urlscan.io logo urlscan.io
SecurityTrails logo

www.chtoen.com Open in urlscan Pro
2a05:d014:776:a63f:551c:5660:31da:fe01  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chtoen.com/
Effective URL: https://www.chtoen.com/
Submission Tags: tranco_l324
Submission: On April 14 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 2a05:d014:776:a63f:551c:5660:31da:fe01, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.chtoen.com.
TLS certificate: Issued by R3 on March 7th 2024. Valid for: 3 months.
This is the only time www.chtoen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2a05:d014:776... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 172.67.199.186 13335 (CLOUDFLAR...)
1 1 54.172.32.237 14618 (AMAZON-AES)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 172.64.136.15 13335 (CLOUDFLAR...)
1 172.64.137.15 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
7 172.67.170.144 13335 (CLOUDFLAR...)
4 2a03:2880:f17... 32934 (FACEBOOK)
47 12
16    2a05:d014:776:a63f:551c:5660:31da:fe01 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
chtoen.com
www.chtoen.com
1    2606:4700:3035::6815:2a20 (United States)

ASN13335 (CLOUDFLARENET, US)
privacy.gatekeeperconsent.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    172.67.199.186 (United States)

ASN13335 (CLOUDFLARENET, US)
the.gatekeeperconsent.com
1    54.172.32.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-32-237.compute-1.amazonaws.com
abzcoupon.com
1    2600:9000:225e:9200:2:7984:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.affiliates.one
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    172.64.136.15 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
1    172.64.137.15 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
g.ezodn.com
6    2606:4700:3034::6815:3f6a (United States)

ASN13335 (CLOUDFLARENET, US)
www.ezojs.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    172.67.170.144 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ezojs.com
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
16 chtoen.com
chtoen.com
www.chtoen.com
695 KB
13 ezojs.com
www.ezojs.com — Cisco Umbrella Rank: 16004
38 KB
7 gatekeeperconsent.com
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 48062
the.gatekeeperconsent.com — Cisco Umbrella Rank: 14238
193 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
2 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 10784
g.ezodn.com — Cisco Umbrella Rank: 14520
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
91 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
159 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2548
253 B
1 affiliates.one
cdn.affiliates.one — Cisco Umbrella Rank: 455831
4 KB
1 abzcoupon.com
abzcoupon.com
486 B
47 10
Domain Requested by
15 www.chtoen.com www.chtoen.com
www.ezojs.com
13 www.ezojs.com www.chtoen.com
6 the.gatekeeperconsent.com www.chtoen.com
the.gatekeeperconsent.com
www.ezojs.com
4 www.facebook.com connect.facebook.net
2 connect.facebook.net www.chtoen.com
connect.facebook.net
2 www.googletagmanager.com www.chtoen.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 g.ezodn.com www.chtoen.com
1 go.ezodn.com www.chtoen.com
1 cdn.affiliates.one www.chtoen.com
1 abzcoupon.com 1 redirects
1 privacy.gatekeeperconsent.com www.chtoen.com
1 chtoen.com 1 redirects
47 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
afftck.com
tlcafftrax.com
michael.chtoen.com
g.ezoic.net
Subject Issuer Validity Valid
chtoen.com
R3		 2024-03-07 -
2024-06-05		 3 months crt.sh
gatekeeperconsent.com
GTS CA 1P5		 2024-02-26 -
2024-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-22 -
2024-04-21		 3 months crt.sh
ezodn.com
E1		 2024-02-23 -
2024-05-23		 3 months crt.sh
www.ezojs.com
GTS CA 1P5		 2024-03-05 -
2024-06-03		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.chtoen.com/
Frame ID: F9F672032DC3ECC3EC5B162211F4FD93
Requests: 42 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=370869749602419&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1462830814621abd%26domain%3Dwww.chtoen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.chtoen.com%252Ffab665412acd65a61%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FCh2En&layout=button_count&locale=zh_TW&sdk=joey&share=false&show_faces=false&width=85
Frame ID: 8A0018728EC0557308BD89598D5D9D6D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=370869749602419&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfec238a30d31588da%26domain%3Dwww.chtoen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.chtoen.com%252Ffab665412acd65a61%26relation%3Dparent.parent&container_width=740&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCh2En&locale=zh_TW&sdk=joey&show_facepile=true&show_posts=false&tabs=timeline&width=500
Frame ID: 543EF363C2D2CF149B4FB2A94DD702B3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/comments.php?app_id=370869749602419&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0cd09cdd58d582b7%26domain%3Dwww.chtoen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.chtoen.com%252Ffab665412acd65a61%26relation%3Dparent.parent&container_width=1570&height=100&href=http%3A%2F%2Fwww.chtoen.com%2F&locale=zh_TW&numposts=2&order_by=reverse_time&sdk=joey&version=v8.0&width=
Frame ID: 7F7356B66976F082B219BC1F837152C3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=370869749602419&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7fa8889158092bca%26domain%3Dwww.chtoen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.chtoen.com%252Ffab665412acd65a61%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FCh2En&layout=button_count&locale=zh_TW&sdk=joey&share=false&show_faces=false&width=85
Frame ID: ABD2CDA1405724B633FE8F84DFF94880
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

中英物語是中翻英網站,專門翻譯難翻譯成英文的中文,如人瑞、好笑的梗、親和力等!ChToEn Helps You Translate Hard-to-Translate-to-English Chinese Terms to English Terms!

Page URL History Show full URLs

  1. http://chtoen.com/ HTTP 307
    https://chtoen.com/ HTTP 301
    https://www.chtoen.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

47
Requests

98 %
HTTPS

62 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

1183 kB
Transfer

3289 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chtoen.com/ HTTP 307
    https://chtoen.com/ HTTP 301
    https://www.chtoen.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://abzcoupon.com/track/imp/img/130758/ce2bc2bf9a0127daf19cbd2e8d2b891473624ccf77ebf0ab416db4026f0c HTTP 302
  • https://cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/130758/5a02c667d41d4b80315697b2f1f8c85f52e057817f62e17619ada5ec5cac912b_1540.png?wl=8&image_creative_id=130758&offer_id=1540&offer_variant_id=6788&network_id=200&affiliate_id=1626&affiliate_offer_id=530330

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.chtoen.com/
Redirect Chain
  • http://chtoen.com/
  • https://chtoen.com/
  • https://www.chtoen.com/
50 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 / PHP/5.5.38
Resource Hash
f860225c04fce3b72212f26c880a54ee3748a5c9860aa3df824a280d7d4ec580

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html
date
Sun, 14 Apr 2024 07:04:28 UTC
display
pub_site_sol
expires
Sat, 13 Apr 2024 07:04:28 GMT
pagespeed
off
response
200
server
nginx/1.12.2
vary
Accept-Encoding,User-Agent
x-ez-minify-html
16.51% 40893 / 48982
x-ezoic-cdn
Hit ds;mm;80a54f55140d283f075f7a4acfb4b747;2-289902-35;ff3fd475-0ec4-48c7-73cc-1b14e6009c0e
x-middleton-display
pub_site_sol
x-middleton-response
200
x-origin-cache-control
max-age=86400
x-powered-by
PHP/5.5.38
x-sol
pub_site

Redirect headers

cache-control
public, max-age=604800
content-encoding
br
content-type
text/html
date
Sun, 14 Apr 2024 07:04:27 UTC
display
staticcontent_sol
location
https://www.chtoen.com/
pagespeed
off
response
301
server
nginx/1.12.2
vary
Accept-Encoding,User-Agent,Origin
x-ez-cache-layer-info
abtest:mod99-c,cdn:65bb248c-c7e1-4802-7dbb-4080e469eedf,template:pub_site
x-ez-minify-html
8.65% 169 / 185
x-ezoic-cdn
Hit ds;ms;2328289d6cb1aecbc9bf4a0fcab69ddb;2-289902-35;65bb248c-c7e1-4802-7dbb-4080e469eedf
x-middleton-display
staticcontent_sol
x-middleton-response
301
x-origin-cache-control
x-sol
pub_site
tcf2_stub.js
privacy.gatekeeperconsent.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.gatekeeperconsent.com/tcf2_stub.js
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2a20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGXwQ%2BKml1ZaONSzEE7JhSW5RUKCcs7VLSQwGLWOYZbucyQAxS%2FL0mdhERcflEb4%2FIm7ixPg720NbI4dYDMNKB8DdIFt8%2BfsCFHevZ9Vf4O81hmciBNwdOBHoJqFHHFXhW6rIlFrkjS3PVO%2FkZBkB7CLfLXyVmFdxp7L1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15780000, public
cf-ray
8741d7889a703a67-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16331158-14
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2462370bea788e7da82f22eee6204bb4966459277190945703730d26d8f08e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73606
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Apr 2024 07:04:28 GMT
cmp.js
the.gatekeeperconsent.com/v2/ 		146 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/v2/cmp.js?v=195
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1265b079b8ad692aaa28540ab372c01a32fb5dedc8d76943375bc1797bfce3c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 Apr 2024 16:15:39 GMT
server
cloudflare
age
999641
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLWTTibg8Pb2EnR5UeX3XUXTDrL6gN1F7fVcjbbx3tkiyViiim0nVe%2BTBFlmKP3nlbpyWRr0%2Fms12UnEVdaiovuCtmGzphkveyb1kIM3LS2MdBQCz72cBTBAv3%2F9tXvr0oI8jx19p5P9lXV6"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
8741d788fdae3736-FRA
alt-svc
h3=":443"; ma=86400
loading.jpg
www.chtoen.com/css/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/css/loading.jpg
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
35eb9f64b62f88c2353343fc8b0055073e5373c7e12e643ff3ad86718db0b5fb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
false
response
200
last-modified
Sat, 26 Jan 2019 16:08:51 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5c4c8613-159e-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;40f44c0d8db801667ad632bb6d3a3c51;2-289902-35;f02ad849-8dd3-4779-57cb-c66e1a6db337
content-type
image/jpeg
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
check.png
www.chtoen.com/image/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/image/check.png
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9144e08d60d2140c7b6f8b88419ce64e9abf68ab3b152b56dd13dd5b8408f569

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 11 Dec 2018 01:54:37 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5c0f18dd-223b-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;f646375fd36c7919eedb6f4593a18156;2-289902-35;5d8ce35c-7ef8-4341-5beb-092167d49077
content-type
image/png
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
cross.png
www.chtoen.com/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/image/cross.png
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
5018a56846eb443922f07b45d19ef4250c3f4850de0e480b2e7fda39cf154c6d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 11 Dec 2018 01:54:36 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5c0f18dc-1415-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;28b767c3d50269b7376b4702a432ec8e;2-289902-35;28832fbb-ec7f-46a2-5fe7-928923b0128b
content-type
image/png
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
%E6%8B%8D%E8%83%B8%E8%84%AF%E7%9A%84%E7%94%B7%E7%94%9F.jpg
www.chtoen.com/image/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/image/%E6%8B%8D%E8%83%B8%E8%84%AF%E7%9A%84%E7%94%B7%E7%94%9F.jpg
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0b1e5fca874743a4e5a217a0e13ee730e885715c44c4c488961701051fedba45

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
true
response
200
last-modified
Sun, 16 Aug 2020 09:37:15 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5f38fe4b-1a23c-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;db1d7657cff85e8bc2fd3ed166e89649;2-289902-35;af698bcc-a344-4b83-51bb-fad1f15327b6
content-type
image/jpeg
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
5a02c667d41d4b80315697b2f1f8c85f52e057817f62e17619ada5ec5cac912b_1540.png
cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/130758/
Redirect Chain
  • https://abzcoupon.com/track/imp/img/130758/ce2bc2bf9a0127daf19cbd2e8d2b891473624ccf77ebf0ab416db4026f0c
  • https://cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/130758/5a02c667d41d4b80315697b2f1f8c85f52e057817f62e17619ada5ec5cac912b_1540.png?wl=8&image_creative_id=130758&offer_id=...
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/130758/5a02c667d41d4b80315697b2f1f8c85f52e057817f62e17619ada5ec5cac912b_1540.png?wl=8&image_creative_id=130758&offer_id=1540&offer_variant_id=6788&network_id=200&affiliate_id=1626&affiliate_offer_id=530330
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Server
2600:9000:225e:9200:2:7984:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f4a89c047e68743297926f80fc6b4c31c0b526680a7e59cf6151a6b518eb1ea

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.chtoen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Feb 2024 22:32:10 GMT
x-amz-version-id
null
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 01:53:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
5473939
etag
"72d46f0515681053946a177e191ceba3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315576000
accept-ranges
bytes
content-length
4138
x-amz-cf-id
ogl4kUe89ga_3H8aXch9jAfwvqEkLKAcwBFaAc_rC_2MNr6jK4xBNQ==

Redirect headers

x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.085335
date
Sun, 14 Apr 2024 07:04:28 GMT
server
Apache/2.4.18 (Ubuntu)
x-powered-by
Phusion Passenger 5.1.12
p3p
CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
location
https://cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/130758/5a02c667d41d4b80315697b2f1f8c85f52e057817f62e17619ada5ec5cac912b_1540.png?wl=8&image_creative_id=130758&offer_id=1540&offer_variant_id=6788&network_id=200&affiliate_id=1626&affiliate_offer_id=530330
status
302 Found
content-type
text/html; charset=utf-8
cache-control
no-cache
x-rack-cache
miss
x-request-id
3af3ab8071f79e022a3d66cf5b3d17f5
up-arrow.png
www.chtoen.com/css/ 		612 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/css/up-arrow.png
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f48af1f07cd6e48885bcfcc9e30785672f333e2eadf05520feecf68968187b7f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 11 Dec 2018 01:54:38 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5c0f18de-264-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;070b4926f4d62fe5d30e516b34d6400f;2-289902-35;ced6fc2a-8980-436d-66f8-9ab5d22d639e
content-type
image/png
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
down-arrow.png
www.chtoen.com/css/ 		674 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/css/down-arrow.png
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2ab3b3b703c7848948e0f0ec75f26a9932ac75287f0b60589094786d631eb80b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 11 Dec 2018 01:54:38 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5c0f18de-2a2-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;196c4eaa01f0617eed8b207bfd4421de;2-289902-35;c66364b7-0b62-4cfc-45ad-c86254007a22
content-type
image/png
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
sdk.js
connect.facebook.net/zh_TW/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec8253bd8dd941cc924dc9606cc4676a005623095a86091a1c4a612ff5be6022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Origin
https://www.chtoen.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Apr 2024 07:04:28 GMT
content-md5
gqX498ZMjJcr56wHc6RmAA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1294, tbw=2791, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug
Sx9UwnhNbXl46IexwgVuo/4khKjDHk9sTUH4YdrFUYsIEwD7EWm9lVccCrO9YKSNp0k2782B2ke1buhtoWnUow==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f0f339972d356d93c5725da94233f8b5
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"3705c4fd308b3622041d44ffb9e3ca65"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 14 Apr 2024 07:19:34 GMT
ezoic.png
go.ezodn.com/utilcave_com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezodn.com/utilcave_com/ezoic.png
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.136.15 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a54e49f65745ec3e0c0bfec9c0005b787370f8f65476b8da936e14d9ceaaa1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
cf-cache-status
HIT
x-sol
middleton
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
294542
x-middleton-display
staticcontent_sol
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Apr 2024 07:22:58 GMT
server
cloudflare
etag
"592-61554533f313c-gzip-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXWr88fD5nVZ44bdOssiwmCNtsZ4%2F0%2BoHN5%2FJbfp9L%2Bpi1LfRzP%2FzGk344t6HCxy4bsOdCZE012WKxiWTuTgMcH%2BUH0DPZb8%2FLGWnouRQEfcnj%2BfabndooRngvXB3YA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
cf-ray
8741d7892c4a3a5c-FRA
expires
Fri, 12 Apr 2024 21:23:30 GMT
v.js
g.ezodn.com/cmp/v2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.137.15 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e63facc04cf29cf8e4f1f3ff6088d571d96551a572aadb13f39964ff87a46318

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Feb 2024 18:32:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1947393
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k7Wq5gCEpopjtEiQ%2B%2B%2BLXWl7Y7X0W%2BH%2FrAPdwTcQrAFDu%2BEDAuzdPYGRZaiDkP1VILD6fE7KFDut4fDztF4WzDW0YXw8uEetMZ2oLo49PY7BfK9p2b8ssP15vI2FUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
8741d7894b2bbb67-FRA
alt-svc
h3=":443"; ma=86400
boise.js
www.ezojs.com/detroitchicago/ 		811 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/boise.js?gcb=195-2&cb=5
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
092955f521559093671a2302925cf7e43be3c9c36a2f4c32a35c4d910feb6984

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1939463
cf-polished
origSize=824
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Mar 2024 20:20:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eelCS3q4I%2FOavCVitU8%2BzVdn%2FTymAlio%2B2kCEX8uwiG%2BVvJOASvyNRcsyHNIGpo%2BNFJRDesbCDq9Yechk8xY2bMy5Rn7ESJTshTkzjSdN4EMhqQPKAOxKI2PWCoDk14J2vsB8I9SLL41vK7a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bbc0335f7-FRA
abilene.js
www.ezojs.com/parsonsmaize/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/parsonsmaize/abilene.js?gcb=195-2&cb=33
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c937400edb14ee9964073e72d1e9629d3bf554101b9914dd5d48abf15f7157ab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1947391
cf-polished
origSize=6254
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Mar 2024 18:07:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tpV0l6jvreDX7h9J69OW2uWxb4%2BfGl%2BNFYgJ3iBmm1DxtHHSlkIJXcDAWd1%2Fc7ZmyN8oG8IEOzClJ7J%2B3GoA%2BBhPXsTvRSXXZnyYpN6sMWz7s2rLSAZEV8Emo3Tl5rcX3k%2FDR5OftIvrHeb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bbbfa35f7-FRA
tulsa.js
www.ezojs.com/detroitchicago/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/tulsa.js?gcb=195-2&cb=9
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f9daa5a391e4becb1ef21376f88772a4b5a874c50d22348b0fcc489dcc7b95

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1734835
cf-polished
origSize=13380
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Mar 2024 22:27:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cKkR1J0XEGpnJtZFfSz13C3yor3P1F1TJaimSjZDxBD6H5TdLCs3LgQJLL93IBOPPTcULysa%2Fb%2B1ZVVUT4Kc1g90xUE7BgnBtX0ULtf1slc69rJuQ5Pt%2B2aQ73RPrw0jAQlkDFm1hBQT%2FgTF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bbbfb35f7-FRA
et.js
www.ezojs.com/porpoiseant/ 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/porpoiseant/et.js?gcb=195-2&cb=2
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2198884
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 19 Mar 2024 20:16:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNVsAh2ITFOLuEuZmZKN2eDbaEK2uF7WnVgD33%2BCUeFU8CYpqSEb3Xa8izYRYgtHEeZzTk6pZsN%2B%2BXJsBRaRfobFcLN5Wgke0tFFe8N%2BRn9fY3VukoC9Rie1TG4FfvCadKxTOiytcVaTf6yy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bbc0535f7-FRA
chtoen.1640342228.css
www.chtoen.com/css/ 		177 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.chtoen.com/css/chtoen.1640342228.css
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
86d8bcefa392438a7e961ec5719098ae2b2b950f609d51a4d7a0668e33aa9a66

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
content-encoding
br
response
200
last-modified
Fri, 24 Dec 2021 10:37:08 GMT
server
nginx/1.12.2
display
staticcontent_sol, orig_site_sol
etag
"61c5a2d4-2c463-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,User-Agent,Origin
x-ezoic-cdn
Hit ds;mm;9902f715fe4e7e935757d0cd12cb48ce;2-289902-35;b408b8ba-aed0-4f84-6d85-15bb52738dda
content-type
text/css
x-sol
orig
x-middleton-display
staticcontent_sol, orig_site_sol
cache-control
public, max-age=2592000
x-middleton-response
200
chtoen.1608802663.js
www.chtoen.com/js/ 		263 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chtoen.com/js/chtoen.1608802663.js
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f6d3a9d53e72139ba9821475b57ce3b9e1a159dc3dd9146b4290a87924fc902e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
content-encoding
br
response
200
last-modified
Thu, 24 Dec 2020 09:37:43 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5fe46167-41ad3-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,User-Agent,Origin
x-ezoic-cdn
Hit ds;mm;d76edee36c4e52387c2fc5d9dbce2447;2-289902-35;9f256c2b-6040-40a8-62f1-60a18694c96d
content-type
application/javascript
x-sol
pub_site
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
drake.js
www.ezojs.com/beardeddragon/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/beardeddragon/drake.js?gcb=2&cb=8
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2198883
cf-polished
origSize=4247
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 19 Mar 2024 20:16:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DDZAHCmtNjbrREk0NhB4X3X240ROykdDTFkZGjkr5YN7%2FGSC9TXVQsrOWl1Zb6xxLdIfI8DcSq6dx8VFoaLa3nE78QXm6JgDRFEdgIPmYdrL8CzFxXU3vPH%2Bwh9nqoZ%2BhLRC%2B5ZcVAQzTfQ%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bbbfd35f7-FRA
jellyfish.js
www.ezojs.com/porpoiseant/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/porpoiseant/jellyfish.js?a=a&cb=14&dcb=195-2&shcb=34
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53fccfdc6e94cd5169ab060e8073990e83ae991eb38d244d29d0353ddb0349e9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2198883
cf-polished
origSize=37635
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 19 Mar 2024 20:16:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0hvYdOw5pgLdO0G9eq6BbYk0TBy%2Foi%2BLG%2FcLempmRKkVVYGxVDISBgRRxMyAZIiMqIjfHFLjk3IxHs2MMVNX7czoDUq2KT5HqrToMK2f1haSZO80I70xYp0dT3sN6Hm%2FM5lVcXfTTca3fjnr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bbc0035f7-FRA
js
www.googletagmanager.com/gtag/ 		246 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EYX096PS5Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16331158-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac63a2da10858a55c47f4f3430f7c006534521603741061187f2e8b5dd2486e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88973
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 14 Apr 2024 07:04:28 GMT
config.json
the.gatekeeperconsent.com/v2/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/v2/config.json?domain=www.chtoen.com&changeLogId=708200&cb=195
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1dd4bc3dc5b5761287970db21b6c5d2d1fbc420a4b5b73dba9af2385b2cf13f
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
x-frame-options
deny
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTHrW6eqxtC8E2llY7FVeK50dTY34xt4FxxkSTE7YRL4U4G7zp7KykPGJGKWgOeN4IV%2BQ8El1z3wKvGRw5Eb71edhn%2BwXQsd8rez3%2FtdPRZ%2FWx7VCkbL4KP0ryKo0ljzEvDaCrHM9U5FmOfk"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000, public
cf-ray
8741d78a29219e4b-CDG
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EYX096PS5Z&gtm=45je44a0v9133143014za200&_p=1713078268294&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tcfd=10001&cid=2037562658.1713078268&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=AAAI&_s=1&sid=1713078268&sct=1&seg=0&dl=https%3A%2F%2Fwww.chtoen.com%2F&dt=%E4%B8%AD%E8%8B%B1%E7%89%A9%E8%AA%9E%E6%98%AF%E4%B8%AD%E7%BF%BB%E8%8B%B1%E7%B6%B2%E7%AB%99%EF%BC%8C%E5%B0%88%E9%96%80%E7%BF%BB%E8%AD%AF%E9%9B%A3%E7%BF%BB%E8%AD%AF%E6%88%90%E8%8B%B1%E6%96%87%E7%9A%84%E4%B8%AD%E6%96%87%EF%BC%8C%E5%A6%82%E4%BA%BA%E7%91%9E%E3%80%81%E5%A5%BD%E7%AC%91%E7%9A%84%E6%A2%97%E3%80%81%E8%A6%AA%E5%92%8C%E5%8A%9B%E7%AD%89%EF%BC%81ChToEn%20Helps%20You%20Translate%20Hard-to-Translate-to-English%20Chinese%20Terms%20to%20English%20Terms!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=836
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYX096PS5Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 14 Apr 2024 07:04:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chtoen.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/zh_TW/ 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=e8871f58884e912dae970917b1ed296c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90c73ad0143fcd5178a42d23e81e41afc0249beb8e3df16ab1336f2600198ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Origin
https://www.chtoen.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Apr 2024 07:04:28 GMT
content-md5
f+HGYjv2NRpVzIOcF3xTlA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88863
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=20, mss=1294, tbw=6409, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
82BcjwLqLn60ly7xWnx0HG27k+G0yZNMrNEWMlBLcWdXj9YVp/OAlUGuydAb+2DA+taRmXcIJoFHZAKMkta7Qg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
590307d7a71ef4d62f2d2c1d502f0199
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8d900009de978ebe335de903f7b3704f"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 14 Apr 2025 05:39:26 GMT
%E8%A2%AB%E7%BD%B5%E7%9A%84%E7%8B%97.jpg
www.chtoen.com/image/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/image/%E8%A2%AB%E7%BD%B5%E7%9A%84%E7%8B%97.jpg
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
044cb671d93acb9ec885c51032b7362111755b4459877eb1e36b8493e639f42a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
true
response
200
last-modified
Tue, 11 Aug 2020 04:31:56 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5f321f3c-1a6ed-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;73322734fd82df49b70f15fe17b3d2fd;2-289902-35;40e467f6-1101-4c8e-44ec-6b5a93f8812e
content-type
image/jpeg
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
%E8%8B%B1%E6%96%87%E5%AD%97%E6%AF%8D%E8%A1%A8.jpg
www.chtoen.com/image/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/image/%E8%8B%B1%E6%96%87%E5%AD%97%E6%AF%8D%E8%A1%A8.jpg
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f2178876bf766dad088c7ad63ad3e9f90f52f048d35c86614c54a9d7a9d2329d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
true
response
200
last-modified
Tue, 11 Dec 2018 01:54:36 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5c0f18dc-dbd3-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;198dc5f062fa0e869f54ed026f90c6b8;2-289902-35;8d1914d1-dbda-476e-5dda-3b65ce1a8528
content-type
image/jpeg
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
%E7%86%B1%E7%82%92%E8%BE%A3%E5%AD%90%E9%9B%9E%E4%B8%81.jpg
www.chtoen.com/image/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/image/%E7%86%B1%E7%82%92%E8%BE%A3%E5%AD%90%E9%9B%9E%E4%B8%81.jpg
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
36a4f041d9c926fbe197985c3994394b932c974e9eced5e8e5a2339f4837f860

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 UTC
x-ezoic-excludewebp
true
response
200
last-modified
Tue, 14 Jul 2020 09:38:36 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5f0d7d1c-26d99-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;9c23aa7dee7872c76d27a9ae03f64190;2-289902-35;5c875ae0-a0e0-4f42-41bc-c2e2b2b05b0e
content-type
image/jpeg
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
gvl.json
the.gatekeeperconsent.com/cmp/ 		589 KB
73 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/cmp/gvl.json?v=9&lang=en
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47ed4301695cfd6c901c15ff9b23b99f14c4d931be6bda9bca8a84d8be460f1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 18:56:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
302889
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsoSGYpj9JEdjm%2BHuZyZkCeSP1hLseknZYb5K%2BNmlnGPo6CohRUMbBekXAFpJdYtDqjrHoeQJJBb4tJY0%2F6%2BrdJx0ZlTsymp8yF3X0JmaJNx4uP8BSRGxuJF1tr66g1yYXUt89vmsje1vJtW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=345600
cf-ray
8741d78a89699e4b-CDG
alt-svc
h3=":443"; ma=86400
gvl.json
the.gatekeeperconsent.com/cmp/ 		591 KB
73 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/cmp/gvl.json?v=9&lang=de-de
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/v2/cmp.js?v=195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d250a9b850b976e86cd99d8d92351423758af6daefc2e39a8c4397dfddd7b9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 14 Apr 2024 07:04:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rImX8sl7rdhadRU45B3pO%2B5yA6wgZBcJRecA83b%2FrJwn5faGJvcpdSl3%2FiJxxUKbz8hmNyZCUDdUXul6KqjgXWZL2DKsPJx%2BpmjGPDC13ExgIUb%2BOzMOwcfbImeH0dQxqed2WwnhARHlcX6s"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=345600
cf-ray
8741d78b4a1d9e4b-CDG
alt-svc
h3=":443"; ma=86400
mulvane.js
www.ezojs.com/parsonsmaize/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/parsonsmaize/mulvane.js?gcb=195-2&cb=6
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9af49c10c5a8062e5fde477550c3669bdbd09fc5b9d6eee319e808740744e7d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1935671
cf-polished
origSize=1132
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Mar 2024 21:23:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bcdNBJy4%2BzxWIZFedbDkkJQtwS5qaHsEyu75jBuJFqOK7otVEmg0lHMh5kxwRgoe2Gq1I4FmCQgqCIk88ciLgFUrhvn6WvpwXn9j8lA5PZf4KK3N7%2FbqHLtczTMkNF1b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bfba39f46-FRA
wichita.js
www.ezojs.com/detroitchicago/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/wichita.js?gcb=195-2&cb=12
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7a77f24fc31abf310ccb240b2e0a49f2582823f990eef11a3abc37f286ea12

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1947390
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Mar 2024 18:07:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RytFCKJEY2clI1S5tSU2WlyjRGTjGAskPWdYR7xoAHA3upF%2FvL3mPa%2FZLZFhyypybZ%2FrZCER5mrQ1aB48lO71Cvpkz9FnNHN%2BLxjk4SdeKOrJTobqeJlQAIUceZE6IDJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bfba69f46-FRA
raleigh.js
www.ezojs.com/detroitchicago/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/raleigh.js?gcb=195-2&cb=7
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fba7686001b516b0414bef328255eca729f278c1d14d324c8567733426439a5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1935671
cf-polished
origSize=1673
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Mar 2024 21:23:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2B1FnneB12GngNrG6qIzHXExkquxZZkQg%2BUR1pZbpKAeDNg%2FQ83z1%2FPu4SxKkO%2FirvDi7lmbPranK9CjBAc0LTxvUnb%2FaW4X9xgnlgojLo7MF7NdsdIory1WB6kjlff2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bfba89f46-FRA
vista.js
www.ezojs.com/detroitchicago/ 		1 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/detroitchicago/vista.js?gcb=195-2&cb=6
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4559f063977072488f6dd2c96ff11fa2dbfc62c9e26d1b8c2c80c48a85964ecc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1947390
cf-polished
origSize=1067
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 22 Mar 2024 18:07:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWi1WCtBFa73%2F0XZxncfJ9u88jTloVE3B78aVOA0tCFp6DbOluajIZ6iAriSJCCDCfgKD%2Ba30k000FbN%2BrySUuJO7mFhrzQKWpQogL5qdT9tvrUrvAP6OOIN7W%2BPSMyV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78bfbaa9f46-FRA
olathe.js
www.ezojs.com/parsonsmaize/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/parsonsmaize/olathe.js?gcb=195-2&cb=24
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037d14ce96f27706386c4475d17d7e4e448247ad61aa33b8328d4968bb83234e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2111191
cf-polished
origSize=2221
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 20 Mar 2024 20:37:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5LcamQ%2FVYIr5Xgy29DT1MUVjN0WQzYhyuGQYnvCy3xaXzHlYNnNynXzp2NcdH2PPSy%2BPi5trhTV29GdL%2BA1ILHucRKs4qVMXdqZVmgdS1xhY7ezRueAJXknagJCQlHc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78c2c149f46-FRA
vitals.js
www.ezojs.com/tardisrocinante/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/tardisrocinante/vitals.js?gcb=2&cb=4
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c2df0892b2e68fb2a1baee0cbf0ad2aac11419d49c9b97f10a81455b03e6a93

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1413498
cf-polished
origSize=11417
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 28 Mar 2024 22:26:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQWYIg4AhradXCsQW6kgayHRz1Aop6dCkr2ELqWvsJEdvFHB1Vb71M04rCNQMvfZ6Q5kbYX81t%2BYYSK%2FtpC2bRnM%2FuMGXPKIGSHBhJIY8SVAMeTqLy3Mc1s2t3N2Pm%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78c2c189f46-FRA
chanute.js
www.ezojs.com/parsonsmaize/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/parsonsmaize/chanute.js?a=a&cb=9&dcb=195-2&shcb=34
Requested by
Host: www.chtoen.com
URL: https://www.chtoen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb6666ac5ca730743eb9537dfb26940c88ffcbf6965a5122760a9d1e46a1503

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2111191
cf-polished
origSize=21786
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 20 Mar 2024 20:37:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mofdx9lZoBudi59jdjJPXIaEvlhbgAT4AidBIobeoEcab368KiJ0%2BmKIhCprkRvZJVP1kUQ1o1QhQHyPOZyVawmmr9fYcMFrFI%2FeMzQGCJhaPUF8nFhCty%2FYRVdQzW6M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
8741d78c2c199f46-FRA
imp.gif
www.chtoen.com/detroitchicago/ 		43 B
411 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.chtoen.com/detroitchicago/imp.gif
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/parsonsmaize/abilene.js?gcb=195-2&cb=33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Apr 2024 07:04:29 GMT
access-control-max-age
1728000, 1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS, HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.chtoen.com, https://www.chtoen.com
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type, Content-Type
content-length
43
expires
Sat, 13 Apr 2024 07:04:29 GMT
like.php
www.facebook.com/v8.0/plugins/ Frame 8A00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=370869749602419&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1462830814621abd%26domain%3Dwww.chtoen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.chtoen.com%252Ffab665412acd65a61%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FCh2En&layout=button_count&locale=zh_TW&sdk=joey&share=false&show_faces=false&width=85
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=e8871f58884e912dae970917b1ed296c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.chtoen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Sun, 14 Apr 2024 07:04:29 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1294, tbw=5268, tp=-1, tpl=-1, uplat=114, ullat=0
x-fb-debug
X+fEMBeSr/DeqL9u3Eo6Mv+d5/fK14je68tw9I8QcvWP9L60Q5qj8IZGsV+uWvGyhpahdsJhtRQ+PNV7AVrHxg==
x-xss-protection
0
page.php
www.facebook.com/v8.0/plugins/ Frame 543E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=true&app_id=370869749602419&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfec238a30d31588da%26domain%3Dwww.chtoen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.chtoen.com%252Ffab665412acd65a61%26relation%3Dparent.parent&container_width=740&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCh2En&locale=zh_TW&sdk=joey&show_facepile=true&show_posts=false&tabs=timeline&width=500
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=e8871f58884e912dae970917b1ed296c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.chtoen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Apr 2024 07:04:29 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1294, tbw=5694, tp=-1, tpl=-1, uplat=183, ullat=0
x-fb-debug
IorRr7ejWwAyzNFNlL32dPyrtDIN3RYAsKnzVM3RS3lHmmthYpeJwwT4vyg+FLNUWnnrKyaMbzXSCvCDXldZwg==
x-xss-protection
0
comments.php
www.facebook.com/v8.0/plugins/ Frame 7F73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v8.0/plugins/comments.php?app_id=370869749602419&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0cd09cdd58d582b7%26domain%3Dwww.chtoen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.chtoen.com%252Ffab665412acd65a61%26relation%3Dparent.parent&container_width=1570&height=100&href=http%3A%2F%2Fwww.chtoen.com%2F&locale=zh_TW&numposts=2&order_by=reverse_time&sdk=joey&version=v8.0&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=e8871f58884e912dae970917b1ed296c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.chtoen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Sun, 14 Apr 2024 07:04:29 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1294, tbw=2822, tp=-1, tpl=-1, uplat=112, ullat=0
x-fb-debug
nJvnosMvuL1d4K7as+7Z/oo3AdgHKkv3auqeZzM0bi3SYuJvssRVY8BpyjbjSh+gEKn93jR/OVEn8TXALbAoug==
x-frame-options
DENY
x-xss-protection
0
like.php
www.facebook.com/v8.0/plugins/ Frame ABD2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v8.0/plugins/like.php?action=like&app_id=370869749602419&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7fa8889158092bca%26domain%3Dwww.chtoen.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.chtoen.com%252Ffab665412acd65a61%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FCh2En&layout=button_count&locale=zh_TW&sdk=joey&share=false&show_faces=false&width=85
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=e8871f58884e912dae970917b1ed296c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.chtoen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Sun, 14 Apr 2024 07:04:29 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1294, tbw=5483, tp=-1, tpl=-1, uplat=115, ullat=0
x-fb-debug
ZUoktL5C3ecxq1BwKw6hsZKl/oUyz2M8uugldlMRFOq2tp91J09Nzlj6qsDEdoHP9I4Vjh5GoduwKv99/DEalQ==
x-xss-protection
0
main_modal_firstpage
the.gatekeeperconsent.com/cmp/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/cmp/v2/main_modal_firstpage?domain=www.chtoen.com&region=default&lang=de-DE&cb=195&changeLogId=708200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.chtoen.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://www.chtoen.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8741d78e5d559e4b-CDG
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 14 Apr 2024 07:04:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRwUtm%2B5mtVRaOo0M9cRkJc0qNbywZFQVw9iD5oQsBrFoD6P1bygZ60vcXT7Q4mi8OqRKULw5AxikJdX8vO9aKY0n%2BRIoEP9sHJc59cOweMJYlvZeCvbqEbaw05lPf%2B%2FDV384iBtwFER4CMf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
main_modal_firstpage
the.gatekeeperconsent.com/cmp/v2/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/cmp/v2/main_modal_firstpage?domain=www.chtoen.com&region=default&lang=de-DE&cb=195&changeLogId=708200
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/tulsa.js?gcb=195-2&cb=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dcc7d73b6e1fcb1b80a11dcad0d5f0b2f00f3e7baedd35e0e5bfdaee1602394

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Apr 2024 07:04:29 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 14 Apr 2024 07:04:29 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.chtoen.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjNueiUrIBiDTUJOL3DtJlPVMrJ28KgvJruqoXjm%2FiwDnIXdewD3yZ3eYzatQZHZZ2%2Fhy1YzEIB2AS3mBZmPIrrkIHD8%2F7A2X7JIwbF%2BPfl33j%2B8Ll75CyJzvDHiPYOvdZfNGCTy%2Btcv7hNv"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray
8741d78ead9d9e4b-CDG
access-control-allow-headers
Content-Type
favicon.ico
www.chtoen.com/ 		894 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.chtoen.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
5628d76b151af285e72db07b6e3b73d23d55972d2e0634ea4c04c8084620930a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:29 UTC
response
200
last-modified
Tue, 11 Dec 2018 01:54:30 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5c0f18d6-37e-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;mm;7043f9af7ebe7125c0b7f461da88ffb1;2-289902-35;5b0c9553-c2d8-490a-456e-390bda2de4db
content-type
image/x-icon
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200
%E8%AD%B7%E9%BD%92%E5%92%AC%E5%90%88%E5%99%A8.jpg
www.chtoen.com/image/ 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chtoen.com/image/%E8%AD%B7%E9%BD%92%E5%92%AC%E5%90%88%E5%99%A8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0a1c9bce8252f3596f03a002ddd518c34f7e136a547b73a1f3f5d02262b3aa03

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.chtoen.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 07:04:31 UTC
x-ezoic-excludewebp
true
response
200
last-modified
Sun, 23 Aug 2020 12:56:04 GMT
server
nginx/1.12.2
display
staticcontent_sol
etag
"5f426764-20198-gzip"
x-origin-cache-control
max-age=5184000
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ezoic-cdn
Hit ds;ms;5f9b79c7c634d53794d2e958d95328ec;2-289902-35;30487889-7e61-4120-6374-9fe77bea1c45
content-type
image/jpeg
x-middleton-display
staticcontent_sol
cache-control
public, max-age=31536000
x-middleton-response
200

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| __setCMPv2RequestData number| gtagLoadBackoff function| gtagLoadedCheck object| _CMPv2RequestData function| __tcfapi object| __ezHttpConsent object| ezTcfConsent function| getEzConsentData function| _setEzCookies object| __ez string| __ezScriptHost object| _ezaq boolean| ezoicTestActive object| link boolean| wideDevice function| gtag object| dataLayer string| ezoTemplate string| ezouid string| ezoFormfactor string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl function| loadCmpVign boolean| cmpIsOn number| ezCmpChangeLogId number| ezCmpCacheBusterId undefined| adCode function| __ez_vig_close_wrapper function| __ez_addAllListeners string| _audins_dom number| _audins_did undefined| __ez_dims function| _emitEzConsentEvent boolean| ezgconsent object| google_tag_manager object| google_tag_data object| nunjucksPrecompiled boolean| ezStandaloneCmp function| newEzVignette object| googletag object| gaGlobal function| cookiesEnabled function| addCookie function| deleteCookie function| deleteCookieByValue function| getCookieValue function| deleteAllTermCookies function| deleteAllFavoriteCookies function| currentPathBelongsInFavorite function| addChtoenCookie function| displayHistoryFromCookies function| displayFavoriteTermsFromCookies function| setCookieToPc function| setCookieToMobile boolean| visitorInTw string| pathWithNoM function| showSpinner function| hideSpinner function| doSearch function| encode_utf8 function| decode_utf8 function| fbLogin function| deleteFbCookies function| fbLogout function| setAccountFormElements function| userIsLoggedIn function| userIsLoggedOut function| submitAccountSettingForm function| emailMeFailure function| trim function| fadeInOutGoToNextLocation function| showOrHideGoToButtons function| runCF function| showFbPagePopup function| lazyload function| LazyLoad function| $ function| jQuery object| bootstrap object| jQuery19106176553906833167 function| fbAsyncInit object| FB object| __ezCmpConfig object| ezCMP object| __buffer boolean| needToShowFbPagePopup undefined| hREED function| __ezDotData function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey function| getEzErrorURL function| reportEzError object| ct object| ezdent object| ezDenty object| ezua object| ezuxgoals function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| _ezfd number| indexKey number| ez_tos_track_count number| ez_last_activity_count function| initEzux object| riveted object| ezux object| metricNameMap function| ezlogVital object| webVitals object| perf_vals

2 Cookies

Domain/Path Name / Value
.chtoen.com/ Name: term1
Value:
.chtoen.com/ Name: new3
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abzcoupon.com
cdn.affiliates.one
chtoen.com
connect.facebook.net
g.ezodn.com
go.ezodn.com
privacy.gatekeeperconsent.com
region1.google-analytics.com
the.gatekeeperconsent.com
www.chtoen.com
www.ezojs.com
www.facebook.com
www.googletagmanager.com
172.64.136.15
172.64.137.15
172.67.170.144
172.67.199.186
2001:4860:4802:32::36
2600:9000:225e:9200:2:7984:4f40:93a1
2606:4700:3034::6815:3f6a
2606:4700:3035::6815:2a20
2a00:1450:4001:813::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d014:776:a63f:551c:5660:31da:fe01
54.172.32.237
037d14ce96f27706386c4475d17d7e4e448247ad61aa33b8328d4968bb83234e
044cb671d93acb9ec885c51032b7362111755b4459877eb1e36b8493e639f42a
07a54e49f65745ec3e0c0bfec9c0005b787370f8f65476b8da936e14d9ceaaa1
092955f521559093671a2302925cf7e43be3c9c36a2f4c32a35c4d910feb6984
0a1c9bce8252f3596f03a002ddd518c34f7e136a547b73a1f3f5d02262b3aa03
0b1e5fca874743a4e5a217a0e13ee730e885715c44c4c488961701051fedba45
1d7a77f24fc31abf310ccb240b2e0a49f2582823f990eef11a3abc37f286ea12
2462370bea788e7da82f22eee6204bb4966459277190945703730d26d8f08e2a
2ab3b3b703c7848948e0f0ec75f26a9932ac75287f0b60589094786d631eb80b
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
35eb9f64b62f88c2353343fc8b0055073e5373c7e12e643ff3ad86718db0b5fb
36a4f041d9c926fbe197985c3994394b932c974e9eced5e8e5a2339f4837f860
3f4a89c047e68743297926f80fc6b4c31c0b526680a7e59cf6151a6b518eb1ea
4559f063977072488f6dd2c96ff11fa2dbfc62c9e26d1b8c2c80c48a85964ecc
4c2df0892b2e68fb2a1baee0cbf0ad2aac11419d49c9b97f10a81455b03e6a93
5018a56846eb443922f07b45d19ef4250c3f4850de0e480b2e7fda39cf154c6d
53fccfdc6e94cd5169ab060e8073990e83ae991eb38d244d29d0353ddb0349e9
5628d76b151af285e72db07b6e3b73d23d55972d2e0634ea4c04c8084620930a
60d250a9b850b976e86cd99d8d92351423758af6daefc2e39a8c4397dfddd7b9
7dcc7d73b6e1fcb1b80a11dcad0d5f0b2f00f3e7baedd35e0e5bfdaee1602394
86d8bcefa392438a7e961ec5719098ae2b2b950f609d51a4d7a0668e33aa9a66
86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be
8cb6666ac5ca730743eb9537dfb26940c88ffcbf6965a5122760a9d1e46a1503
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20
90c73ad0143fcd5178a42d23e81e41afc0249beb8e3df16ab1336f2600198ff1
9144e08d60d2140c7b6f8b88419ce64e9abf68ab3b152b56dd13dd5b8408f569
9fba7686001b516b0414bef328255eca729f278c1d14d324c8567733426439a5
ac63a2da10858a55c47f4f3430f7c006534521603741061187f2e8b5dd2486e8
c47ed4301695cfd6c901c15ff9b23b99f14c4d931be6bda9bca8a84d8be460f1
c937400edb14ee9964073e72d1e9629d3bf554101b9914dd5d48abf15f7157ab
d9af49c10c5a8062e5fde477550c3669bdbd09fc5b9d6eee319e808740744e7d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63facc04cf29cf8e4f1f3ff6088d571d96551a572aadb13f39964ff87a46318
ec8253bd8dd941cc924dc9606cc4676a005623095a86091a1c4a612ff5be6022
f1265b079b8ad692aaa28540ab372c01a32fb5dedc8d76943375bc1797bfce3c
f1dd4bc3dc5b5761287970db21b6c5d2d1fbc420a4b5b73dba9af2385b2cf13f
f2178876bf766dad088c7ad63ad3e9f90f52f048d35c86614c54a9d7a9d2329d
f48af1f07cd6e48885bcfcc9e30785672f333e2eadf05520feecf68968187b7f
f6d3a9d53e72139ba9821475b57ce3b9e1a159dc3dd9146b4290a87924fc902e
f860225c04fce3b72212f26c880a54ee3748a5c9860aa3df824a280d7d4ec580
f8f9daa5a391e4becb1ef21376f88772a4b5a874c50d22348b0fcc489dcc7b95