urlscan.io logo urlscan.io
SecurityTrails logo

eductionarticles.xyz Open in urlscan Pro
104.24.99.245  Public Scan

Go To Rescan Add Verdict Report
URL: http://eductionarticles.xyz/11179/
Submission: On November 24 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 11 domains to perform 25 HTTP transactions. The main IP is 104.24.99.245, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is eductionarticles.xyz.
This is the only time eductionarticles.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 104.24.99.245 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 195.154.168.217 12876 (Online SAS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 10
6    104.24.99.245 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
eductionarticles.xyz
1    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
6    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    195.154.168.217 (France)

ASN12876 (Online SAS, FR)
PTR: 195-154-168-217.rev.poneytelecom.eu
vdl.primevideos.net
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
pagead2.googlesyndication.com
2    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
www.googletagservices.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
6 eductionarticles.xyz eductionarticles.xyz
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 www.google-analytics.com 1 redirects eductionarticles.xyz
2 connect.facebook.net eductionarticles.xyz
connect.facebook.net
2 pagead2.googlesyndication.com eductionarticles.xyz
pagead2.googlesyndication.com
1 staticxx.facebook.com connect.facebook.net
1 www.googletagservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net eductionarticles.xyz
1 apis.google.com eductionarticles.xyz
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 vdl.primevideos.net eductionarticles.xyz
1 www.googletagmanager.com eductionarticles.xyz
25 13

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://eductionarticles.xyz/11179/
Frame ID: 61620F5C9179E8D6C44C655C48D2C6DE
Requests: 18 HTTP requests in this frame

Frame: http://vdl.primevideos.net/files/RUCdvZQ3qfAC41k.html
Frame ID: 5646FF23D38D07F52971C3056A524E11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Frame ID: A8750DA00F6843275E31EBC0728481AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5304418094943555&output=html&h=600&slotname=9118872584&adk=2120649288&adf=990320348&w=160&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969337&bpp=14&bdt=95&fdt=86&idt=87&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=3316577136886&frm=20&pv=2&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=576171&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=40&ady=549&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hbjVMJWhc3&p=http%3A//eductionarticles.xyz&dtd=97
Frame ID: 2B3D77AA52CCB81A8D3FCEC05D370412
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5304418094943555&output=html&h=90&slotname=8120935976&adk=3124353785&adf=547720683&w=728&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969351&bpp=4&bdt=109&fdt=116&idt=116&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=611&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JurTg56brM&p=http%3A//eductionarticles.xyz&dtd=119
Frame ID: 3B3159CD450C992FB6C641C4DF7F0A78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5304418094943555&output=html&h=250&slotname=7818957108&adk=835106538&adf=3613156295&w=970&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969358&bpp=3&bdt=116&fdt=117&idt=117&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=40&ady=1167&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VG2VIPeVkK&p=http%3A//eductionarticles.xyz&dtd=119
Frame ID: 06D273DC2626920626646876CDF6C72F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5304418094943555&output=html&adk=1812271804&adf=3025194257&lmt=1574565154&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1574628969390&bpp=3&bdt=148&fdt=91&idt=91&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90%2C970x250&nras=1&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=95
Frame ID: 531514E592B1B049D264E84BC00392C1
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 133F3C8BD995AF11217697A58B3942AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

68 %
HTTPS

80 %
IPv6

11
Domains

13
Subdomains

10
IPs

5
Countries

528 kB
Transfer

1636 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=759576063&t=pageview&_s=1&dl=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&ul=en-us&de=UTF-8&dt=WWE%20NxT%20TakeOver%20Wargames%2011-23-19%20-%20Education%20Articles&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAUAB~&jid=303384460&gjid=890751651&cid=558688363.1574628969&tid=UA-126117694-1&_gid=1938296300.1574628969&_r=1&gtm=2ouav9&z=1662124164 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126117694-1&cid=558688363.1574628969&jid=303384460&_gid=1938296300.1574628969&gjid=890751651&_v=j79&z=1662124164

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
eductionarticles.xyz/11179/ 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://eductionarticles.xyz/11179/
Protocol
HTTP/1.1
Server
104.24.99.245 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fa33c18e1a94f98ac42abc2d9e1f375a9dda8d246693dd46570f18c89d68b2d

Request headers

Host
eductionarticles.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 20:56:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d11a79e0887b08f98fb119dd3c808fa0f1574628969; expires=Tue, 24-Dec-19 20:56:09 GMT; path=/; domain=.eductionarticles.xyz; HttpOnly
Last-Modified
Sun, 24 Nov 2019 03:12:34 GMT
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
53ae49b199e89ce8-AMS
Content-Encoding
gzip
g4ykj.css
eductionarticles.xyz/wp-content/cache/wpfc-minified/ma4vt2j8/ 		403 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://eductionarticles.xyz/wp-content/cache/wpfc-minified/ma4vt2j8/g4ykj.css
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
HTTP/1.1
Server
104.24.99.245 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a029d66750e9d22b7f20018468f3b8714106c402ede7b1997f636fcf30f7bb

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 20:56:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 16 Nov 2019 09:59:03 GMT
Server
cloudflare
Age
2592
ETag
"64c4c-59773c3ac57fb-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=16070400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
53ae49b1da6e9ce8-AMS
Content-Length
59550
g4ykj.js
eductionarticles.xyz/wp-content/cache/wpfc-minified/l9128sqs/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://eductionarticles.xyz/wp-content/cache/wpfc-minified/l9128sqs/g4ykj.js
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
HTTP/1.1
Server
104.24.99.245 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7086e1959aa2c269d08188afa43a9c4fb7a983e1237f0c3cae4393ec9b88c070

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 20:56:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 16 Nov 2019 09:59:03 GMT
Server
cloudflare
Age
2601
ETag
"17ab4-59773c3ac679b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=16070400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
53ae49b1e943bf82-AMS
Content-Length
33830
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126117694-2
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
186514a35b101554eb7221bbff417f84ac17f5fba5142a4b20ac51376cae3356
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Sun, 24 Nov 2019 20:56:09 GMT
content-encoding
br
last-modified
Sun, 24 Nov 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27666
x-xss-protection
0
expires
Sun, 24 Nov 2019 20:56:09 GMT
watch.png
eductionarticles.xyz/wp-content/uploads/2018/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://eductionarticles.xyz/wp-content/uploads/2018/09/watch.png
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
HTTP/1.1
Server
104.24.99.245 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c472ca76d2879f3b6c7b89de2f1f8509e832a684035db5c21cf458dec35f54ac

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 20:56:09 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 07 Feb 2019 09:22:03 GMT
Server
cloudflare
Age
2939
ETag
"e49-5814a60171ad0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=16070400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
53ae49b1eda0bf50-AMS
Content-Length
3657
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		103 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
398b68dc1c482e96a49728560eabaa32ffdc43c69baa48fc82a0afeb6b2a0c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 20:56:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
17246309329038158716
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
37546
X-XSS-Protection
0
Expires
Sun, 24 Nov 2019 20:56:09 GMT
autoptimize_5d5de7b6dd422c0c148615db2d740bf4.js
eductionarticles.xyz/wp-content/cache/autoptimize/js/ 		253 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://eductionarticles.xyz/wp-content/cache/autoptimize/js/autoptimize_5d5de7b6dd422c0c148615db2d740bf4.js
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
HTTP/1.1
Server
104.24.99.245 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3baf7bc58cadd471d104ddab0c545e16a9542c8773fb7b77c6aafcce632d8c

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 20:56:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 24 Nov 2019 05:57:58 GMT
Server
cloudflare
Age
3081
ETag
"3f5d7-598115439c9b0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=16070400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
53ae49b20dc6bf50-AMS
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1352
date
Sun, 24 Nov 2019 20:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 24 Nov 2019 22:33:37 GMT
RUCdvZQ3qfAC41k.html
vdl.primevideos.net/files/ Frame 5646 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://vdl.primevideos.net/files/RUCdvZQ3qfAC41k.html
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
HTTP/1.1
Server
195.154.168.217 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-168-217.rev.poneytelecom.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Host
vdl.primevideos.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://eductionarticles.xyz/11179/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/11179/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 24 Nov 2019 20:56:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 19 Nov 2019 03:33:56 GMT
ETag
W/"5dd362a4-db4"
Content-Encoding
gzip
fontawesome-webfont.woff2
eductionarticles.xyz/wp-content/themes/videopro/css/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://eductionarticles.xyz/wp-content/themes/videopro/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
HTTP/1.1
Server
104.24.99.245 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/wp-content/cache/wpfc-minified/ma4vt2j8/g4ykj.css
Origin
http://eductionarticles.xyz

Response headers

Date
Sun, 24 Nov 2019 20:56:09 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 01 Jan 2019 18:36:18 GMT
Server
cloudflare
Age
2512
ETag
"12d68-57e69ce1c4f7c"
Vary
Accept-Encoding
Cache-Control
max-age=16070400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
53ae49b249d5bf82-AMS
Content-Length
77160
integrator.js
adservice.google.de/adsid/ 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=eductionarticles.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Sun, 24 Nov 2019 20:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=eductionarticles.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Sun, 24 Nov 2019 20:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/ 		240 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9abb9e299ab0f7c2c00c20f0d5858358ffa1e7a9f835bab1798c769ff3b22777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Sun, 24 Nov 2019 20:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
90016
x-xss-protection
0
server
cafe
etag
16514268273887163252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Nov 2019 20:56:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/ Frame A875 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191114/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://eductionarticles.xyz/11179/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/11179/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 Nov 2019 08:19:49 GMT
expires
Wed, 04 Dec 2019 08:19:49 GMT
content-type
text/html; charset=UTF-8
etag
9688732929695215001
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6504
x-xss-protection
0
cache-control
public, max-age=1209600
age
390980
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2487c3125757ea713fc3c0176b3e39b5d5f72281c41b5a96e90613d9e24ab85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
c0hd7cSRAAxYHzQryaePWw==
status
200
date
Sun, 24 Nov 2019 20:56:09 GMT
expires
Sun, 24 Nov 2019 21:10:50 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
1779
x-fb-debug
BlIkSuXjPDakZiWrnjCg4BYC+/dMM2sxERBLH8lCRgqJggIDvzNIflXyJ3KqT7JIBL7pDd006P5d7yRQ60GKag==
x-fb-trip-id
420120009
x-fb-content-md5
965faee78577b534601f8693f92a01fd
etag
"fac117caadccd9e78a32a1485cc1c52b"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.4
Non-Authoritative-Reason
HSTS
platform.js
apis.google.com/js/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3752aa6373c6cffb52d27da513bdd2f0b543bbe61b3ae7d56fd0c27c74367fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Sun, 24 Nov 2019 20:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-qM/7720o1LQbYtEC1yNK0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"81efe93b9bed00d1a4c29abf7e8b0375"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Sun, 24 Nov 2019 20:56:09 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=759576063&t=pageview&_s=1&dl=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&ul=en-us&de=UTF-8&dt=WWE%20NxT%20TakeOver%20Wargames%2011-23-19%20-%20Education%20Articles&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=585218277&gjid=1993215474&cid=558688363.1574628969&tid=UA-135918389-1&_gid=1938296300.1574628969&_r=1&z=957021109
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Nov 2019 20:56:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=759576063&t=pageview&_s=1&dl=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&ul=en-us&de=UTF-8&dt=WWE%20NxT%20TakeOver%20Wargames%2011-23-19%20-...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126117694-1&cid=558688363.1574628969&jid=303384460&_gid=1938296300.1574628969&gjid=890751651&_v=j79&z=1662124164
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126117694-1&cid=558688363.1574628969&jid=303384460&_gid=1938296300.1574628969&gjid=890751651&_v=j79&z=1662124164
Requested by
Host: eductionarticles.xyz
URL: http://eductionarticles.xyz/11179/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sun, 24 Nov 2019 20:56:09 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Nov 2019 20:56:09 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126117694-1&cid=558688363.1574628969&jid=303384460&_gid=1938296300.1574628969&gjid=890751651&_v=j79&z=1662124164
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2B3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5304418094943555&output=html&h=600&slotname=9118872584&adk=2120649288&adf=990320348&w=160&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969337&bpp=14&bdt=95&fdt=86&idt=87&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=3316577136886&frm=20&pv=2&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=576171&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=40&ady=549&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hbjVMJWhc3&p=http%3A//eductionarticles.xyz&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14435762506326887168/160x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14435762506326887168/160x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-Pg4Peg-YCFRCWdwodOxwMNA&gqi=ae7aXYCIHLWL7_UPp-ClqA8&layout=/sadbundle/%24csp%253Der3%24/14435762506326887168/160x600.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5304418094943555&output=html&h=600&slotname=9118872584&adk=2120649288&adf=990320348&w=160&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969337&bpp=14&bdt=95&fdt=86&idt=87&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=3316577136886&frm=20&pv=2&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=576171&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=40&ady=549&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=hbjVMJWhc3&p=http%3A//eductionarticles.xyz&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://eductionarticles.xyz/11179/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/11179/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14435762506326887168/160x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14435762506326887168/160x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-Pg4Peg-YCFRCWdwodOxwMNA&gqi=ae7aXYCIHLWL7_UPp-ClqA8&layout=/sadbundle/%24csp%253Der3%24/14435762506326887168/160x600.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 24 Nov 2019 20:56:09 GMT
server
cafe
content-length
27458
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 24-Nov-2019 21:11:09 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 24 Nov 2019 20:56:09 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://eductionarticles.xyz/11179/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Sun, 24 Nov 2019 20:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Sun, 24 Nov 2019 20:56:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3B31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5304418094943555&output=html&h=90&slotname=8120935976&adk=3124353785&adf=547720683&w=728&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969351&bpp=4&bdt=109&fdt=116&idt=116&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=611&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JurTg56brM&p=http%3A//eductionarticles.xyz&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5304418094943555&output=html&h=90&slotname=8120935976&adk=3124353785&adf=547720683&w=728&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969351&bpp=4&bdt=109&fdt=116&idt=116&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=611&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JurTg56brM&p=http%3A//eductionarticles.xyz&dtd=119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://eductionarticles.xyz/11179/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/11179/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 24 Nov 2019 20:56:09 GMT
server
cafe
content-length
20199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 24-Nov-2019 21:11:09 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 24 Nov 2019 20:56:09 GMT
cache-control
private
sdk.js
connect.facebook.net/en_US/ 		194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=af991efdabd69f19dd891f7c01d3c450&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
12cb9fa1d2250352b58fcceedc114217a50009db993c489d1829291740ba5957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/11179/
Origin
http://eductionarticles.xyz

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/GaxIHnmOA9Jv7g5dv+/vQ==
status
200
date
Sun, 24 Nov 2019 20:56:09 GMT
expires
Mon, 23 Nov 2020 19:48:45 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
59475
x-fb-debug
QIM0mnSfz/GTsE9LMn5Oot28qoTj+iFaxCHqmLSYJlY6UMqwKu23KSC19YqMgrBYohF05Kt9+OBU+GqF8j4fEw==
x-fb-trip-id
420120009
x-fb-content-md5
2720aa2bbc3d35f85a5531e4a64d1dc1
etag
"1a1d6fb095ad9625080a0122ae1d2943"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
ads
googleads.g.doubleclick.net/pagead/ Frame 06D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5304418094943555&output=html&h=250&slotname=7818957108&adk=835106538&adf=3613156295&w=970&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969358&bpp=3&bdt=116&fdt=117&idt=117&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=40&ady=1167&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VG2VIPeVkK&p=http%3A//eductionarticles.xyz&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7184520059911491548/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7184520059911491548/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CImYhYPeg-YCFQOIdwodz1oLQw&gqi=ae7aXZ7XHdGIlQfo-78o&layout=/sadbundle/%24csp%253Der3%24/7184520059911491548/970x250.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5304418094943555&output=html&h=250&slotname=7818957108&adk=835106538&adf=3613156295&w=970&lmt=1574565154&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&flash=0&wgl=1&adsid=NT&dt=1574628969358&bpp=3&bdt=116&fdt=117&idt=117&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=40&ady=1167&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&xpc=VG2VIPeVkK&p=http%3A//eductionarticles.xyz&dtd=119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://eductionarticles.xyz/11179/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/11179/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7184520059911491548/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7184520059911491548/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CImYhYPeg-YCFQOIdwodz1oLQw&gqi=ae7aXZ7XHdGIlQfo-78o&layout=/sadbundle/%24csp%253Der3%24/7184520059911491548/970x250.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 24 Nov 2019 20:56:09 GMT
server
cafe
content-length
26751
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 24-Nov-2019 21:11:09 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 24 Nov 2019 20:56:09 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 5315 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5304418094943555&output=html&adk=1812271804&adf=3025194257&lmt=1574565154&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1574628969390&bpp=3&bdt=148&fdt=91&idt=91&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90%2C970x250&nras=1&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=95
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5304418094943555&output=html&adk=1812271804&adf=3025194257&lmt=1574565154&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Feductionarticles.xyz%2F11179%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1574628969390&bpp=3&bdt=148&fdt=91&idt=91&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90%2C970x250&nras=1&correlator=3316577136886&frm=20&pv=1&ga_vid=558688363.1574628969&ga_sid=1574628969&ga_hid=759576063&ga_fc=0&iag=0&icsg=134793899&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=2960134692255467&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&fsb=1&dtd=95
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://eductionarticles.xyz/11179/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/11179/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 24 Nov 2019 20:56:09 GMT
server
cafe
content-length
44
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 24-Nov-2019 21:11:09 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 24 Nov 2019 20:56:09 GMT
cache-control
private
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 133F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=af991efdabd69f19dd891f7c01d3c450&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://eductionarticles.xyz/11179/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://eductionarticles.xyz/11179/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 21 Nov 2020 20:27:41 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
/POC47GoEc2MW0QoEEsv74gNnSgwCc5z3AZnNhd0KxWspcyi1N3hUEPlW1s3ol/bhCNVBlr0TS3vexpYaBhDvQ==
content-length
12397
x-fb-trip-id
420120009
date
Sun, 24 Nov 2019 20:56:09 GMT
alt-svc
h3-23=":443"; ma=3600

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| $ function| jQuery object| wtilp object| asf object| cactus string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| google_tag_manager object| mc4wp object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| ___gcfg object| wpcf7 object| mashmenu object| mc4wp_forms_config function| highlight_searchquery function| asf_dosearch function| asf_suggestion_movedown function| asf_suggestion_moveup function| suggestion_onItemClick object| _jAjax number| _liHeight number| _visibleItems number| _current_page boolean| _ajax_loading boolean| mCustomScrollbar object| jQuery112407530300683870292 function| Cookies function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| addComment object| video_iframe_params object| priorityNav object| wp function| Gator object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| gapi object| ___jsl object| ___gu object| FB function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

11 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkrDd3TLQg1hODvYFAb1QKx1cIaeJ9Uk_9TjaUtSHyeq4YMVPn6Sqb3dMk4
vdl.primevideos.net/ Name: a
Value: 2JZKpobh5KkUp8VLWIi4x57z8dpnhZNa
.primevideos.net/ Name: _ga
Value: GA1.2.414070297.1574628969
.primevideos.net/ Name: _gat_gtag_UA_125457803_3
Value: 1
.eductionarticles.xyz/ Name: _gat
Value: 1
.primevideos.net/ Name: _gid
Value: GA1.2.1574196362.1574628969
.eductionarticles.xyz/ Name: _gat_gtag_UA_126117694_1
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.eductionarticles.xyz/ Name: _gid
Value: GA1.2.1938296300.1574628969
.eductionarticles.xyz/ Name: _ga
Value: GA1.2.558688363.1574628969
.eductionarticles.xyz/ Name: __cfduid
Value: d11a79e0887b08f98fb119dd3c808fa0f1574628969

1 Console Messages

Source Level URL
Text
console-api log URL: http://eductionarticles.xyz/wp-content/cache/autoptimize/js/autoptimize_5d5de7b6dd422c0c148615db2d740bf4.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
connect.facebook.net
eductionarticles.xyz
googleads.g.doubleclick.net
pagead2.googlesyndication.com
staticxx.facebook.com
stats.g.doubleclick.net
vdl.primevideos.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
104.24.99.245
195.154.168.217
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2008
2a00:1450:4001:81c::2002
2a00:1450:400c:c08::9b
2a03:2880:f01c:8012:face:b00c:0:3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
0fa33c18e1a94f98ac42abc2d9e1f375a9dda8d246693dd46570f18c89d68b2d
12cb9fa1d2250352b58fcceedc114217a50009db993c489d1829291740ba5957
186514a35b101554eb7221bbff417f84ac17f5fba5142a4b20ac51376cae3356
2487c3125757ea713fc3c0176b3e39b5d5f72281c41b5a96e90613d9e24ab85d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3752aa6373c6cffb52d27da513bdd2f0b543bbe61b3ae7d56fd0c27c74367fd2
398b68dc1c482e96a49728560eabaa32ffdc43c69baa48fc82a0afeb6b2a0c9a
7086e1959aa2c269d08188afa43a9c4fb7a983e1237f0c3cae4393ec9b88c070
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88a029d66750e9d22b7f20018468f3b8714106c402ede7b1997f636fcf30f7bb
9abb9e299ab0f7c2c00c20f0d5858358ffa1e7a9f835bab1798c769ff3b22777
c472ca76d2879f3b6c7b89de2f1f8509e832a684035db5c21cf458dec35f54ac
cd3baf7bc58cadd471d104ddab0c545e16a9542c8773fb7b77c6aafcce632d8c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a