Submitted URL: http://t.cn/Rrquemb
Effective URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Submission: On June 25 via manual from US

Summary

This website contacted 15 IPs in 6 countries across 12 domains to perform 56 HTTP transactions. The main IP is 151.101.113.194, located in San Francisco, United States and belongs to FASTLY - Fastly, US. The main domain is 0rr32d.global.ssl.fastly.net.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on January 31st 2018. Valid for: a year.
This is the only time 0rr32d.global.ssl.fastly.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 114.134.80.138 9304 (HUTCHISON...)
1 151.101.113.194 54113 (FASTLY)
1 94.31.29.138 54104 (AS-STACKPATH)
5 2a00:1450:400... 15169 (GOOGLE)
1 23.23.114.123 14618 (AMAZON-AES)
3 114.80.62.3 4812 (CHINANET-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2400:cb00:204... 13335 (CLOUDFLAR...)
3 151.101.112.133 54113 (FASTLY)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 111.254.32.43 3462 (HINET Dat...)
26 1.170.89.68 3462 (HINET Dat...)
56 15
Domain Requested by
5 pagead2.googlesyndication.com 0rr32d.global.ssl.fastly.net
pagead2.googlesyndication.com
4 cors.io cdn.jsdelivr.net
3 www.google-analytics.com 1 redirects 0rr32d.global.ssl.fastly.net
3 raw.githubusercontent.com 0rr32d.global.ssl.fastly.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 cdn.bootcss.com 0rr32d.global.ssl.fastly.net
1 stats.g.doubleclick.net 0rr32d.global.ssl.fastly.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 api.ipify.org cdn.jsdelivr.net
1 cdn.jsdelivr.net 0rr32d.global.ssl.fastly.net
1 0rr32d.global.ssl.fastly.net
1 t.cn 1 redirects
56 13

This site contains links to these domains. Also see Links.

Domain
bit.ly
t.cn
github.com
raw.githubusercontent.com
111.254.32.43
Subject Issuer Validity Valid
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2018-01-31 -
2019-02-01
a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2018-06-07 -
2018-08-16
2 months crt.sh

This page contains 6 frames:

Primary Page: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Frame ID: E3B685AED0CB27B4071FEF37A77DC4D9
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180620/r20180604/zrt_lookup.html
Frame ID: 0B3B45527D76CC1703E9A3CADEE61602
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Frame ID: 6554FD0080F40179A9A6FC86266B427B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1529962016&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3D45561184&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1529962016603&bpp=13&bdt=338&fdt=16&idt=90&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&correlator=6736036522564&frm=20&pv=2&ga_vid=1356090234.1529962017&ga_sid=1529962017&ga_hid=553598155&ga_fc=0&iag=0&icsg=8872&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226401%2C368226500&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=b93j5H7kp3&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=118
Frame ID: 8B1F66D60E52418B71947C9FDCE0A65A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Frame ID: 0D654D8C3663F1213FF3793542A9931E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1529962016&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3D45561184&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1529962016619&bpp=7&bdt=354&fdt=118&idt=119&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=6736036522564&frm=20&pv=1&ga_vid=1356090234.1529962017&ga_sid=1529962017&ga_hid=553598155&ga_fc=0&iag=0&icsg=41640&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226401%2C368226500&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=PmPM9gTE4G&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=125
Frame ID: DBAD3B24BDDC7F663A2F0D199128B2E3
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://t.cn/Rrquemb HTTP 302
    https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i

Overall confidence: 100%
Detected patterns
  • env /^VideoJS$/i

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

56
Requests

7 %
HTTPS

47 %
IPv6

12
Domains

13
Subdomains

15
IPs

6
Countries

1737 kB
Transfer

2823 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.cn/Rrquemb HTTP 302
    https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=553598155&t=pageview&_s=1&dl=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3D45561184&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=59459856&gjid=28078512&cid=1356090234.1529962017&tid=UA-90274311-1&_gid=603626725.1529962018&_r=1&z=565507739 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1356090234.1529962017&jid=59459856&_gid=603626725.1529962018&gjid=28078512&_v=j68&z=565507739

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request oo.aspx
0rr32d.global.ssl.fastly.net/
Redirect Chain
  • http://t.cn/Rrquemb
  • https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
82 KB
20 KB
Document
General
Full URL
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
81f53be895dead2f74f9b8a81f9886244f0c1f66341d3bcef9adede78ca01311

Request headers

Host
0rr32d.global.ssl.fastly.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
E3B685AED0CB27B4071FEF37A77DC4D9

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Accept-Ranges
bytes bytes
Age
0 0
Content-Length
19759
Date
Mon, 25 Jun 2018 21:26:55 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-hhn1532-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1529962015.438106,VS0,VE555
Vary
Accept-Encoding

Redirect headers

Location
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Content-Type
text/html;charset=UTF-8
Server
weibo
Content-Length
279
Date
Mon, 25 Jun 2018 21:26:55 GMT
X-Varnish
2201652474
Age
0
Via
1.1 varnish
Connection
close
SINA-LB
aGEuMTY4LmcxLmh5ZHMubGIuc2luYW5vZGUuY29t
SINA-TS
OWIwOWMzNjggMCAzNiAzNiA5IDM4Cg==
jquery.min.js
cdn.jsdelivr.net/jquery/1.12.4/
95 KB
33 KB
Script
General
Full URL
https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
SPDY
Server
94.31.29.138 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
94.31.29.138.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Jun 2018 21:26:56 GMT
content-encoding
gzip
server
NetDNA-cache/2.2
status
200
etag
W/"17b8b-Wp3PvvZVomaOeLrr6qjcb0HY2rs"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
x-served-by
cache-ams4130-AMS, cache-fra19125-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
73 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
SPDY
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bab3d1d3bfb4445c576493d2db8d4a88872ca7bfff3f6e107c0225183c8b37af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Jun 2018 21:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
27315
x-xss-protection
1; mode=block
server
cafe
etag
5168819044488641087
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Jun 2018 21:26:56 GMT
/
api.ipify.org/
14 B
253 B
XHR
General
Full URL
https://api.ipify.org/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Server
23.23.114.123 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-23-114-123.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
df9cdd0219b5eff3950e0f259c7b411dbca16bb2ee27685e765ef1b4ff4eaaa4

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:26:56 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
https://0rr32d.global.ssl.fastly.net
Connection
keep-alive
Content-Length
14
video-js.min.css
cdn.bootcss.com/video.js/6.9.0/
47 KB
48 KB
Stylesheet
General
Full URL
https://cdn.bootcss.com/video.js/6.9.0/video-js.min.css
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
SPDY
Server
114.80.62.3 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
797a01da5c69a8881df555214c425f305dc5f57ed6ed234d7a8d5e6736797647

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Jun 2018 21:26:57 GMT
x-jdcloud-request-id
A14D1C6A409741A3
age
1482491
status
200
content-disposition
inline; filename="video.js/6.9.0/video-js.min.css"
x-req-id
A14D1C6A409741A3
content-length
48549
via
http/1.1 ORI-CLOUD-HUADONG-JCS-178 (jcs [cMsSfW]), http/1.1 SH-CT-1-MIX-43 (jcs [cRs f ])
x-jss-storage-class
STANDARD
last-modified
Thu, 07 Jun 2018 08:44:50 GMT
server
nginx
x-trace
200-1529962017122-0-0-0-1-1
etag
"ect/snP95Zca/JrypZi4jA=="
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-jss-service
GET.object
accept-ranges
bytes
video.min.js
cdn.bootcss.com/video.js/6.9.0/
194 KB
194 KB
Script
General
Full URL
https://cdn.bootcss.com/video.js/6.9.0/video.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
SPDY
Server
114.80.62.3 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
f9b31028ba6e6bad32c3b7d8e37e3e8263e20859357156ca5c11bd4d4b828290

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 25 Jun 2018 21:26:57 GMT
x-jdcloud-request-id
8640FDB0B315DE8E
age
1482492
status
200
content-disposition
inline; filename="video.js/6.9.0/video.min.js"
x-req-id
8640FDB0B315DE8E
content-length
198280
via
http/1.1 ORI-CLOUD-HUADONG-JCS-167 (jcs [cMsSfW]), http/1.1 SH-CT-1-MIX-45 (jcs [cRs f ])
x-jss-storage-class
STANDARD
last-modified
Thu, 07 Jun 2018 08:44:50 GMT
server
nginx
x-trace
200-1529962017122-0-0-0-1-1
etag
"D5v1d0vtMxPzYR884wONOA=="
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-jss-service
GET.object
accept-ranges
bytes
videojs-contrib-hls.min.js
cdn.bootcss.com/videojs-contrib-hls/5.14.1/
227 KB
61 KB
Script
General
Full URL
https://cdn.bootcss.com/videojs-contrib-hls/5.14.1/videojs-contrib-hls.min.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
SPDY
Server
114.80.62.3 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
9e01d2473096e9ebafb493d80dce879d677d52f4bb5715df39c46de4ab7466b0

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 25 Jun 2018 21:26:57 GMT
x-jdcloud-request-id
9D339AE5871F2605
age
1482559
status
200
content-disposition
inline; filename="videojs-contrib-hls/5.14.1/videojs-contrib-hls.min.js"
x-req-id
9D339AE5871F2605
content-encoding
gzip
content-length
61702
via
http/1.1 ORI-CLOUD-HUADONG-JCS-156 (jcs [cRs f ]), http/1.1 SH-CT-1-MIX-40 (jcs [cRs f ])
x-jss-storage-class
STANDARD
last-modified
Thu, 07 Jun 2018 08:53:02 GMT
server
nginx
x-trace
200-1529962017123-0-0-0-11-11
etag
W/"Ot7rs73s/OF6H8a7B00YTA=="
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-jss-service
GET.object
integrator.js
adservice.google.de/adsid/
109 B
494 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=0rr32d.global.ssl.fastly.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Jun 2018 21:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/
109 B
323 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=0rr32d.global.ssl.fastly.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Jun 2018 21:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-9887006928691465.js
pagead2.googlesyndication.com/pub-config/r20160913/
473 B
384 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-9887006928691465.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2249ebb505fb6c85aab2d57fecad5457a6e293fa59d78686ec55f72c6f617d92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Jun 2018 21:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 24 Jun 2018 21:52:55 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
234
x-xss-protection
1; mode=block
expires
Tue, 26 Jun 2018 09:26:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180620/r20180604/ Frame 0B3B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180620/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180620/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
E3B685AED0CB27B4071FEF37A77DC4D9
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 Jun 2018 14:17:13 GMT
expires
Wed, 04 Jul 2018 14:17:13 GMT
content-type
text/html; charset=UTF-8
etag
4726315756816018096
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6958
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
457783
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/ Frame 6554
184 KB
69 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c067f1d0e4fa43f8f538484784981462777754d8af1d7221386e3ead95860a9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Jun 2018 21:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
70330
x-xss-protection
1; mode=block
server
cafe
etag
409313115088525104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Jun 2018 21:26:56 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8B1F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1529962016&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3D45561184&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1529962016603&bpp=13&bdt=338&fdt=16&idt=90&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&correlator=6736036522564&frm=20&pv=2&ga_vid=1356090234.1529962017&ga_sid=1529962017&ga_hid=553598155&ga_fc=0&iag=0&icsg=8872&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226401%2C368226500&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=b93j5H7kp3&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=118
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=943920009&w=1200&fwrn=4&fwrnh=100&lmt=1529962016&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3D45561184&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1529962016603&bpp=13&bdt=338&fdt=16&idt=90&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&correlator=6736036522564&frm=20&pv=2&ga_vid=1356090234.1529962017&ga_sid=1529962017&ga_hid=553598155&ga_fc=0&iag=0&icsg=8872&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226401%2C368226500&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=1&fsb=1&xpc=b93j5H7kp3&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=118
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
E3B685AED0CB27B4071FEF37A77DC4D9
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 25 Jun 2018 21:26:56 GMT
server
cafe
cache-control
private
content-length
383
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-Jun-2018 21:41:56 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
expires
Mon, 25 Jun 2018 21:26:56 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/
71 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Protocol
SPDY
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
23a5d8589ec38afde5e9c32aee58e7077dc85865a5fb26140e53cde6197fa12f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Jun 2018 13:51:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
459343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
26541
x-xss-protection
1; mode=block
server
cafe
etag
14699803715169814696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jul 2018 13:51:13 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/ Frame 0D65
184 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c067f1d0e4fa43f8f538484784981462777754d8af1d7221386e3ead95860a9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Mon, 25 Jun 2018 21:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
70330
x-xss-protection
1; mode=block
server
cafe
etag
409313115088525104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Jun 2018 21:26:56 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DBAD
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1529962016&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3D45561184&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1529962016619&bpp=7&bdt=354&fdt=118&idt=119&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=6736036522564&frm=20&pv=1&ga_vid=1356090234.1529962017&ga_sid=1529962017&ga_hid=553598155&ga_fc=0&iag=0&icsg=41640&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226401%2C368226500&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=PmPM9gTE4G&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=125
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9887006928691465&output=html&h=90&slotname=4887033834&adk=3433465998&adf=1414068304&w=1200&fwrn=4&fwrnh=100&lmt=1529962016&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3D45561184&flash=0&fwr=0&rh=0&rw=1576&resp_fmts=3&wgl=1&adsid=NT&dt=1529962016619&bpp=7&bdt=354&fdt=118&idt=119&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x90&correlator=6736036522564&frm=20&pv=1&ga_vid=1356090234.1529962017&ga_sid=1529962017&ga_hid=553598155&ga_fc=0&iag=0&icsg=41640&dssz=13&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=12&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226401%2C368226500&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3871415030&ifi=2&fsb=1&xpc=PmPM9gTE4G&p=https%3A//0rr32d.global.ssl.fastly.net&dtd=125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
E3B685AED0CB27B4071FEF37A77DC4D9
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 25 Jun 2018 21:26:56 GMT
server
cafe
cache-control
private
content-length
382
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-Jun-2018 21:41:56 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
expires
Mon, 25 Jun 2018 21:26:56 GMT
/
cors.io/
18 KB
4 KB
XHR
General
Full URL
https://cors.io/?https://ogate.org/oo.aspx?name=get_ooshow&ag=okHead&myip=148.251.45.254
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
SPDY
Server
2400:cb00:2048:1::6818:62fb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0805b71752000d2c9bf1aaa055a0329b3e481620e266996d75c31099457da7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
430a83ee3aa4232a-FRA
date
Mon, 25 Jun 2018 21:26:57 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
/
cors.io/
2 KB
737 B
XHR
General
Full URL
https://cors.io/?https://ogate.org/oo.aspx?name=get_ooshow&ag=ogFoot&from=Email-wu&tag=45561184&myip=148.251.45.254
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
SPDY
Server
2400:cb00:2048:1::6818:62fb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f055a1f358d1eeaced6c9d100cf587d26d0ac57761cad397c347b11928434ade

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
430a83f23d04232a-FRA
date
Mon, 25 Jun 2018 21:26:58 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
oGate.2.png
raw.githubusercontent.com/opipe/Up/master/A/
8 KB
9 KB
Image
General
Full URL
https://raw.githubusercontent.com/opipe/Up/master/A/oGate.2.png
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
HTTP/1.1
Server
151.101.112.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3369c645ecb1e8bb9e356997d057a73faab1dfb22ca1a55102f1df109fcaa71
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
a563079d4410c8df4e145241f03aa0048f640826
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
8519
ETag
"efe5ebaaee56eee3767a07f92a9021a7e279b863"
X-Served-By
cache-hhn1536-HHN
X-GitHub-Request-Id
3AF4:3F64:1C29F9:1D21EA:5B315E21
X-Timer
S1529962018.661760,VS0,VE95
X-Frame-Options
deny
Date
Mon, 25 Jun 2018 21:26:57 GMT
Source-Age
0
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Mon, 25 Jun 2018 21:31:57 GMT
ogHead.jpg
raw.githubusercontent.com/opipe/Up/master/A/
142 KB
142 KB
Image
General
Full URL
https://raw.githubusercontent.com/opipe/Up/master/A/ogHead.jpg
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
HTTP/1.1
Server
151.101.112.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9a6af060cc89302f579f527a01b5efa3ea9cc20f783e7833ff1cb00db7530dcb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID
14ab76c3b58b342f1daba615496c855d6d9ea768
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
145092
ETag
"f7f243ce8ab4be77f959e727f4b5a9c01ec9ca0a"
X-Served-By
cache-hhn1539-HHN
X-GitHub-Request-Id
92B2:7478:1E7B9C:1F7EFA:5B315E21
X-Timer
S1529962018.660191,VS0,VE92
X-Frame-Options
deny
Date
Mon, 25 Jun 2018 21:26:57 GMT
Source-Age
0
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Mon, 25 Jun 2018 21:31:57 GMT
analytics.js
www.google-analytics.com/
34 KB
14 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
SPDY
Server
2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
2632
date
Mon, 25 Jun 2018 20:43:05 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14386
expires
Mon, 25 Jun 2018 22:43:05 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=553598155&t=pageview&_s=1&dl=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1356090234.1529962017&jid=59459856&_gid=603626725.1529962018&gjid=28078512&_v=j68&z=565507739
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1356090234.1529962017&jid=59459856&_gid=603626725.1529962018&gjid=28078512&_v=j68&z=565507739
Requested by
Host: 0rr32d.global.ssl.fastly.net
URL: https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Protocol
SPDY
Server
2a00:1450:400c:c0c::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 25 Jun 2018 21:26:57 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Jun 2018 21:26:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-90274311-1&cid=1356090234.1529962017&jid=59459856&_gid=603626725.1529962018&gjid=28078512&_v=j68&z=565507739
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
414
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j68&a=553598155&t=timing&_s=2&dl=https%3A%2F%2F0rr32d.global.ssl.fastly.net%2Foo.aspx%3Fname%3Dc816711%26key%3Dkihgcsa2%26from%3DEmail-wu%26tag%3D45561184&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3105&pdt=544&dns=5&rrt=1097&srt=561&tcp=18&dit=3056&clt=3056&_u=IAhAAEAB~&jid=&gjid=&cid=1356090234.1529962017&tid=UA-90274311-1&_gid=603626725.1529962018&z=2078983869
Protocol
SPDY
Server
2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jun 2018 18:46:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
355234
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
cors.io/
13 KB
3 KB
XHR
General
Full URL
https://cors.io/?https://ogate.org/oo.aspx?name=get_ooshow&ag=c816711&myip=148.251.45.254
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
SPDY
Server
2400:cb00:2048:1::6818:62fb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
210b2b6ec15a3c6876fbb1a119752104b7bebdfab43c6dadd60aefad2992a18d

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
430a83f65faf232a-FRA
date
Mon, 25 Jun 2018 21:26:59 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
/
cors.io/
34 KB
9 KB
XHR
General
Full URL
https://cors.io/?https://ogate.org/oo.aspx?name=get_ooshow&ag=ogLate_1_1_1&myip=148.251.45.254
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/1.12.4/jquery.min.js
Protocol
SPDY
Server
2400:cb00:2048:1::6818:62fb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10400057d6b8ff99fbfaa9c8f5225f420844ada78b9762aed38bc5f87f5168e3

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Origin
https://0rr32d.global.ssl.fastly.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
430a83fecc24232a-FRA
date
Mon, 25 Jun 2018 21:27:00 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
Cover.jpg
raw.githubusercontent.com/opipe/Up/master/Tools/
29 KB
30 KB
Image
General
Full URL
https://raw.githubusercontent.com/opipe/Up/master/Tools/Cover.jpg
Protocol
HTTP/1.1
Server
151.101.112.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e32e15f1445d33a9dea1669a7e2d79a7dd0337b7032cc74a77bb5bb89b52ec89
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://0rr32d.global.ssl.fastly.net/oo.aspx?name=c816711&key=kihgcsa2&from=Email-wu&tag=45561184
Origin
https://0rr32d.global.ssl.fastly.net

Response headers

X-Fastly-Request-ID
be8b8a1a41aa93bffbeaa8f1885780259b1e23eb
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Geo-Block-List
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
29439
ETag
"9298af012c43389ecb963452c7b24c8bab4f8d36"
X-Served-By
cache-hhn1526-HHN
X-GitHub-Request-Id
63E8:0B8C:5592B:5A6FF:5B315E20
X-Timer
S1529962020.664316,VS0,VE132
X-Frame-Options
deny
Date
Mon, 25 Jun 2018 21:26:59 GMT
Source-Age
0
Vary
Authorization,Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Cache-Control
max-age=300
Accept-Ranges
bytes
Expires
Mon, 25 Jun 2018 21:31:59 GMT
XEzLV
111.254.32.43/hs22544d72d85658ce16b21660381b8b644ba53976csTZxQ.7LQ/5/
614 B
817 B
Image
General
Full URL
http://111.254.32.43/hs22544d72d85658ce16b21660381b8b644ba53976csTZxQ.7LQ/5/XEzLV?XEV=tL&XEr=cJjTcJj&XERG=N&XE7q=PhB-J&XER=EVVFr%lH%kB%kBj1vwLX.QR78zR.rrR.wzrVRv.xqV%kB77.zrFT%lBxzMq=XJcufcc_m_l%kuAqv=%kuwL7M=7tLX7Gq%kuVzQ=Uffcjkju.jpg
Protocol
HTTP/1.1
Server
111.254.32.43 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
111-254-32-43.dynamic-ip.hinet.net
Software
Apache /
Resource Hash
c3432fc06eef304d7bab0ead7819fa1b1ba626fe0cbd3de6e9a463b55547b3bf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:27:00 GMT
Server
Apache
Age
0
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Content-Length
614
EWfUgscqhvqaK
111.254.32.43/hs22544d72d85658ce16b21660381b8b644ba53976ZnB---Vl-gmiUclUn.mggmcUEWfUg.ag0/
295 KB
0
Media
General
Full URL
http://111.254.32.43/hs22544d72d85658ce16b21660381b8b644ba53976ZnB---Vl-gmiUclUn.mggmcUEWfUg.ag0/EWfUgscqhvqaK?acUl=NTToooAQ&VginaU=hgiYivU&VWmlqYinU=TTLBAZ11CZITIBBTQo4odN9N14ZJTIJJLJ1QZICJ.9dZN4AC1rIdZd44dIBoCoQCJC14r9ooZdBdooB4r&URsWnU=ZANTTo1IZo&nqYUvhsqVV=hUV&c0Y=ZA9Qoo9o9TNoZN9o&nUPiWnUVVc=hUV&mWn=hUV&0W0U=EWfUg/0sB&2EWs=B&2URs=N1Q9T1AT&Vsqnq0V=acUl,fin,UW,mWn,Wf,WlWYaklfvsV,Ws,WsvWYV,WYqm,c0Y,0W0U,00,0l,0V,0E,sc,nqYUvhsqVV,nUPiWnUVVc,VginaU,URsWnU&Wf=g-Cjn8wrVoaxB5lZUZQV5ITvBX-LRQplchE2kPFB7Fnloq&0E=0&fin=IA1.11T&0Y=ZANTTIZT9T&WYqm=Zo&0V=qi,gln&WlWYaklfvsV=NAoINA9&0l=Vl-gmiUclUn,Vl-1s0QIlQI&WsvWYV=9&00=1Z,NI&sc=ZI&a=54L&KUh=hYI&Ws=Z1.ZNB.oT.I&UW=GcBR5TiXxbFsmM6EsQ6gLk&YWYcU=g
Protocol
HTTP/1.1
Server
111.254.32.43 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
111-254-32-43.dynamic-ip.hinet.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://0rr32d.global.ssl.fastly.net
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

Date
Mon, 25 Jun 2018 21:27:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 13 Oct 2017 07:46:49 GMT
Server
gvs 1.0
Age
0
Content-Type
video/mp4
Content-Range
bytes 0-29988856/29988857
Alt-Svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
Cache-Control
private, max-age=21298
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
29988857
Expires
Mon, 25 Jun 2018 21:27:00 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
618 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ef097584e54aa7eb08be795fdf0ae55b5b16ab4ed66395ccd39cc1ddce7aae2

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f8b9bfa5d6c8ca497211a44600202a191cefc1c727d3ebc7683bbbe664919cf

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
309 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
307eaa72ebc6dc10220b86a1fc9355e25287edfc36a8e739d2c9d04ec6c901c8

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
916 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4d381931bc6113304042e127818ac6b3082a77b3468cf469b657f095976c1b0

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6149c054afc0823ec120cf44be80882294337496ef2a4b7165db2e55e0c3d60

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
943 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8619fb11afde7333d3a10ea56577a7127cc4998384abc65cb34204054a9a0efc

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
602 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce0a49dd2edc0364a8008bd1295ff273b67440fc6b21b56e9134bb7592226414

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
577 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4430b262b12eaa4b11d80cd47e63859ae361dd9ed63e0dc526515fc7fdd28d4

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
k5g7.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976WWjj.WjW.WxK.WWE/F7/
25 KB
25 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976WWjj.WjW.WxK.WWE/F7/k5g7.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
6489bada3d45535db470dad0f8a91a93a0469f045c02b38a41d6f34a7ffd5e96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:06:04 GMT
Last-Modified
Thu, 25 May 2017 04:44:12 GMT
Server
Microsoft-IIS/7.5
Age
4856
X-Powered-By
ASP.NET
ETag
"706f778e11d5d21:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25324
pp.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976ZZNN.ZNZ.Z9A.ZZo/J/
11 KB
12 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976ZZNN.ZNZ.Z9A.ZZo/J/pp.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1824a323fabd2f0cc29c5c5d9195a211a341b7c20f6c28a5eb3c6d7bd936c988

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:06:04 GMT
Last-Modified
Wed, 13 Dec 2017 18:54:04 GMT
Server
Microsoft-IIS/7.5
Age
4857
X-Powered-By
ASP.NET
ETag
"79608bf4374d31:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11639
'qy'zG'ym'qy'zX'8X'qU'yX'zJ'qf'88'yw'qu'8k'88'qf'yG'Jj'qu'JJ'yc'qm'88'zX'qf'yz'Jm'qm'8J'yu'qf'yU'JX.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976cckk.ckc.cjU.ccJ/0/'qy'zG'ym'qy'zX'8X'qU'yX'zJ'qf'88'yw'qu'8k'88'qf'yG'Jj'qu'JJ'yc'qm'88'zX'qf'yz'Jm'qm'8J'yu'qf'yU'JX/
14 KB
14 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976cckk.ckc.cjU.ccJ/0/'qy'zG'ym'qy'zX'8X'qU'yX'zJ'qf'88'yw'qu'8k'88'qf'yG'Jj'qu'JJ'yc'qm'88'zX'qf'yz'Jm'qm'8J'yu'qf'yU'JX/'qy'zG'ym'qy'zX'8X'qU'yX'zJ'qf'88'yw'qu'8k'88'qf'yG'Jj'qu'JJ'yc'qm'88'zX'qf'yz'Jm'qm'8J'yu'qf'yU'JX.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7407fd69f5b360bba79b3bf2ddf0d74c847f3db246cc14095a0455f79570aa97

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:06:04 GMT
Last-Modified
Sat, 19 May 2018 18:18:19 GMT
Server
Microsoft-IIS/7.5
Age
4856
X-Powered-By
ASP.NET
ETag
"92dd72c39defd31:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13902
X6ZI.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976RR55.R5R.RNq.RRD/76/
21 KB
22 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976RR55.R5R.RNq.RRD/76/X6ZI.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ecbfbf11319d5c104a887cc0f15a55f7de49c0073426e4629400a6ce05f74cc1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:06:04 GMT
Last-Modified
Wed, 27 Dec 2017 05:38:29 GMT
Server
Microsoft-IIS/7.5
Age
4856
X-Powered-By
ASP.NET
ETag
"e5649decd47ed31:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21931
2O1Omm2pOxBCWxppj.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976TTee.TeT.Tkz.TT6/dY/2O1Omm2pOxBCWxppj/
12 KB
12 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976TTee.TeT.Tkz.TT6/dY/2O1Omm2pOxBCWxppj/2O1Omm2pOxBCWxppj.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
921fada9c939da2d3b14730c916b760dd02f3c1bbf61ec6788123451030592f6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:06:04 GMT
Last-Modified
Mon, 18 Dec 2017 10:49:22 GMT
Server
Microsoft-IIS/7.5
Age
4856
X-Powered-By
ASP.NET
ETag
"1cf052dded77d31:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12274
Jon.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976yyaa.yay.y5p.yyY/IV/
14 KB
15 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976yyaa.yay.y5p.yyY/IV/Jon.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ffaf637e1cd7d9d0476368762ef2bf361737cd56c1cb5a2c4425e5c6b8d4f95e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:06:04 GMT
Last-Modified
Mon, 22 Jan 2018 23:30:55 GMT
Server
Microsoft-IIS/7.5
Age
4856
X-Powered-By
ASP.NET
ETag
"5794bdcd993d31:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14842
'EO'VU'ol'E0'U8'o8'EO'UX'V8'El'ox'U0'EO'VV'UX'ER't8'Uo'Ei'tV'ox'EO'Ut'tx'EO't8'to'EV'tR'ot'El'Ui'tO'EV'ol'V0'EV'oE'oi'El'tx'oo'El'Uo'Vi'EO'tU'UO'EO'Ue'VE.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976bbXX.bXb.beO.bbV/W/'EO'VU'ol'E0'U8'o8'EO'UX'V8'El'ox'U0'EO'VV'UX/
9 KB
10 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976bbXX.bXb.beO.bbV/W/'EO'VU'ol'E0'U8'o8'EO'UX'V8'El'ox'U0'EO'VV'UX/'EO'VU'ol'E0'U8'o8'EO'UX'V8'El'ox'U0'EO'VV'UX'ER't8'Uo'Ei'tV'ox'EO'Ut'tx'EO't8'to'EV'tR'ot'El'Ui'tO'EV'ol'V0'EV'oE'oi'El'tx'oo'El'Uo'Vi'EO'tU'UO'EO'Ue'VE.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1f5b99a63d39e6e735bf791849ae240fd1f2f50afd8966416ef52a3292bb1dfc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:06:04 GMT
Last-Modified
Sat, 23 Jun 2018 02:11:29 GMT
Server
Microsoft-IIS/7.5
Age
4857
X-Powered-By
ASP.NET
ETag
"c0a3377f97ad41:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9502
2D.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976KKSS.KSK.KaE.KKr/B/
13 KB
14 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976KKSS.KSK.KaE.KKr/B/2D.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e5cd1be9630848269580b7819d006fb473a43611b9ad6a78d7b2dbbecd33a6d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:06:04 GMT
Last-Modified
Thu, 25 May 2017 04:39:05 GMT
Server
Microsoft-IIS/7.5
Age
4857
X-Powered-By
ASP.NET
ETag
"709a40d710d5d21:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13495
hXABX2h2Xll9ohBhB.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976ARA.DFUvDex.HLR/kuULDjyKUJ/hXAB/X2h2/
128 KB
128 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976ARA.DFUvDex.HLR/kuULDjyKUJ/hXAB/X2h2/hXABX2h2Xll9ohBhB.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
ff738acac6b83f4588a7988071ff3af930c500c816d717e0f920fc6e599a0e94

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:16:47 GMT
CF-Cache-Status
HIT
Age
614
Connection
keep-alive
Content-Length
130686
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:47:52 GMT
Server
cloudflare
ETag
"5b3154f8-1fe7e"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a750c02015372-LAX
Expires
Tue, 25 Jun 2019 21:16:47 GMT
vSUmSwvwSxxJJUjww.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976UTU.64q86a9.P0T/53q06NbAqD/vSUm/Swvw/
49 KB
50 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976UTU.64q86a9.P0T/53q06NbAqD/vSUm/Swvw/vSUmSwvwSxxJJUjww.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
696a211498f7f2c1cd50cde6fea1cb1ebfbb5a480c9395c3f97177605099ff3a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:50 GMT
CF-Cache-Status
HIT
Age
1571
Connection
keep-alive
Content-Length
50564
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:45:51 GMT
Server
cloudflare
ETag
"5b31547f-c584"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db162f09931-LAX
Expires
Tue, 25 Jun 2019 21:00:50 GMT
8hqQhW8Wh99D8Nah8.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976qyq.YgzCYXj.tMy/enzMYkKUz6/8hqQ/hW8W/
19 KB
20 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976qyq.YgzCYXj.tMy/enzMYkKUz6/8hqQ/hW8W/8hqQhW8Wh99D8Nah8.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
5fea01d53bcfed39500210d00a766b420fb46770beb6a8132965abba731a5510

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:50 GMT
CF-Cache-Status
HIT
Age
1571
Connection
keep-alive
Content-Length
19705
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:45:27 GMT
Server
cloudflare
ETag
"5b315467-4cf9"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db1c0c298e9-LAX
Expires
Tue, 25 Jun 2019 21:00:50 GMT
CvzfvZCZvjjjCzjXZ.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976zbz.V7pHVSN.s2b/aLp2V5AqpY/Cvzf/vZCZ/
50 KB
50 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976zbz.V7pHVSN.s2b/aLp2V5AqpY/Cvzf/vZCZ/CvzfvZCZvjjjCzjXZ.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
9202c8699a6453dcbb09d7c78e8b72e1e2b5ff1915dbc79745f18461df5aede2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:50 GMT
CF-Cache-Status
HIT
Age
1571
Connection
keep-alive
Content-Length
51020
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:44:21 GMT
Server
cloudflare
ETag
"5b315425-c74c"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db21170988f-LAX
Expires
Tue, 25 Jun 2019 21:00:50 GMT
H8pG8cHc8NNSHNcYp.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976pKp.rdOPrhk.FwK/X0OwreUzOV/H8pG/8cHc/
63 KB
64 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976pKp.rdOPrhk.FwK/X0OwreUzOV/H8pG/8cHc/H8pG8cHc8NNSHNcYp.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
496e606d3febfa331622dbc330f65ebd12f2dc539887ee563d01c6150115d0ac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:50 GMT
CF-Cache-Status
HIT
Age
1571
Connection
keep-alive
Content-Length
64989
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:43:24 GMT
Server
cloudflare
ETag
"5b3153ec-fddd"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db200d698e9-LAX
Expires
Tue, 25 Jun 2019 21:00:50 GMT
PCOiCRPRCkkPVRORk.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976OAO.BIEtBv5.4WA/SMEWBaqpEr/PCOi/CRPR/
39 KB
39 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976OAO.BIEtBv5.4WA/SMEWBaqpEr/PCOi/CRPR/PCOiCRPRCkkPVRORk.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
0135825e3165b52500e1be09af330b71a8c7efd37533237a765f98dfb4c32edf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:51 GMT
CF-Cache-Status
HIT
Age
1570
Connection
keep-alive
Content-Length
39512
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:42:56 GMT
Server
cloudflare
ETag
"5b3153d0-9a58"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db4218398e9-LAX
Expires
Tue, 25 Jun 2019 21:00:51 GMT
tHE1HTtTH55tE5t5v.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976EUE.muosm8e.gZU/h2oZmXzOoB/tHE1/HTtT/
51 KB
51 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976EUE.muosm8e.gZU/h2oZmXzOoB/tHE1/HTtT/tHE1HTtTH55tE5t5v.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
69252be08353174d054e42ddb3b74cfc2e6a5d65a98d86b11e4566513b0ec796

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:51 GMT
CF-Cache-Status
HIT
Age
1570
Connection
keep-alive
Content-Length
52194
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:42:14 GMT
Server
cloudflare
ETag
"5b3153a6-cbe2"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db503f79931-LAX
Expires
Tue, 25 Jun 2019 21:00:51 GMT
sPolPysyPeeoPseyB.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976oqo.Q3JFQCa.7cq/vwJcQSpEJm/sPol/Pysy/
81 KB
82 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976oqo.Q3JFQCa.7cq/vwJcQSpEJm/sPol/Pysy/sPolPysyPeeoPseyB.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
923e4ffc73094e7969350484e5ff09b83ad7f54bca6d0364079b950207536288

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:51 GMT
CF-Cache-Status
HIT
Age
1570
Connection
keep-alive
Content-Length
83293
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:41:02 GMT
Server
cloudflare
ETag
"5b31535e-1455d"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db552c5988f-LAX
Expires
Tue, 25 Jun 2019 21:00:51 GMT
FtJxtbFbtaCYFCmCm.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976JzJ.fnD4fHX.dRz/8WDRfhOoDQ/FtJx/tbFb/
46 KB
46 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976JzJ.fnD4fHX.dRz/8WDRfhOoDQ/FtJx/tbFb/FtJxtbFbtaCYFCmCm.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
95557b482497d190db366358a849daa4190e9490124e088f1fc1b9ef948303bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:51 GMT
CF-Cache-Status
HIT
Age
1570
Connection
keep-alive
Content-Length
47030
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:39:23 GMT
Server
cloudflare
ETag
"5b3152fb-b7b6"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db551dc98e9-LAX
Expires
Tue, 25 Jun 2019 21:00:51 GMT
4sD9sK4KsXHQX9XQs.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976DpD.GL6gGPS.ITp/CZ6TGvEJ6f/4sD9/sK4K/
62 KB
62 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976DpD.GL6gGPS.ITp/CZ6TGvEJ6f/4sD9/sK4K/4sD9sK4KsXHQX9XQs.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
00323cb85809386476b0e50bf9e2a33cc74f8f4fdd765c497114c4b23a198281

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:51 GMT
CF-Cache-Status
HIT
Age
1570
Connection
keep-alive
Content-Length
63443
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:35:48 GMT
Server
cloudflare
ETag
"5b315224-f7d3"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db6824598e9-LAX
Expires
Tue, 25 Jun 2019 21:00:51 GMT
gF6jFAgAFSPSf6vvP.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba539766O6.i0Y7ith.uyO/HcYyi8oDYG/gF6j/FAgA/
56 KB
57 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba539766O6.i0Y7ith.uyO/HcYyi8oDYG/gF6j/FAgA/gF6jFAgAFSPSf6vvP.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
d9777593f3e986490238924b1e03dcea1d9e5edd01536b60a2ff88f31df70888

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:51 GMT
CF-Cache-Status
HIT
Age
1570
Connection
keep-alive
Content-Length
57677
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:34:51 GMT
Server
cloudflare
ETag
"5b3151eb-e14d"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db754aa9931-LAX
Expires
Tue, 25 Jun 2019 21:00:51 GMT
74YN4U7U4ht7tGtY7.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976YEY.1MVd1sv.3bE/PRVb1CJ6Vi/74YN/4U7U/
53 KB
53 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976YEY.1MVd1sv.3bE/PRVb1CJ6Vi/74YN/4U7U/74YN4U7U4ht7tGtY7.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
82c1911a890f380d85a228198a17f71e9af1222578f52737b39b3d092c2d2a9d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:51 GMT
CF-Cache-Status
HIT
Age
1570
Connection
keep-alive
Content-Length
54105
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:32:35 GMT
Server
cloudflare
ETag
"5b315163-d359"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db7829598e9-LAX
Expires
Tue, 25 Jun 2019 21:00:51 GMT
dgVkgqdqgvsVsgCii.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976VoV.l2rIlF8.nKo/tTrKlHDYr1/dgVk/gqdq/
28 KB
29 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976VoV.l2rIlF8.nKo/tTrKlHDYr1/dgVk/gqdq/dgVkgqdqgvsVsgCii.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
2f6982f813d2151213d225f501881185cad00048de9443aedf60a871f8225bfe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 21:00:51 GMT
CF-Cache-Status
HIT
Age
1571
Connection
keep-alive
Content-Length
28753
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:31:30 GMT
Server
cloudflare
ETag
"5b315122-7051"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a5db7e3b4988f-LAX
Expires
Tue, 25 Jun 2019 21:00:51 GMT
I7r57zIz78IQFr1Ir.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976rJr.xwBux4C.LAJ/syBAxP6VBl/I7r5/7zIz/
48 KB
48 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976rJr.xwBux4C.LAJ/syBAxP6VBl/I7r5/7zIz/I7r57zIz78IQFr1Ir.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
c1db8893c822f2615b1c62cf462b4317bc793ca988b38828e60fba35af08baf2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:45:45 GMT
CF-Cache-Status
HIT
Age
2478
Connection
keep-alive
Content-Length
49039
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:29:31 GMT
Server
cloudflare
ETag
"5b3150ab-bf8f"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a479447d0537e-LAX
Expires
Tue, 25 Jun 2019 20:45:45 GMT
udBedpupdCueBuPfu.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976BDB.9Wm39gH.0UD/FbmU9tYrmx/udBe/dpup/
46 KB
47 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976BDB.9Wm39gH.0UD/FbmU9tYrmx/udBe/dpup/udBedpupdCueBuPfu.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
392a00989100747098b6b74dc068f81d1f0ce695bad6e576b840881883c16bb1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:45:45 GMT
CF-Cache-Status
HIT
Age
2478
Connection
keep-alive
Content-Length
47361
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:28:12 GMT
Server
cloudflare
ETag
"5b31505c-b901"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a479447a05047-LAX
Expires
Tue, 25 Jun 2019 20:45:45 GMT
3ImaIO3OIH3OxagOx.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976m6m.jZQnj7P.Mq6/4KQqjsVBQ9/3Ima/IO3O/
42 KB
42 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976m6m.jZQnj7P.Mq6/4KQqjsVBQ9/3Ima/IO3O/3ImaIO3OIH3OxagOx.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
ed2cb5bc44d40c02afa2f01d6833890802a89190d139a32f88f3e117c80e8c8c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:45:45 GMT
CF-Cache-Status
HIT
Age
2478
Connection
keep-alive
Content-Length
42645
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:26:58 GMT
Server
cloudflare
ETag
"5b315012-a695"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a4794549b20d2-LAX
Expires
Tue, 25 Jun 2019 20:45:45 GMT
nuQXuEnEuPQi9EnEQ.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976QYQ.NcfLNdt.2zY/gAfzNFrmfj/nuQX/uEnE/
32 KB
32 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976QYQ.NcfLNdt.2zY/gAfzNFrmfj/nuQX/uEnE/nuQXuEnEuPQi9EnEQ.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
aae54d1b30c0c2cb42583cf5b2bb957e63bc967a723e61c1255511fcbade371e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:45:45 GMT
CF-Cache-Status
HIT
Age
2478
Connection
keep-alive
Content-Length
32769
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:19:56 GMT
Server
cloudflare
ETag
"5b314e6c-8001"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a479446fb20d8-LAX
Expires
Tue, 25 Jun 2019 20:45:45 GMT
L3fS3oLo3t3otfSF1.jpg
1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976fVf.kRG0kIs.wpV/7UGpk4BQGN/L3fS/3oLo/
20 KB
21 KB
Image
General
Full URL
http://1.170.89.68/hp22544d72d85658ce16b21660381b8b644ba53976fVf.kRG0kIs.wpV/7UGpk4BQGN/L3fS/3oLo/L3fS3oLo3t3otfSF1.jpg
Protocol
HTTP/1.1
Server
1.170.89.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-170-89-68.dynamic-ip.hinet.net
Software
cloudflare /
Resource Hash
8a6b7e72b6cb11a3e70d2026a8fed545f314dbd8aced1e72dc3fcb3a8f1a8f26

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Jun 2018 20:31:18 GMT
CF-Cache-Status
HIT
Age
3345
Connection
keep-alive
Content-Length
20772
Pragma
public
Last-Modified
Mon, 25 Jun 2018 20:06:41 GMT
Server
cloudflare
ETag
"5b314b51-5124"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
430a326a908453ba-LAX
Expires
Tue, 25 Jun 2019 20:31:18 GMT
EWfUgscqhvqaK
111.254.32.43/hs22544d72d85658ce16b21660381b8b644ba53976ZnB---Vl-gmiUclUn.mggmcUEWfUg.ag0/
14 KB
0
Media
General
Full URL
http://111.254.32.43/hs22544d72d85658ce16b21660381b8b644ba53976ZnB---Vl-gmiUclUn.mggmcUEWfUg.ag0/EWfUgscqhvqaK?acUl=NTToooAQ&VginaU=hgiYivU&VWmlqYinU=TTLBAZ11CZITIBBTQo4odN9N14ZJTIJJLJ1QZICJ.9dZN4AC1rIdZd44dIBoCoQCJC14r9ooZdBdooB4r&URsWnU=ZANTTo1IZo&nqYUvhsqVV=hUV&c0Y=ZA9Qoo9o9TNoZN9o&nUPiWnUVVc=hUV&mWn=hUV&0W0U=EWfUg/0sB&2EWs=B&2URs=N1Q9T1AT&Vsqnq0V=acUl,fin,UW,mWn,Wf,WlWYaklfvsV,Ws,WsvWYV,WYqm,c0Y,0W0U,00,0l,0V,0E,sc,nqYUvhsqVV,nUPiWnUVVc,VginaU,URsWnU&Wf=g-Cjn8wrVoaxB5lZUZQV5ITvBX-LRQplchE2kPFB7Fnloq&0E=0&fin=IA1.11T&0Y=ZANTTIZT9T&WYqm=Zo&0V=qi,gln&WlWYaklfvsV=NAoINA9&0l=Vl-gmiUclUn,Vl-1s0QIlQI&WsvWYV=9&00=1Z,NI&sc=ZI&a=54L&KUh=hYI&Ws=Z1.ZNB.oT.I&UW=GcBR5TiXxbFsmM6EsQ6gLk&YWYcU=g
Protocol
HTTP/1.1
Server
111.254.32.43 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
111-254-32-43.dynamic-ip.hinet.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://0rr32d.global.ssl.fastly.net
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

Date
Mon, 25 Jun 2018 21:27:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 13 Oct 2017 07:46:49 GMT
Server
gvs 1.0
Age
0
Content-Type
video/mp4
Content-Range
bytes 0-29988856/29988857
Alt-Svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
Cache-Control
private, max-age=21298
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
29988857
Expires
Mon, 25 Jun 2018 21:27:00 GMT
EWfUgscqhvqaK
111.254.32.43/hs22544d72d85658ce16b21660381b8b644ba53976ZnB---Vl-gmiUclUn.mggmcUEWfUg.ag0/
33 KB
0
Media
General
Full URL
http://111.254.32.43/hs22544d72d85658ce16b21660381b8b644ba53976ZnB---Vl-gmiUclUn.mggmcUEWfUg.ag0/EWfUgscqhvqaK?acUl=NTToooAQ&VginaU=hgiYivU&VWmlqYinU=TTLBAZ11CZITIBBTQo4odN9N14ZJTIJJLJ1QZICJ.9dZN4AC1rIdZd44dIBoCoQCJC14r9ooZdBdooB4r&URsWnU=ZANTTo1IZo&nqYUvhsqVV=hUV&c0Y=ZA9Qoo9o9TNoZN9o&nUPiWnUVVc=hUV&mWn=hUV&0W0U=EWfUg/0sB&2EWs=B&2URs=N1Q9T1AT&Vsqnq0V=acUl,fin,UW,mWn,Wf,WlWYaklfvsV,Ws,WsvWYV,WYqm,c0Y,0W0U,00,0l,0V,0E,sc,nqYUvhsqVV,nUPiWnUVVc,VginaU,URsWnU&Wf=g-Cjn8wrVoaxB5lZUZQV5ITvBX-LRQplchE2kPFB7Fnloq&0E=0&fin=IA1.11T&0Y=ZANTTIZT9T&WYqm=Zo&0V=qi,gln&WlWYaklfvsV=NAoINA9&0l=Vl-gmiUclUn,Vl-1s0QIlQI&WsvWYV=9&00=1Z,NI&sc=ZI&a=54L&KUh=hYI&Ws=Z1.ZNB.oT.I&UW=GcBR5TiXxbFsmM6EsQ6gLk&YWYcU=g
Protocol
HTTP/1.1
Server
111.254.32.43 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
111-254-32-43.dynamic-ip.hinet.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://0rr32d.global.ssl.fastly.net
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=294912-

Response headers

Date
Mon, 25 Jun 2018 21:27:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 13 Oct 2017 07:46:49 GMT
Server
gvs 1.0
Age
0
Content-Type
video/mp4
Content-Range
bytes 294912-29988856/29988857
Alt-Svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
Cache-Control
private, max-age=21296
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
29693945
Expires
Mon, 25 Jun 2018 21:27:02 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| cde string| ooSign object| adsbygoogle string| ooFind string| ooFrom string| ooType string| ooPath string| ooMyip function| Init function| Load function| TestA function| TestB function| TestC function| TestD function| TestE function| TestF function| TestG function| Goto function| Show function| Encrypt object| jQuery1124034041237084101517 string| k object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy object| google_persistent_state_async object| google_reactive_ads_global_state object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure object| vttjs function| WebVTT function| videojs string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| google_osd_amcb

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.0rr32d.global.ssl.fastly.net/ Name: _gat
Value: 1
.0rr32d.global.ssl.fastly.net/ Name: _gid
Value: GA1.5.603626725.1529962018
.0rr32d.global.ssl.fastly.net/ Name: _ga
Value: GA1.5.1356090234.1529962017

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0rr32d.global.ssl.fastly.net
adservice.google.com
adservice.google.de
api.ipify.org
cdn.bootcss.com
cdn.jsdelivr.net
cors.io
googleads.g.doubleclick.net
pagead2.googlesyndication.com
raw.githubusercontent.com
stats.g.doubleclick.net
t.cn
www.google-analytics.com
1.170.89.68
111.254.32.43
114.134.80.138
114.80.62.3
151.101.112.133
151.101.113.194
23.23.114.123
2400:cb00:2048:1::6818:62fb
2a00:1450:4001:812::200e
2a00:1450:4001:815::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2002
2a00:1450:400c:c0c::9a
94.31.29.138
00323cb85809386476b0e50bf9e2a33cc74f8f4fdd765c497114c4b23a198281
0135825e3165b52500e1be09af330b71a8c7efd37533237a765f98dfb4c32edf
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10400057d6b8ff99fbfaa9c8f5225f420844ada78b9762aed38bc5f87f5168e3
1824a323fabd2f0cc29c5c5d9195a211a341b7c20f6c28a5eb3c6d7bd936c988
1f5b99a63d39e6e735bf791849ae240fd1f2f50afd8966416ef52a3292bb1dfc
210b2b6ec15a3c6876fbb1a119752104b7bebdfab43c6dadd60aefad2992a18d
2249ebb505fb6c85aab2d57fecad5457a6e293fa59d78686ec55f72c6f617d92
23a5d8589ec38afde5e9c32aee58e7077dc85865a5fb26140e53cde6197fa12f
2f6982f813d2151213d225f501881185cad00048de9443aedf60a871f8225bfe
307eaa72ebc6dc10220b86a1fc9355e25287edfc36a8e739d2c9d04ec6c901c8
392a00989100747098b6b74dc068f81d1f0ce695bad6e576b840881883c16bb1
3ef097584e54aa7eb08be795fdf0ae55b5b16ab4ed66395ccd39cc1ddce7aae2
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
496e606d3febfa331622dbc330f65ebd12f2dc539887ee563d01c6150115d0ac
4c0805b71752000d2c9bf1aaa055a0329b3e481620e266996d75c31099457da7
5fea01d53bcfed39500210d00a766b420fb46770beb6a8132965abba731a5510
6489bada3d45535db470dad0f8a91a93a0469f045c02b38a41d6f34a7ffd5e96
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69252be08353174d054e42ddb3b74cfc2e6a5d65a98d86b11e4566513b0ec796
696a211498f7f2c1cd50cde6fea1cb1ebfbb5a480c9395c3f97177605099ff3a
6f8b9bfa5d6c8ca497211a44600202a191cefc1c727d3ebc7683bbbe664919cf
7407fd69f5b360bba79b3bf2ddf0d74c847f3db246cc14095a0455f79570aa97
797a01da5c69a8881df555214c425f305dc5f57ed6ed234d7a8d5e6736797647
81f53be895dead2f74f9b8a81f9886244f0c1f66341d3bcef9adede78ca01311
82c1911a890f380d85a228198a17f71e9af1222578f52737b39b3d092c2d2a9d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8619fb11afde7333d3a10ea56577a7127cc4998384abc65cb34204054a9a0efc
8a6b7e72b6cb11a3e70d2026a8fed545f314dbd8aced1e72dc3fcb3a8f1a8f26
9202c8699a6453dcbb09d7c78e8b72e1e2b5ff1915dbc79745f18461df5aede2
921fada9c939da2d3b14730c916b760dd02f3c1bbf61ec6788123451030592f6
923e4ffc73094e7969350484e5ff09b83ad7f54bca6d0364079b950207536288
95557b482497d190db366358a849daa4190e9490124e088f1fc1b9ef948303bd
9a6af060cc89302f579f527a01b5efa3ea9cc20f783e7833ff1cb00db7530dcb
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e01d2473096e9ebafb493d80dce879d677d52f4bb5715df39c46de4ab7466b0
aae54d1b30c0c2cb42583cf5b2bb957e63bc967a723e61c1255511fcbade371e
b6149c054afc0823ec120cf44be80882294337496ef2a4b7165db2e55e0c3d60
bab3d1d3bfb4445c576493d2db8d4a88872ca7bfff3f6e107c0225183c8b37af
c067f1d0e4fa43f8f538484784981462777754d8af1d7221386e3ead95860a9e
c1db8893c822f2615b1c62cf462b4317bc793ca988b38828e60fba35af08baf2
c3432fc06eef304d7bab0ead7819fa1b1ba626fe0cbd3de6e9a463b55547b3bf
c4d381931bc6113304042e127818ac6b3082a77b3468cf469b657f095976c1b0
ce0a49dd2edc0364a8008bd1295ff273b67440fc6b21b56e9134bb7592226414
d9777593f3e986490238924b1e03dcea1d9e5edd01536b60a2ff88f31df70888
df9cdd0219b5eff3950e0f259c7b411dbca16bb2ee27685e765ef1b4ff4eaaa4
e32e15f1445d33a9dea1669a7e2d79a7dd0337b7032cc74a77bb5bb89b52ec89
e3369c645ecb1e8bb9e356997d057a73faab1dfb22ca1a55102f1df109fcaa71
e4430b262b12eaa4b11d80cd47e63859ae361dd9ed63e0dc526515fc7fdd28d4
e5cd1be9630848269580b7819d006fb473a43611b9ad6a78d7b2dbbecd33a6d8
ecbfbf11319d5c104a887cc0f15a55f7de49c0073426e4629400a6ce05f74cc1
ed2cb5bc44d40c02afa2f01d6833890802a89190d139a32f88f3e117c80e8c8c
f055a1f358d1eeaced6c9d100cf587d26d0ac57761cad397c347b11928434ade
f9b31028ba6e6bad32c3b7d8e37e3e8263e20859357156ca5c11bd4d4b828290
ff738acac6b83f4588a7988071ff3af930c500c816d717e0f920fc6e599a0e94
ffaf637e1cd7d9d0476368762ef2bf361737cd56c1cb5a2c4425e5c6b8d4f95e