mary0213.kangendemo.com Open in urlscan Pro
52.1.217.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.healthy-water-is-key.com.alldreamsareworthit.com/
Effective URL:
http://mary0213.kangendemo.com/
Submission: On April 16 via automatic, source certstream-suspicious (April 16th 2020, 2:03:18 am UTC)

Summary HTTP 44 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 44 HTTP transactions. The main IP is 52.1.217.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mary0213.kangendemo.com.

This is the only time mary0213.kangendemo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	50.87.150.80 50.87.150.80	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
19	52.1.217.30 52.1.217.30	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
44	12

1 50.87.150.80 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-150-80.unifiedlayer.com

www.healthy-water-is-key.com.alldreamsareworthit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.1.217.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: enagicwebsystem.com

mary0213.kangendemo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	kangendemo.com mary0213.kangendemo.com	563 KB
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
4	gstatic.com fonts.gstatic.com	56 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	8 KB
3	fontawesome.com use.fontawesome.com	150 KB
2	facebook.com www.facebook.com	255 B
2	facebook.net connect.facebook.net	116 KB
2	unpkg.com unpkg.com	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	32 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	alldreamsareworthit.com 1 redirects www.healthy-water-is-key.com.alldreamsareworthit.com	102 B
44	11

	Domain	Requested by
19	mary0213.kangendemo.com	mary0213.kangendemo.com
4	fonts.gstatic.com	ajax.googleapis.com
4	platform.twitter.com	mary0213.kangendemo.com platform.twitter.com
3	fonts.googleapis.com	ajax.googleapis.com mary0213.kangendemo.com
3	use.fontawesome.com	mary0213.kangendemo.com
2	www.facebook.com	mary0213.kangendemo.com connect.facebook.net
2	connect.facebook.net	mary0213.kangendemo.com connect.facebook.net
2	unpkg.com	mary0213.kangendemo.com
2	maxcdn.bootstrapcdn.com	mary0213.kangendemo.com
1	syndication.twitter.com	mary0213.kangendemo.com
1	ajax.googleapis.com	mary0213.kangendemo.com
1	cdnjs.cloudflare.com	mary0213.kangendemo.com
1	www.healthy-water-is-key.com.alldreamsareworthit.com	1 redirects
44	13

This site contains links to these domains. Also see Links.

Domain
twitter.com
mary0213.yourbodyiswater.com
mary0213.enagicweb.com
mary0213.enagicweb.info
mary0213.ecokangen.com
mary0213.truehealthwebinar.com
www.enagicwebsystem.com

Subject Issuer	Validity	Valid
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-06` - `2020-10-09`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://mary0213.kangendemo.com/
Frame ID: B1EFAB4C906EDC04BBE0324E4F707A29
Requests: 41 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=http%3A%2F%2Fmary0213.kangendemo.com
Frame ID: CA771A301562EA1625702A6842BE1739
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Frame ID: 630617A83FC723A519782DDF4E8D81A8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.1/plugins/share_button.php?app_id=1262772873776542&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df7a9097c0d134c%26domain%3Dmary0213.kangendemo.com%26origin%3Dhttp%253A%252F%252Fmary0213.kangendemo.com%252Ff4d6e0f8a9b304%26relation%3Dparent.parent&container_width=39&href=http%3A%2F%2Fmary0213.kangendemo.com%2F&layout=button&locale=en_US&mobile_iframe=true&sdk=joey&size=small
Frame ID: 7C235447431F13BDEC00A3D8D0511209
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.healthy-water-is-key.com.alldreamsareworthit.com/ HTTP 301
http://mary0213.kangendemo.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Page Statistics

44
Requests

45 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

967 kB
Transfer

1946 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: http://mary0213.yourbodyiswater.com/

Search URL Search Domain Scan URL

URL: http://mary0213.enagicweb.com/

Search URL Search Domain Scan URL

URL: http://mary0213.enagicweb.info/

Search URL Search Domain Scan URL

URL: http://mary0213.ecokangen.com/

Search URL Search Domain Scan URL

URL: http://mary0213.truehealthwebinar.com/

Search URL Search Domain Scan URL

URL: https://www.enagicwebsystem.com/
Title: EnagicWebSystem.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.healthy-water-is-key.com.alldreamsareworthit.com/ HTTP 301
http://mary0213.kangendemo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
mary0213.kangendemo.com/
Redirect Chain

https://www.healthy-water-is-key.com.alldreamsareworthit.com/
http://mary0213.kangendemo.com/

31 KB
12 KB

475ms
341ms

Document
text/html

52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

4b15858f34e84338ac44def726a70ee89f80e857183e0fe9313b4921cb8d77be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff nosniff

Request headers

Host: mary0213.kangendemo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:41 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: flexmarkx_x5_sess_id=096ortipb1ujadnm5vkt4j7t65; path=/ flexmark_x5_communityid=11; expires=Tue, 15-Apr-2025 02:02:41 GMT; Max-Age=157680000; path=/; domain=.mary0213.kangendemo.com
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff nosniff
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11402
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

Redirect headers

status: 301
date: Thu, 16 Apr 2020 02:02:41 GMT
server: Apache
location: http://mary0213.kangendemo.com/
content-length: 342
content-type: text/html; charset=iso-8859-1

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/ 147 KB
20 KB 10ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mary0213.kangendemo.com/
Origin: http://mary0213.kangendemo.com

Response headers

date: Thu, 16 Apr 2020 02:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:09 GMT
status: 200
etag: "1544639649"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 20027

GET
H2 200 all.css
use.fontawesome.com/releases/v5.4.1/css/ 49 KB
13 KB 102ms
32ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Requested by: Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mary0213.kangendemo.com/
Origin: http://mary0213.kangendemo.com

Response headers

date: Thu, 16 Apr 2020 02:02:41 GMT
content-encoding: gzip
last-modified: Thu, 11 Oct 2018 20:07:26 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"beb60a9475685e87a9738a7306591e69"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK jwplayer.js Show response
mary0213.kangendemo.com/media/jwplayer/ 214 KB
61 KB 241ms
221ms Script
application/javascript 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://mary0213.kangendemo.com/media/jwplayer/jwplayer.js?noc=8

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

7a6cf769b600b51a39d1906c8ac4408b3ae54ba111fc4ca714fcf627720185c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 05 Jan 2017 20:53:48 GMT
Server: Apache
ETag: "3571d-5455f190c4f00-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Upgrade: h2,h2c
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Expires: Fri, 17 Apr 2020 02:02:41 GMT

GET
H/1.1 200
OK packer.php Show response
mary0213.kangendemo.com/affsites/free/include/jsframe/ 225 KB
58 KB 240ms
221ms Script
text/javascript 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://mary0213.kangendemo.com/affsites/free/include/jsframe/packer.php?js=messenger2|ajaxspin|formcsrf2&fw=jq111&v=3.2.2

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

2a49ef0afb0f8fbe460845e2e58d59585dc7ce2e7dd6163ed05c3835668fe929

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: Apache
Strict-Transport-Security: max-age=63072000
Upgrade: h2,h2c
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Expires: Fri, 17 Apr 2020 02:02:41 GMT

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 24 KB
7 KB 19ms
16ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mary0213.kangendemo.com/
Origin: http://mary0213.kangendemo.com

Response headers

date: Thu, 16 Apr 2020 02:02:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5939084
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0222526ea70000bec9970df200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:59 GMT
server: cloudflare
etag: W/"5afd4ae3-619d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 584a535dd8bfbec9-FRA
expires: Tue, 06 Apr 2021 02:02:42 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/ 46 KB
12 KB 10ms
7ms Script
text/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mary0213.kangendemo.com/
Origin: http://mary0213.kangendemo.com

Response headers

date: Thu, 16 Apr 2020 02:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
status: 200
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 12031

GET
H/1.1 200
OK packcss.php
mary0213.kangendemo.com/affsites/free/include/jsframe/ 5 KB
2 KB 111ms
110ms Stylesheet
text/css 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://mary0213.kangendemo.com/affsites/free/include/jsframe/packcss.php?css=main|skin_neutral|chatter&fw=affsite&v=3.2.2

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

98eb5e1ce60a150effc46261857314bbbc5eb6d8ff333840d98fb34f44f89a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Thu, 16 Apr 2020 02:02:41 GMT
Server: Apache
ETag: "e0be0bc6ef18bd21d83c3077e8c9c182-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: text/css;charset=UTF-8
Cache-Control: private, max-age=31536000
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 1821
Keep-Alive: timeout=5, max=99
Expires: Fri, 16 Apr 2021 02:02:41 GMT

GET
H/1.1 200
OK pack.php Show response
mary0213.kangendemo.com/affsites/free/include/jsframe/ 4 KB
3 KB 226ms
207ms Script
text/javascript 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://mary0213.kangendemo.com/affsites/free/include/jsframe/pack.php?js=appchatter&v=3.2.2

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

398f5c947314ec29ffa0875057182f03e2f0b70e180f038efca6a55a8fcdd439

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Thu, 16 Apr 2020 02:02:41 GMT
Server: Apache
ETag: "e0be0bc6ef18bd21d83c3077e8c9c182"
Strict-Transport-Security: max-age=63072000
Upgrade: h2,h2c
Cache-Control: private, max-age=300
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Expires: Thu, 16 Apr 2020 04:00:00 GMT

GET
H/1.1 200
OK orange.png
mary0213.kangendemo.com/affsites/free/images/drops/ 8 KB
8 KB 135ms
133ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/affsites/free/images/drops/orange.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

5803282fadea75fa2150165990fd3f1444e3b2741029d27173f4ce0556515f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 24 Jun 2016 01:32:14 GMT
Server: Apache
ETag: "1faf-535fc23e82380-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 7875
Keep-Alive: timeout=5, max=99
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK yellow.png
mary0213.kangendemo.com/affsites/free/images/drops/ 9 KB
10 KB 135ms
132ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/affsites/free/images/drops/yellow.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

61c8ea1d4ea8f8b47de96cf6ad5fd68ceca32a3cc2b9c22cebfd984089c267da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 24 Jun 2016 01:32:52 GMT
Server: Apache
ETag: "25ad-535fc262bf900-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 9409
Keep-Alive: timeout=5, max=99
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK distributor-green.png
mary0213.kangendemo.com/affsites/free/images/ 23 KB
23 KB 135ms
133ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/affsites/free/images/distributor-green.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

23e0c707dc5eb635e8fea2c20dc928cc1fb9a5663934f2682d516ff7e1f2fd39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Mon, 15 May 2017 15:24:11 GMT
Server: Apache
ETag: "5b63-54f91a5a0ea50-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 23166
Keep-Alive: timeout=5, max=99
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK blue.png
mary0213.kangendemo.com/affsites/free/images/drops/ 9 KB
10 KB 109ms
107ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/affsites/free/images/drops/blue.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

cf954c25dc34fddde0432a3ddaf4d92c46580c023867a048151e2cad95caf321

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Fri, 24 Jun 2016 01:33:42 GMT
Server: Apache
ETag: "24f7-535fc2926e980-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 9228
Keep-Alive: timeout=5, max=98
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK violet.png
mary0213.kangendemo.com/affsites/free/images/drops/ 9 KB
9 KB 227ms
207ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/affsites/free/images/drops/violet.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

b5e5cbad23df1df7f43619c78abf2c4af0fedb58ce6f130b3c6bcd7ee19153cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Connection: Upgrade, Keep-Alive
Content-Length: 8982
Last-Modified: Fri, 24 Jun 2016 01:34:12 GMT
Server: Apache
ETag: "2400-535fc2af0ad00-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Upgrade: h2,h2c
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK sc_e4.png
mary0213.kangendemo.com/backoffice/images/ 75 KB
75 KB 233ms
214ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/backoffice/images/sc_e4.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

5cf27d0ab04d480db7a43e88e3e37914d18f23b6a0655b53e46656dfac74848a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 30 Aug 2017 19:30:51 GMT
Server: Apache
ETag: "12b48-557fd90d29a72-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Upgrade: h2,h2c
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK sc_e5.png
mary0213.kangendemo.com/backoffice/images/ 60 KB
60 KB 229ms
113ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/backoffice/images/sc_e5.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

93ade18726d7841fbd81a7b45255e11c119cd1ff2d4df68aa36a6eafe458e44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 30 Aug 2017 19:30:57 GMT
Server: Apache
ETag: "f124-557fd912e572c-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 61265
Keep-Alive: timeout=5, max=98
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK sc_e6.png
mary0213.kangendemo.com/backoffice/images/ 79 KB
79 KB 232ms
115ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/backoffice/images/sc_e6.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

c82b771be58611588791a449c95cb69c8938c3ba23bab2ac1aab9c6ef14a67e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 30 Aug 2017 19:30:55 GMT
Server: Apache
ETag: "13a8c-557fd911502b3-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK sc_eco.png
mary0213.kangendemo.com/backoffice/images/ 63 KB
63 KB 321ms
115ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/backoffice/images/sc_eco.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

90e1fe4f046f02cefdf14b60eda8ffcac27614e5a83fded52645ee44c2f73edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Mon, 23 Sep 2019 05:50:24 GMT
Server: Apache
ETag: "fb32-59331fef98800-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 64334
Keep-Alive: timeout=5, max=99
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK sc_truehealth.png
mary0213.kangendemo.com/backoffice/images/ 72 KB
72 KB 301ms
113ms Image
image/png 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/backoffice/images/sc_truehealth.png

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

b1f0165f6b1bc3bce62219d70860f48d3b943e6cb0e962f86ae5d8f2474cfc7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 30 Aug 2017 19:31:20 GMT
Server: Apache
ETag: "11f05-557fd928adb45-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Expires: Fri, 17 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 8ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4199) /
Resource Hash: deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:48:50 GMT
Server: ECS (fcn/4199)
Age: 1436
Etag: "bfee88d079c2668aea5525e2d719ba90+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29121

GET
H2 200 forms-min.css
unpkg.com/purecss@1.0.0/build/ 7 KB
1 KB 19ms
19ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/purecss@1.0.0/build/forms-min.css

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0310fa615f0219402a3de049aa6aeb6a3b4880186d600fc58840ca41d2cdc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 02:02:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5939032
status: 200
vary: Accept-Encoding
cf-request-id: 0222526e810000d709bca69200000001
last-modified: Mon, 05 Jun 2017 15:02:40 GMT
server: cloudflare
etag: W/"1b71-JGz/1XxDgo4tDIaHtAyiXCVK9PQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 389c6d117b84c1d88a697e8acfbb2518
cache-control: public, max-age=31536000
cf-ray: 584a535d9976d709-FRA

GET
H2 200 buttons-min.css
unpkg.com/purecss@1.0.0/build/ 2 KB
812 B 15ms
15ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/purecss@1.0.0/build/buttons-min.css

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f91071dfc76c8441fc4203e5f0783605a182d6f761cb2fdf9e79c15d1b4c7671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 02:02:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14583899
status: 200
vary: Accept-Encoding
cf-request-id: 0222526e8b0000d709bca6a200000001
last-modified: Mon, 05 Jun 2017 15:02:40 GMT
server: cloudflare
etag: W/"7ea-3yjdIitZZtODQUiewm3PcfXe+50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: d991739bdbb2026167f4fd9cc4b9d8be
cache-control: public, max-age=31536000
cf-ray: 584a535da985d709-FRA

GET
H/1.1 200
OK packcss.php
mary0213.kangendemo.com/affsites/free/include/jsframe/ 27 KB
4 KB 128ms
128ms Stylesheet
text/css 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://mary0213.kangendemo.com/affsites/free/include/jsframe/packcss.php?css=messenger2|ajaxspin&fw=jq111

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/affsites/free/include/jsframe/packer.php?js=messenger2|ajaxspin|formcsrf2&fw=jq111&v=3.2.2

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

f105d42eee40cd0c8ceb859b1a5f49691c4c28229e8385a274295800a1361e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Thu, 16 Apr 2020 02:02:42 GMT
Server: Apache
ETag: "f2171ef6d151a005c460fc587e82bd4e-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: text/css;charset=UTF-8
Cache-Control: private, max-age=31536000
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 3974
Keep-Alive: timeout=5, max=97
Expires: Fri, 16 Apr 2021 02:02:42 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Apr 2020 03:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1119643
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Apr 2021 03:01:59 GMT

GET
H/1.1 200
OK mary0213.jpg
mary0213.kangendemo.com/dynimg/user_images/200x200xno/ 8 KB
9 KB 227ms
110ms Image
image/jpeg 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://mary0213.kangendemo.com/dynimg/user_images/200x200xno/mary0213.jpg

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

8bb32d0eab6488c1ee423eb62557bb2e4d3cbef9464e8f655a8fe9698118fc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Mon, 24 Jul 2017 21:12:18 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000
Content-Type: image/jpeg
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="dynimg_200x200xno_mary0213.jpg"
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 8338
Keep-Alive: timeout=5, max=97
Expires: Sun, 31 May 2020 02:02:42 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.4.1/webfonts/ 67 KB
67 KB 39ms
38ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/webfonts/fa-brands-400.woff2
Requested by: Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8386356e1d512f570aac1b4883b928fe4bfd649c1d54a4d0f618357359cd3b74

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Origin: http://mary0213.kangendemo.com

Response headers

date: Thu, 16 Apr 2020 02:02:42 GMT
last-modified: Thu, 11 Oct 2018 20:07:48 GMT
server: NetDNA-cache/2.2
status: 200
etag: "921f1150167369cf4c400135a4905728"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 68240

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.4.1/webfonts/ 70 KB
71 KB 69ms
68ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/webfonts/fa-solid-900.woff2
Requested by: Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Origin: http://mary0213.kangendemo.com

Response headers

date: Thu, 16 Apr 2020 02:02:42 GMT
last-modified: Thu, 11 Oct 2018 20:08:04 GMT
server: NetDNA-cache/2.2
status: 200
etag: "1dc5b6dd4bf409a6f919be38603f76a0"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 72000

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ea3f8ffc043b9e9e3638891ce8eaf2ed7693e46f2fa036954d275f4e58addc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kNw8+yaxnqqfo1uIgIj9Hw==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1780
etag: "a3bf9340fc8cce714f8c3011e3da06b2"
x-fb-debug: /Osyol/fE6Lg8XSbQP30nwyqFZ0RG8OFukOUdLj9HLemv+nvxp1wO2GjhqGUL+Nw6ov+yiVHyRjZpa90Df2Ukg==
x-fb-trip-id: 1850256238
x-fb-content-md5: 3ce64c64a578fb08790784994e5fd42e
x-frame-options: DENY
date: Thu, 16 Apr 2020 02:02:42 GMT, Thu, 16 Apr 2020 02:02:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Apr 2020 02:07:52 GMT

POST
H/1.1 200
OK index.php Show response
mary0213.kangendemo.com/ 226 B
849 B 331ms
125ms XHR
application/json 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://mary0213.kangendemo.com/index.php

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/affsites/free/include/jsframe/packer.php?js=messenger2|ajaxspin|formcsrf2&fw=jq111&v=3.2.2

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

5b875887081d0667d8e8634d45730d97252c68eebaf66b3caab169808453dc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://mary0213.kangendemo.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: application/json
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 224
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1002 B 22ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato:400,300,900,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d21aa9bb41fc8a4388777c41c9b78bfe755366209b06dbbc074f75d9ecc0d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Apr 2020 02:02:42 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 16 Apr 2020 02:02:42 GMT

GET
H/1.1 200
OK widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame CA77 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=http%3A%2F%2Fmary0213.kangendemo.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://mary0213.kangendemo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mary0213.kangendemo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1436
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Apr 2020 02:02:42 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 07 Apr 2020 20:47:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B4)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 390 KB
114 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=830ed89e7c2344dcd63b7a3d5c051d08&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da73b7af061badaa2a07999775262bae36e2bea2096211b2e823f669fac0a82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mary0213.kangendemo.com/
Origin: http://mary0213.kangendemo.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wl67CHXloRCl0yLqIoSHSA==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 115991
etag: "d3aa95c92f970bebfa45f055bfefdc51"
x-fb-debug: RqsjAgRQA/8eXZ3HWi74SJLCXtG6kWLfMQJVkeyRUXcMzEJahGb8D6gkItRKlUTFmyBQLGDC43hl4+/NxTtOCA==
x-fb-trip-id: 2000377899
x-fb-content-md5: de7da9506f10d02ec770a079134f8872
x-frame-options: DENY
date: Thu, 16 Apr 2020 02:02:42 GMT, Thu, 16 Apr 2020 02:02:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 16 Apr 2021 01:47:52 GMT

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 13ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lato:400,300,900,700&subset=latin
Origin: http://mary0213.kangendemo.com

Response headers

Date: Wed, 15 Apr 2020 03:10:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:45:55 GMT
Server: sffe
Age: 82331
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14044
X-XSS-Protection: 0
Expires: Thu, 15 Apr 2021 03:10:31 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lato:400,300,900,700&subset=latin
Origin: http://mary0213.kangendemo.com

Response headers

Date: Tue, 14 Apr 2020 19:47:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:45:39 GMT
Server: sffe
Age: 108920
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13912
X-XSS-Protection: 0
Expires: Wed, 14 Apr 2021 19:47:22 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
14 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lato:400,300,900,700&subset=latin
Origin: http://mary0213.kangendemo.com

Response headers

Date: Tue, 14 Apr 2020 14:34:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:45:45 GMT
Server: sffe
Age: 127691
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13732
X-XSS-Protection: 0
Expires: Wed, 14 Apr 2021 14:34:31 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 34ms
29ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Lato:400,300,900,700&subset=latin
Origin: http://mary0213.kangendemo.com

Response headers

Date: Sat, 28 Mar 2020 11:41:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:45:54 GMT
Server: sffe
Age: 1606891
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14176
X-XSS-Protection: 0
Expires: Sun, 28 Mar 2021 11:41:11 GMT

GET
H/1.1 200
OK button.93a0c25c2d2f3081c705c98c2d9dec0e.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.93a0c25c2d2f3081c705c98c2d9dec0e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4199) /
Resource Hash: cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:47:38 GMT
Server: ECS (fcn/4199)
Age: 1430
Etag: "0745fc0bb127ba13d716d66761b4628d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2298

GET
H/1.1 200
OK tweet_button.6787510241df65d128e2b60207ad4c25.en.html
platform.twitter.com/widgets/ Frame 6306 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4199) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://mary0213.kangendemo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mary0213.kangendemo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1434
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Apr 2020 02:02:42 GMT
Etag: "19c3039cfd5675cf5859e70ff1c2f6e3+gzip"
Last-Modified: Tue, 07 Apr 2020 20:47:45 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4199)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12395

GET
H2 200 /
www.facebook.com/tr/ 44 B
255 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1262772873776542&ev=fb_page_view&dl=http%3A%2F%2Fmary0213.kangendemo.com%2F&rl=&if=false&ts=1587002562396&sw=1600&sh=1200

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 02:02:42 GMT, Thu, 16 Apr 2020 02:02:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Apr 2020 02:02:42 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 146ms
145ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fmary0213.kangendemo.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1587002562503%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a2aa63b%3A1586240908307%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 02:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 103
pragma: no-cache
last-modified: Thu, 16 Apr 2020 02:02:42 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a5bc02580ee7927141d5cd214ab1b868
x-transaction: 002d14e1005c1c44
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
908 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600,700,400,300

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Apr 2020 02:02:42 GMT
server: ESF
date: Thu, 16 Apr 2020 02:02:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Apr 2020 02:02:42 GMT

GET
H2 200 share_button.php
www.facebook.com/v3.1/plugins/ Frame 7C23 0
0 129ms
128ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.1/plugins/share_button.php?app_id=1262772873776542&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df7a9097c0d134c%26domain%3Dmary0213.kangendemo.com%26origin%3Dhttp%253A%252F%252Fmary0213.kangendemo.com%252Ff4d6e0f8a9b304%26relation%3Dparent.parent&container_width=39&href=http%3A%2F%2Fmary0213.kangendemo.com%2F&layout=button&locale=en_US&mobile_iframe=true&sdk=joey&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=830ed89e7c2344dcd63b7a3d5c051d08&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.1/plugins/share_button.php?app_id=1262772873776542&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df7a9097c0d134c%26domain%3Dmary0213.kangendemo.com%26origin%3Dhttp%253A%252F%252Fmary0213.kangendemo.com%252Ff4d6e0f8a9b304%26relation%3Dparent.parent&container_width=39&href=http%3A%2F%2Fmary0213.kangendemo.com%2F&layout=button&locale=en_US&mobile_iframe=true&sdk=joey&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://mary0213.kangendemo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0OqpVxOgmVGjTLV9Q..Bel7zC...1.0.Bel7zC.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mary0213.kangendemo.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: eKKKaXnvs96Gjboj70a5l4HvGZuj4LixzrIJm/LOGU1FTx7WPNkLOUKOsAKlg5MAdrqh6/nuBcSA3nLdpzV1bw==
date: Thu, 16 Apr 2020 02:02:42 GMT Thu, 16 Apr 2020 02:02:42 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H/1.1 200
OK packcss.php
mary0213.kangendemo.com/affsites/free/include/jsframe/ 27 KB
4 KB 132ms
126ms Stylesheet
text/css 52.1.217.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://mary0213.kangendemo.com/affsites/free/include/jsframe/packcss.php?css=messenger2|ajaxspin&fw=jq111

Requested by

Host: mary0213.kangendemo.com
URL: http://mary0213.kangendemo.com/affsites/free/include/jsframe/packer.php?js=messenger2|ajaxspin|formcsrf2&fw=jq111&v=3.2.2

Protocol

HTTP/1.1

Server

52.1.217.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

enagicwebsystem.com

Software

Apache /

Resource Hash

f105d42eee40cd0c8ceb859b1a5f49691c4c28229e8385a274295800a1361e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 02:02:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Thu, 16 Apr 2020 02:02:42 GMT
Server: Apache
ETag: "f2171ef6d151a005c460fc587e82bd4e-gzip"
Strict-Transport-Security: max-age=63072000
Content-Type: text/css;charset=UTF-8
Cache-Control: private, max-age=31536000
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 3974
Keep-Alive: timeout=5, max=96
Expires: Fri, 16 Apr 2021 02:02:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
862 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600,700,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://mary0213.kangendemo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Apr 2020 02:02:42 GMT
server: ESF
date: Thu, 16 Apr 2020 02:02:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Apr 2020 02:02:42 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mary0213.kangendemo.com/	1970-01-21 04:38:02	Name: flexmark_x5_communityid Value: 11
			mary0213.kangendemo.com/	1969-12-31 23:59:59	Name: flexmarkx_x5_sess_id Value: 096ortipb1ujadnm5vkt4j7t65

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
mary0213.kangendemo.com
maxcdn.bootstrapcdn.com
platform.twitter.com
syndication.twitter.com
unpkg.com
use.fontawesome.com
www.facebook.com
www.healthy-water-is-key.com.alldreamsareworthit.com
104.244.42.8
2001:4de0:ac19::1:b:2a
23.111.9.35
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:7caf
2606:4700::6810:84e5
2a00:1450:4001:819::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:821::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
50.87.150.80
52.1.217.30
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
23e0c707dc5eb635e8fea2c20dc928cc1fb9a5663934f2682d516ff7e1f2fd39
2a49ef0afb0f8fbe460845e2e58d59585dc7ce2e7dd6163ed05c3835668fe929
398f5c947314ec29ffa0875057182f03e2f0b70e180f038efca6a55a8fcdd439
4b15858f34e84338ac44def726a70ee89f80e857183e0fe9313b4921cb8d77be
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
5803282fadea75fa2150165990fd3f1444e3b2741029d27173f4ce0556515f88
5b875887081d0667d8e8634d45730d97252c68eebaf66b3caab169808453dc4e
5c06b6329970d1560039f39c4935a041d96fcf0f877b47951d8ece559a1b4dc6
5cf27d0ab04d480db7a43e88e3e37914d18f23b6a0655b53e46656dfac74848a
61c8ea1d4ea8f8b47de96cf6ad5fd68ceca32a3cc2b9c22cebfd984089c267da
6d21aa9bb41fc8a4388777c41c9b78bfe755366209b06dbbc074f75d9ecc0d14
6ea3f8ffc043b9e9e3638891ce8eaf2ed7693e46f2fa036954d275f4e58addc5
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7a6cf769b600b51a39d1906c8ac4408b3ae54ba111fc4ca714fcf627720185c8
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8386356e1d512f570aac1b4883b928fe4bfd649c1d54a4d0f618357359cd3b74
8bb32d0eab6488c1ee423eb62557bb2e4d3cbef9464e8f655a8fe9698118fc6b
90e1fe4f046f02cefdf14b60eda8ffcac27614e5a83fded52645ee44c2f73edc
93ade18726d7841fbd81a7b45255e11c119cd1ff2d4df68aa36a6eafe458e44b
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
98eb5e1ce60a150effc46261857314bbbc5eb6d8ff333840d98fb34f44f89a54
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a
aa0310fa615f0219402a3de049aa6aeb6a3b4880186d600fc58840ca41d2cdc7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
b1f0165f6b1bc3bce62219d70860f48d3b943e6cb0e962f86ae5d8f2474cfc7e
b5e5cbad23df1df7f43619c78abf2c4af0fedb58ce6f130b3c6bcd7ee19153cc
c82b771be58611588791a449c95cb69c8938c3ba23bab2ac1aab9c6ef14a67e1
cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169
cf954c25dc34fddde0432a3ddaf4d92c46580c023867a048151e2cad95caf321
da73b7af061badaa2a07999775262bae36e2bea2096211b2e823f669fac0a82f
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
f105d42eee40cd0c8ceb859b1a5f49691c4c28229e8385a274295800a1361e0d
f91071dfc76c8441fc4203e5f0783605a182d6f761cb2fdf9e79c15d1b4c7671
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

mary0213.kangendemo.com Open in urlscan Pro 52.1.217.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

45 %HTTPS

69 %IPv6

11 Domains

13 Subdomains

12 IPs

4 Countries

967 kBTransfer

1946 kBSize

2 Cookies

7 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mary0213.kangendemo.com Open in urlscan Pro
52.1.217.30 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

45 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

967 kB
Transfer

1946 kB
Size

2
Cookies

44 HTTP transactions
0 data transactions