid=1466257758.1533925461&tid=UA-58949255-1&_gid=1038240038.1533925461&_r=1&z=761146349

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 750f54e754d
159.89.215.96/benefits-returns-depos/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.0
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4891d48c776722fc188d09492691f6cef92af73b1bd6cb8de90a66abe860b1fa

Request headers

Host
159.89.215.96
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
81FCC66425C44273DEC9D4E95E5825BA

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; path=/ qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk; expires=Sun, 12-Aug-2018 18:24:20 GMT; Max-Age=172800; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
3917
Connection
close
Content-Type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:400&subset=latin,latin-ext
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b5f1fc9a6eb0c452989d6f29c26f4a1d592841c472543b04f754398a193c3c99
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Aug 2018 18:24:20 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Fri, 10 Aug 2018 18:24:20 GMT
qa-styles.css
159.89.215.96/qa-theme/q2apro-diligent/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://159.89.215.96/qa-theme/q2apro-diligent/qa-styles.css?1.7.0
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
761227c98e52d8140750142f229bd1f590a6e13fb39c326fa756958480ecec98

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
159.89.215.96
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk
Connection
keep-alive
Cache-Control
no-cache
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 00:05:58 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11233
Expires
Thu, 15 Apr 2020 20:00:00 GMT
MathJax.js
cdn.mathjax.org/mathjax/latest/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:1241 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbdf0bdfb5a004d5a6f61ebd4199655021ebb144e2928f1859f4dc2dad45f2f

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-GUploader-UploadID
AEnB2UrF3mE6ujDXZLgA-SNB8B3ChISBkFYcYJF4we1ctyLJA2sdkxVYqF0aGpNv9P3Ml7723DpLXCOVkR9d2jaPYrOimgbEVQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
Last-Modified
Thu, 04 May 2017 15:26:57 GMT
Server
cloudflare
ETag
W/"8bafcfb6872e60dd315531cc5a91a521"
Vary
Accept-Encoding
x-goog-hash
crc32c=2urwGw==, md5=i6/PtocuYN0xVTHMWpGlIQ==
x-goog-generation
1493911617315000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
public, max-age=16070400
Transfer-Encoding
chunked
x-goog-stored-content-length
1657
CF-RAY
44847faf17bb96a0-FRA
Expires
Tue, 12 Feb 2019 18:24:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
21b2464712a1488cfd6d3aa50c85a50804cae0be6dc456a1e7b09c3a48d9e7f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13180898269417573360
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
27675
X-XSS-Protection
1; mode=block
Expires
Fri, 10 Aug 2018 18:24:20 GMT
jquery-latest.min.js
code.jquery.com/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-latest.min.js
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
"54499a48-1762a"
Vary
Accept-Encoding
X-HW
1533925460.dop012.fr8.t,1533925460.cds035.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38821
qa-page.js
159.89.215.96/qa-content/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://159.89.215.96/qa-content/qa-page.js?1.7.0
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
da67c614d54fbe16362759aee815bbeb82d0b9f9a6d178956a56742cf3c6e6cd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
159.89.215.96
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk
Connection
keep-alive
Cache-Control
no-cache
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jan 2015 22:30:46 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1598
Expires
Thu, 15 Apr 2020 20:00:00 GMT
script.js
matkafasi.com/qa-plugin/q2apro-cool-tooltips/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://matkafasi.com/qa-plugin/q2apro-cool-tooltips/script.js
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bd21047d8e7ecd50e6ffe24b4e6abd125afc1b515fb644cd3feb0e86a6c7d728

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 20:31:24 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2589
Expires
Thu, 15 Apr 2020 20:00:00 GMT
script.js
159.89.215.96/qa-plugin/q2apro-on-site-notifications/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://159.89.215.96/qa-plugin/q2apro-on-site-notifications/script.js
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6d603ac22febc66e359bba1bcd69d601a609246e6a6da68dc4f765b6b8b4c1fa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
159.89.215.96
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk
Connection
keep-alive
Cache-Control
no-cache
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 20:31:28 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1041
Expires
Thu, 15 Apr 2020 20:00:00 GMT
styles.css
159.89.215.96/qa-plugin/q2apro-on-site-notifications/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://159.89.215.96/qa-plugin/q2apro-on-site-notifications/styles.css
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
830ee9716687341b1e819b2d3baec668b707b3cfeec424fb20f7709165b52b6a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
159.89.215.96
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk
Connection
keep-alive
Cache-Control
no-cache
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 20:31:28 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1110
Expires
Thu, 15 Apr 2020 20:00:00 GMT
script.js
matkafasi.com/qa-plugin/q2apro-quick-login/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://matkafasi.com/qa-plugin/q2apro-quick-login/script.js
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
217df95a7f3f72d14c70a9e91257859a69c664a47ac717f48f743ea24e4b3aee

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 20:31:30 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
673
Expires
Thu, 15 Apr 2020 20:00:00 GMT
logo2.png
matkafasi.com/files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://matkafasi.com/files/logo2.png
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ad8093b13e610fb309388f6e13120e39cea14e25ed1f829f7ba83956db278d81

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Last-Modified
Mon, 16 Feb 2015 02:06:54 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6178
Expires
Thu, 15 Apr 2020 20:00:00 GMT
zocial.css
159.89.215.96/qa-plugin/q2a-open-login-master/css/ 		64 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://159.89.215.96/qa-plugin/q2a-open-login-master/css/zocial.css
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f0be00b51f95ff5e3e8636cc35bbf133e42b8e0507d326d4e9b8501aa0d51fb3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
159.89.215.96
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk
Connection
keep-alive
Cache-Control
no-cache
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Jan 2015 15:49:08 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Thu, 15 Apr 2020 20:00:00 GMT
MathJax.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS-MML_HTMLorMML
Requested by
Host: cdn.mathjax.org
URL: http://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48344fd55558bbeb600062a175d052979f9ece87c7299788f8ecf16a46c87bf6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 Aug 2018 18:24:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.003
last-modified
Thu, 17 May 2018 09:22:39 GMT
server
cloudflare
etag
W/"5afd49df-f648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
44847fafdd3397b6-FRA
expires
Wed, 31 Jul 2019 18:24:20 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
5131
date
Fri, 10 Aug 2018 16:58:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Fri, 10 Aug 2018 18:58:49 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
gradients.png
159.89.215.96/qa-theme/q2apro-diligent/ 		735 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://159.89.215.96/qa-theme/q2apro-diligent/gradients.png
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2187357c82322f2af4507024649eb9ff8691e8aba423bfd99ca12c016c1734c2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
159.89.215.96
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://159.89.215.96/qa-theme/q2apro-diligent/qa-styles.css?1.7.0
Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk
Connection
keep-alive
Cache-Control
no-cache
Referer
http://159.89.215.96/qa-theme/q2apro-diligent/qa-styles.css?1.7.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Last-Modified
Thu, 12 Feb 2015 00:05:58 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
735
Expires
Thu, 15 Apr 2020 20:00:00 GMT
elements.png
159.89.215.96/qa-theme/q2apro-diligent/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://159.89.215.96/qa-theme/q2apro-diligent/elements.png
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f31603c2cd81f906390d915dbb89fcbc1c41834a78cdbd3ad69e6b62866432dc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
159.89.215.96
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://159.89.215.96/qa-theme/q2apro-diligent/qa-styles.css?1.7.0
Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk
Connection
keep-alive
Cache-Control
no-cache
Referer
http://159.89.215.96/qa-theme/q2apro-diligent/qa-styles.css?1.7.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Last-Modified
Thu, 12 Feb 2015 00:05:58 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
35134
Expires
Thu, 15 Apr 2020 20:00:00 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Open+Sans:400&subset=latin,latin-ext
Origin
http://159.89.215.96

Response headers

Date
Mon, 16 Jul 2018 09:16:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 21:49:46 GMT
Server
sffe
Age
2192842
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
8892
X-XSS-Protection
1; mode=block
Expires
Tue, 16 Jul 2019 09:16:58 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v15/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
676fb70994eb3dc2e6aad2e42e8a027c57c069238a606f7e6bf08099f7d3e0f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Open+Sans:400&subset=latin,latin-ext
Origin
http://159.89.215.96

Response headers

Date
Fri, 13 Jul 2018 03:22:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 21:49:45 GMT
Server
sffe
Age
2473332
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
7176
X-XSS-Protection
1; mode=block
Expires
Sat, 13 Jul 2019 03:22:08 GMT
spinner-icon.gif
159.89.215.96/qa-theme/q2apro-diligent/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://159.89.215.96/qa-theme/q2apro-diligent/spinner-icon.gif
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js
Protocol
HTTP/1.1
Server
159.89.215.96 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5a250d56e80a814ab976503916b7d37eced1cfd1a5a0a5c28114ae3327c5cee4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
159.89.215.96
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://159.89.215.96/qa-theme/q2apro-diligent/qa-styles.css?1.7.0
Cookie
PHPSESSID=l4ku2e63v0tql013nqb9ai6qa6; qa_key=s34b0tra1pgrh1p6egoejww3aabbudvk
Connection
keep-alive
Cache-Control
no-cache
Referer
http://159.89.215.96/qa-theme/q2apro-diligent/qa-styles.css?1.7.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Last-Modified
Thu, 12 Feb 2015 00:05:58 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3977
Expires
Thu, 15 Apr 2020 20:00:00 GMT
TeX-AMS-MML_HTMLorMML.js
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/config/ 		238 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/config/TeX-AMS-MML_HTMLorMML.js?V=2.7.1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS-MML_HTMLorMML
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df260b35bb9f49c0d937fcbf0ec13fb661b0d281528aec977aee6a8c3f83688
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 Aug 2018 18:24:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.003
last-modified
Thu, 17 May 2018 09:23:44 GMT
server
cloudflare
etag
W/"5afd4a20-3b80d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
44847fb03d8b97b6-FRA
expires
Wed, 31 Jul 2019 18:24:20 GMT
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j68&a=1199594050&t=pageview&_s=1&dl=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ul=en-us&de=UTF-8&dt=Matematik%20Kafas%C4%B1&s...
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1199594050&t=pageview&_s=1&dl=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ul=en-us&de=UTF-8&dt=Matematik%20Kafas%C4%B1&...
35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1199594050&t=pageview&_s=1&dl=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ul=en-us&de=UTF-8&dt=Matematik%20Kafas%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1807848765&gjid=1469594458&cid=1466257758.1533925461&tid=UA-58949255-1&_gid=1038240038.1533925461&_r=1&z=761146349
Requested by
Host: 159.89.215.96
URL: http://159.89.215.96/benefits-returns-depos/750f54e754d
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Aug 2018 18:24:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1199594050&t=pageview&_s=1&dl=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ul=en-us&de=UTF-8&dt=Matematik%20Kafas%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1807848765&gjid=1469594458&cid=1466257758.1533925461&tid=UA-58949255-1&_gid=1038240038.1533925461&_r=1&z=761146349
Non-Authoritative-Reason
HSTS
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=159.89.215.96
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Aug 2018 18:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=159.89.215.96
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Aug 2018 18:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-8666334690488866.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		68 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8666334690488866.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 10 Aug 2018 08:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
age
35854
content-type
text/javascript
status
200
cache-control
public, max-age=43200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
88
x-xss-protection
1; mode=block
expires
Fri, 10 Aug 2018 20:26:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180806/r20180604/ Frame D584 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180806/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180806/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
81FCC66425C44273DEC9D4E95E5825BA
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 07 Aug 2018 05:48:59 GMT
expires
Tue, 21 Aug 2018 05:48:59 GMT
content-type
text/html; charset=UTF-8
etag
7521803712505135873
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6934
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
304521
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/ Frame BA8B 		187 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
84cdebcd86f0eeaf2bcc1df3a48715c85ce7aac601b186b634f74a7561407650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5624220501969597904
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
70926
X-XSS-Protection
1; mode=block
Expires
Fri, 10 Aug 2018 18:24:20 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3047 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8666334690488866&output=html&adk=1812271804&adf=3025194257&lmt=1533925460&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A34635776&guci=1.2.0.0.2.2.0&format=0x0&url=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1533925460563&bpp=9&bdt=244&fdt=15&idt=152&shv=r20180806&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=6229080604634&frm=20&pv=2&ga_vid=1466257758.1533925461&ga_sid=1533925461&ga_hid=1199594050&ga_fc=0&iag=0&icsg=8532778&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226400&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=0&fsb=1&dtd=185
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8666334690488866&output=html&adk=1812271804&adf=3025194257&lmt=1533925460&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A34635776&guci=1.2.0.0.2.2.0&format=0x0&url=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1533925460563&bpp=9&bdt=244&fdt=15&idt=152&shv=r20180806&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=6229080604634&frm=20&pv=2&ga_vid=1466257758.1533925461&ga_sid=1533925461&ga_hid=1199594050&ga_fc=0&iag=0&icsg=8532778&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226400&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=0&fsb=1&dtd=185
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
81FCC66425C44273DEC9D4E95E5825BA
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 10 Aug 2018 18:24:20 GMT
server
cafe
cache-control
private
content-length
82
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Aug-2018 18:39:20 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Fri, 10 Aug 2018 18:24:20 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2ea3ff820ddb55c4c951ff1c0fbfe8590ebff986b806fb351f2f32aded2fefc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 Aug 2018 04:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26268
x-xss-protection
1; mode=block
server
cafe
etag
2346024023569693673
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Aug 2018 04:54:34 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/ Frame D8EF 		187 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
84cdebcd86f0eeaf2bcc1df3a48715c85ce7aac601b186b634f74a7561407650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Fri, 10 Aug 2018 18:24:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
5624220501969597904
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
70926
X-XSS-Protection
1; mode=block
Expires
Fri, 10 Aug 2018 18:24:20 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3A3E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8666334690488866&output=html&h=450&slotname=9101065879&adk=3018653034&adf=1873231546&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1533925460&rafmt=9&guci=1.2.0.0.2.2.0&format=750x450&url=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1533925460579&bpp=10&bdt=260&fdt=182&idt=184&shv=r20180806&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6229080604634&frm=20&pv=1&ga_vid=1466257758.1533925461&ga_sid=1533925461&ga_hid=1199594050&ga_fc=0&iag=0&icsg=42087210&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226400&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=rI9xlhqcgP&p=http%3A//159.89.215.96&dtd=193
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180806/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8666334690488866&output=html&h=450&slotname=9101065879&adk=3018653034&adf=1873231546&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1533925460&rafmt=9&guci=1.2.0.0.2.2.0&format=750x450&url=http%3A%2F%2F159.89.215.96%2Fbenefits-returns-depos%2F750f54e754d&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1533925460579&bpp=10&bdt=260&fdt=182&idt=184&shv=r20180806&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6229080604634&frm=20&pv=1&ga_vid=1466257758.1533925461&ga_sid=1533925461&ga_hid=1199594050&ga_fc=0&iag=0&icsg=42087210&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=344&ady=254&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226400&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&fsb=1&xpc=rI9xlhqcgP&p=http%3A//159.89.215.96&dtd=193
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://159.89.215.96/benefits-returns-depos/750f54e754d
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
81FCC66425C44273DEC9D4E95E5825BA
Referer
http://159.89.215.96/benefits-returns-depos/750f54e754d

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 10 Aug 2018 18:24:20 GMT
server
cafe
cache-control
private
content-length
82
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Aug-2018 18:39:20 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Fri, 10 Aug 2018 18:24:20 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| GoogleAnalyticsObject function| ga object| adsbygoogle string| qa_root string| qa_request function| $ function| jQuery function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error string| eventnotifyAjaxURL object| b object| MathJax object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy number| google_unique_id undefined| module object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

6 Cookies

Domain/Path Name / Value
159.89.215.96/ Name: PHPSESSID
Value: l4ku2e63v0tql013nqb9ai6qa6
159.89.215.96/ Name: _gid
Value: GA1.1.1038240038.1533925461
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
159.89.215.96/ Name: _ga
Value: GA1.1.1466257758.1533925461
159.89.215.96/ Name: qa_key
Value: s34b0tra1pgrh1p6egoejww3aabbudvk
159.89.215.96/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
console-api warning URL: http://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML(Line 32)
Message:
WARNING: cdn.mathjax.org has been retired. Check https://www.mathjax.org/cdn-shutting-down/ for migration tips.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.mathjax.org
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
matkafasi.com
pagead2.googlesyndication.com
www.google-analytics.com
159.89.215.96
205.185.208.52
2400:cb00:2048:1::6813:c597
2400:cb00:2048:1::6818:1241
2a00:1450:4001:810::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:821::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
217df95a7f3f72d14c70a9e91257859a69c664a47ac717f48f743ea24e4b3aee
2187357c82322f2af4507024649eb9ff8691e8aba423bfd99ca12c016c1734c2
21b2464712a1488cfd6d3aa50c85a50804cae0be6dc456a1e7b09c3a48d9e7f0
2ea3ff820ddb55c4c951ff1c0fbfe8590ebff986b806fb351f2f32aded2fefc4
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
48344fd55558bbeb600062a175d052979f9ece87c7299788f8ecf16a46c87bf6
4891d48c776722fc188d09492691f6cef92af73b1bd6cb8de90a66abe860b1fa
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a250d56e80a814ab976503916b7d37eced1cfd1a5a0a5c28114ae3327c5cee4
676fb70994eb3dc2e6aad2e42e8a027c57c069238a606f7e6bf08099f7d3e0f8
6d603ac22febc66e359bba1bcd69d601a609246e6a6da68dc4f765b6b8b4c1fa
761227c98e52d8140750142f229bd1f590a6e13fb39c326fa756958480ecec98
830ee9716687341b1e819b2d3baec668b707b3cfeec424fb20f7709165b52b6a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cdebcd86f0eeaf2bcc1df3a48715c85ce7aac601b186b634f74a7561407650
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
8df260b35bb9f49c0d937fcbf0ec13fb661b0d281528aec977aee6a8c3f83688
ad8093b13e610fb309388f6e13120e39cea14e25ed1f829f7ba83956db278d81
b5f1fc9a6eb0c452989d6f29c26f4a1d592841c472543b04f754398a193c3c99
bbbdf0bdfb5a004d5a6f61ebd4199655021ebb144e2928f1859f4dc2dad45f2f
bd21047d8e7ecd50e6ffe24b4e6abd125afc1b515fb644cd3feb0e86a6c7d728
da67c614d54fbe16362759aee815bbeb82d0b9f9a6d178956a56742cf3c6e6cd
f0be00b51f95ff5e3e8636cc35bbf133e42b8e0507d326d4e9b8501aa0d51fb3
f31603c2cd81f906390d915dbb89fcbc1c41834a78cdbd3ad69e6b62866432dc