urlscan.io logo urlscan.io
SecurityTrails logo

www.ramayanawaterpark.cn Open in urlscan Pro
104.199.128.210  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/|Demisto
Effective URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Submission: On December 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 14 domains to perform 38 HTTP transactions. The main IP is 104.199.128.210, located in Ascension Island and belongs to GOOGLE - Google LLC, US. The main domain is www.ramayanawaterpark.cn.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 27th 2019. Valid for: 3 months.
This is the only time www.ramayanawaterpark.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 104.199.128.210 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.111.9.35 33438 (HIGHWINDS2)
1 195.181.175.10 60068 (CDN77)
5 5 151.139.128.10 20446 (HIGHWINDS3)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 7 2a02:6b8::1:119 13238 (YANDEX)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 216.58.208.34 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
38 13
17    104.199.128.210 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 210.128.199.104.bc.googleusercontent.com
www.ramayanawaterpark.cn
www.ramayanawaterpark.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
1    195.181.175.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-2.cdn77.com
cdn.sendpulse.com
5    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
cdn.shortpixel.ai
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
3    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
16 www.ramayanawaterpark.cn www.ramayanawaterpark.cn
7 mc.yandex.ru 2 redirects www.ramayanawaterpark.cn
5 cdn.shortpixel.ai 5 redirects
3 www.facebook.com www.ramayanawaterpark.cn
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
2 www.google.de www.ramayanawaterpark.cn
2 www.google.com 1 redirects www.ramayanawaterpark.cn
2 connect.facebook.net www.ramayanawaterpark.cn
connect.facebook.net
2 use.fontawesome.com www.ramayanawaterpark.cn
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 cdn.sendpulse.com www.ramayanawaterpark.cn
1 www.googletagmanager.com www.ramayanawaterpark.cn
1 www.ramayanawaterpark.com www.ramayanawaterpark.cn
38 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
weibo.com
www.tripadvisor.com
Subject Issuer Validity Valid
www.ramayanawaterpark.com
Let's Encrypt Authority X3		 2019-10-27 -
2020-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.sendpulse.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-30 -
2020-10-29		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Frame ID: 4C8159E1B5C9A1CF2DCF8E47C00B75F1
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

38
Requests

100 %
HTTPS

64 %
IPv6

14
Domains

15
Subdomains

13
IPs

6
Countries

1254 kB
Transfer

2896 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png HTTP 307
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
Request Chain 11
  • https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/tripadvisor.png HTTP 307
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/tripadvisor.png
Request Chain 19
  • https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/logo_404.png HTTP 307
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/logo_404.png
Request Chain 20
  • https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/bg_404.jpg HTTP 307
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/bg_404.jpg
Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=499842467&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20Ramayana%20Water%20Park&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEAL~&jid=1508716803&gjid=654899398&cid=222311436.1576077317&tid=UA-56996149-1&_gid=1095573022.1576077317&_r=1&gtm=2wgav9W8KZ3XJ&z=1351625442 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56996149-1&cid=222311436.1576077317&jid=1508716803&_gid=1095573022.1576077317&gjid=654899398&_v=j79&z=1351625442 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56996149-1&cid=222311436.1576077317&jid=1508716803&_v=j79&z=1351625442 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56996149-1&cid=222311436.1576077317&jid=1508716803&_v=j79&z=1351625442&slf_rd=1&random=157349099
Request Chain 32
  • https://mc.yandex.ru/watch/38282680?wmode=7&page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161516%3Aet%3A1576077317%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A105028012%3Ahid%3A781442017%3Ads%3A70%2C537%2C1052%2C513%2C0%2C0%2C0%2C804%2C%2C%2C%2C%2C%3Afp%3A2475%3Awn%3A17440%3Ahl%3A2%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077317%3Au%3A1576077317991405605%3At%3APage%20not%20found%20%7C%20Ramayana%20Water%20Park HTTP 302
  • https://mc.yandex.ru/watch/38282680/1?wmode=7&page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161516%3Aet%3A1576077317%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A105028012%3Ahid%3A781442017%3Ads%3A70%2C537%2C1052%2C513%2C0%2C0%2C0%2C804%2C%2C%2C%2C%2C%3Afp%3A2475%3Awn%3A17440%3Ahl%3A2%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077317%3Au%3A1576077317991405605%3At%3APage%20not%20found%20%7C%20Ramayana%20Water%20Park
Request Chain 36
  • https://cdn.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png HTTP 307
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
Request Chain 38
  • https://mc.yandex.ru/watch/38282680?page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161531%3Aet%3A1576077332%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A141%3Arn%3A781947239%3Ahid%3A781442017%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C12%2C3424%2C3424%2C9%2C2753%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077332%3Au%3A1576077317991405605%3App%3A3629563401 HTTP 302
  • https://mc.yandex.ru/watch/38282680/1?page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161531%3Aet%3A1576077332%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A141%3Arn%3A781947239%3Ahid%3A781442017%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C12%2C3424%2C3424%2C9%2C2753%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077332%3Au%3A1576077317991405605%3App%3A3629563401

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %7CDemisto
www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/ 		799 KB
134 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a1b432e23c8d95067c94854c169961b8e25eb63fcfaa77fd957840e9042c536
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.ramayanawaterpark.cn
:scheme
https
:path
/signmail/INC/1hko8jjyc13/%7CDemisto
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
404
server
nginx
date
Wed, 11 Dec 2019 15:15:15 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
link
<https://www.ramayanawaterpark.cn/wp-json/>; rel="https://api.w.org/"
set-cookie
PHPSESSID=8s9i63uvi1hahu7lhej84sf29v; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip
fontawesome-webfont.woff2
www.ramayanawaterpark.cn/wp-content/themes/ramayana/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/fonts/fontawesome-webfont.woff2
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Origin
https://www.ramayanawaterpark.cn

Response headers

date
Wed, 11 Dec 2019 15:15:15 GMT
last-modified
Mon, 12 Mar 2018 18:32:06 GMT
server
nginx
etag
"5aa6c7a6-fbd0"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/octet-stream
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
64464
expires
Fri, 10 Jan 2020 15:15:15 GMT
all.min.js
www.ramayanawaterpark.cn/wp-content/themes/ramayana/js/ 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/js/all.min.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
aa393718bc92962d475535354c38dcd95c4d22eb24ed19316ca0547355e4b33a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:15 GMT
content-encoding
gzip
last-modified
Tue, 09 Oct 2018 14:01:27 GMT
server
nginx
etag
W/"5bbcb4b7-27917"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Fri, 10 Jan 2020 15:15:15 GMT
admin-ajax.php
www.ramayanawaterpark.com/wp-admin/ 		3 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.com/wp-admin/admin-ajax.php?action=pll_xdata_check&redirect=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&nonce=0074a7525b
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
no-transform, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000;
x-robots-tag
noindex
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 11 Jan 1984 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8KZ3XJ
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
369d525dabfb3a1cbd4f680516b45adbdb487503cfb7f627ae180bfb091bea55
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
br
last-modified
Wed, 11 Dec 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28632
x-xss-protection
0
expires
Wed, 11 Dec 2019 15:15:16 GMT
all.css
use.fontawesome.com/releases/v5.8.2/css/ 		54 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 16:50:11 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"77cbad34e5ce95e70847b074e05faeab"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.js
www.ramayanawaterpark.cn/wp-includes/js/jquery/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-includes/js/jquery/jquery.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
38f2fc5ff0b6ee5fca5de8ad685f8621f64caa297c190d53dacc8338a7839b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
last-modified
Sun, 08 Dec 2019 09:09:24 GMT
server
nginx
etag
W/"5decbdc4-14695"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Fri, 10 Jan 2020 15:15:16 GMT
autoptimize_single_2c4f2d0441fabede2c2aeff13ca7a838.js
www.ramayanawaterpark.cn/wp-content/cache/autoptimize/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-content/cache/autoptimize/js/autoptimize_single_2c4f2d0441fabede2c2aeff13ca7a838.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0decd7d85befaf7bad72df2363c595cddc7ba92bc04a29425b65e07df6b2865e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
last-modified
Mon, 09 Dec 2019 02:50:44 GMT
server
nginx
etag
W/"5dedb684-190b"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Fri, 10 Jan 2020 15:15:16 GMT
numeral.min.js
www.ramayanawaterpark.cn/wp-content/themes/ramayana/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/js/numeral.min.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
48f5a9b797ed646487cc0a07f13c00a821a3af3a1618f5730b70f0ab4b400867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2017 12:50:39 GMT
server
nginx
etag
W/"59dcc21f-1b4d"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Fri, 10 Jan 2020 15:15:16 GMT
autoptimize_single_84d61210cf0e396e59286a8506cb82bf.js
www.ramayanawaterpark.cn/wp-content/cache/autoptimize/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-content/cache/autoptimize/js/autoptimize_single_84d61210cf0e396e59286a8506cb82bf.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
79a441e2498c830644d546f702f343399ecee92ddfa6f4b5d224474e367dcb89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
last-modified
Mon, 09 Dec 2019 02:50:44 GMT
server
nginx
etag
W/"5dedb684-a3d"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Fri, 10 Jan 2020 15:15:16 GMT
1b774580949776e0286fdfc4c032d069_1.js
cdn.sendpulse.com/js/push/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendpulse.com/js/push/1b774580949776e0286fdfc4c032d069_1.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.10 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-2.cdn77.com
Software
CDN77-Turbo /
Resource Hash
9ed39dacb095f8bdcfe8ee6448c284ce3a0217820c52d618ae446f7a090ed0ca
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
br
x-content-type-options
nosniff
x-edge-location
frankfurtDE
x-cache
MISS
status
200
x-xss-protection
1; mode=block
last-modified
Wed, 11 Dec 2019 07:11:21 GMT
server
CDN77-Turbo
etag
W/"b43c-5996855f15144"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type
application/javascript
cache-control
max-age=604800
x-edge-ip
195.181.175.2
content-security-policy
default-src wss://* blob: data: *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires
Wed, 18 Dec 2019 15:15:16 GMT
rwp-logo.png
www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/
Redirect Chain
  • https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c059b68c01d2f6e8ac72c45ae661b7a364c9c8dc5522133e926695bf69db43c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:17 GMT
last-modified
Mon, 06 Aug 2018 04:24:04 GMT
server
nginx
etag
"5b67cd64-3bdf"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
image/png
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
15327
expires
Fri, 10 Jan 2020 15:15:17 GMT

Redirect headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
location
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
x-hw
1576077316.cds016.fr8.hn,1576077316.cds097.fr8.sc,1576077316.cds097.fr8.p
content-type
text/html; charset=UTF-8
status
307
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
tripadvisor.png
www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/
Redirect Chain
  • https://cdn.shortpixel.ai/client/q_lqip,ret_wait/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/tripadvisor.png
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/tripadvisor.png
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/tripadvisor.png
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
94f250edc9dcebb535bf5d09fe638d08b865502dd8dc500eeda084578cdfaef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:17 GMT
last-modified
Sat, 03 Aug 2019 14:59:29 GMT
server
nginx
etag
"5d45a151-3275"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
image/png
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
12917
expires
Fri, 10 Jan 2020 15:15:17 GMT

Redirect headers

date
Wed, 11 Dec 2019 15:15:17 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
location
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/tripadvisor.png
x-hw
1576077316.cds016.fr8.hn,1576077317.cds143.fr8.sc,1576077317.cds143.fr8.p
content-type
text/html; charset=UTF-8
status
307
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
lazysizes.min.js
www.ramayanawaterpark.cn/wp-content/plugins/autoptimize/classes/external/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5ac992726ee0cbebaca73d65075ea438cd458c3298a9ae3340dc1e1a0141f79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2019 06:39:03 GMT
server
nginx
etag
W/"5ce64007-1b29"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Fri, 10 Jan 2020 15:15:16 GMT
autoptimize_190e4356ff08ccc46c0f08d50a54a381.js
www.ramayanawaterpark.cn/wp-content/cache/autoptimize/js/ 		138 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-content/cache/autoptimize/js/autoptimize_190e4356ff08ccc46c0f08d50a54a381.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8360a63c784e9fde39ecce18de1eaae0b85e9fe2fe0b12595954abf132161670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
last-modified
Mon, 09 Dec 2019 02:50:44 GMT
server
nginx
etag
W/"5dedb684-2285c"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Fri, 10 Jan 2020 15:15:16 GMT
wp-emoji-release.min.js
www.ramayanawaterpark.cn/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
last-modified
Sat, 16 Nov 2019 08:49:14 GMT
server
nginx
etag
W/"5dcfb80a-362a"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
application/javascript
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Fri, 10 Jan 2020 15:15:16 GMT
truncated
/ 		433 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ef425067cdf830b7588c4d9c0849c5cee88fff913a8007a6cdf959e03f3e644

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/webp
fbevents.js
connect.facebook.net/en_US/ 		121 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
26702
x-xss-protection
0
pragma
public
x-fb-debug
2HoQnE55IP49mebOt2tTbdCrKA5BIcktVlaFmbds98jaPASka235dEAGSlcayNTiY2T21JCIgqXyztJizRP3rA==
x-fb-trip-id
420120009
date
Wed, 11 Dec 2019 15:15:16 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
watch.js
mc.yandex.ru/metrika/ 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b24d8a4ace8c1a13ccb94b77ceac513d371d5822ed03a81e74c60ed545eda861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Dec 2019 15:15:16 GMT
Content-Encoding
br
Last-Modified
Tue, 10 Dec 2019 10:33:56 GMT
Server
nginx/1.14.2
ETag
"5def7494-9dd5"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40405
Expires
Wed, 11 Dec 2019 16:15:16 GMT
logo_404.png
www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/
Redirect Chain
  • https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/logo_404.png
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/logo_404.png
444 KB
445 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/logo_404.png
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
180e85ee8f2e7ffcd92987162766e1e0d2f63494807321d5b54e4651df9ae78b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:17 GMT
last-modified
Sat, 22 Dec 2018 08:40:02 GMT
server
nginx
etag
"5c1df862-6f0c2"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
image/png
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
454850
expires
Fri, 10 Jan 2020 15:15:17 GMT

Redirect headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
location
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/logo_404.png
x-hw
1576077316.cds016.fr8.hn,1576077316.cds085.fr8.sc,1576077316.cds085.fr8.p
content-type
text/html; charset=UTF-8
status
307
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
bg_404.jpg
www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/
Redirect Chain
  • https://cdn.shortpixel.ai/client/q_lossy,ret_img/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/bg_404.jpg
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/bg_404.jpg
97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/bg_404.jpg
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
fbd6e1388833dc7e4fb82007ae3ad8263bcf0374d404a204d169f4d41a4069d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:17 GMT
last-modified
Sat, 22 Dec 2018 08:40:01 GMT
server
nginx
etag
"5c1df861-18448"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
image/jpeg
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
99400
expires
Fri, 10 Jan 2020 15:15:17 GMT

Redirect headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
location
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/bg_404.jpg
x-hw
1576077316.cds016.fr8.hn,1576077316.cds053.fr8.sc,1576077316.cds053.fr8.p
content-type
text/html; charset=UTF-8
status
307
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Origin
https://www.ramayanawaterpark.cn

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
last-modified
Tue, 07 May 2019 16:50:49 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"9f4ce3dc689981a1b87faab0f5484f9e"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
74656
1546435542051612
connect.facebook.net/signals/config/ 		437 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1546435542051612?v=2.9.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f6f52bebe63bee125ce49b8820e8d572476c08fe96a9e4ee92d154890ff88370
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
gmf+kxeD16tDVhxr4C5WQqZ0vhVq6BIw6c4qGUMCN0bW7xfjjBqA+Kr7X5LYreC8rhRH04mn0JHfOjMvIhTzXg==
x-fb-trip-id
420120009
date
Wed, 11 Dec 2019 15:15:16 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8KZ3XJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2499
date
Wed, 11 Dec 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 11 Dec 2019 16:33:37 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8KZ3XJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f2.1e100.net
Software
cafe /
Resource Hash
91e1c47787b4bfe01eb7315529e29514daf9e21ce5db8174d7fbcae5284efd26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9938
x-xss-protection
0
server
cafe
etag
7243900271654088310
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Dec 2019 15:15:16 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 14:37:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2255
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Wed, 11 Dec 2019 15:37:41 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=499842467&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&ul=en-us&de=UTF-8&dt=Page%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56996149-1&cid=222311436.1576077317&jid=1508716803&_gid=1095573022.1576077317&gjid=654899398&_v=j79&z=1351625442
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56996149-1&cid=222311436.1576077317&jid=1508716803&_v=j79&z=1351625442
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56996149-1&cid=222311436.1576077317&jid=1508716803&_v=j79&z=1351625442&slf_rd=1&random=157349099
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56996149-1&cid=222311436.1576077317&jid=1508716803&_v=j79&z=1351625442&slf_rd=1&random=157349099
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Dec 2019 15:15:16 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Dec 2019 15:15:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56996149-1&cid=222311436.1576077317&jid=1508716803&_v=j79&z=1351625442&slf_rd=1&random=157349099
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/846632758/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846632758/?random=1576077316705&cv=9&fst=1576077316705&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&tiba=Page%20not%20found%20%7C%20Ramayana%20Water%20Park&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e8172918240c7294eb2439f911cc8ded63a4b61d38be4ef1f2b14d05c762014e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Dec 2019 15:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1043
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/846632758/ 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/846632758/?random=1576077316705&cv=9&fst=1576076400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&tiba=Page%20not%20found%20%7C%20Ramayana%20Water%20Park&async=1&fmt=3&is_vtc=1&random=1817245503&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Dec 2019 15:15:16 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/846632758/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/846632758/?random=1576077316705&cv=9&fst=1576076400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&tiba=Page%20not%20found%20%7C%20Ramayana%20Water%20Park&async=1&fmt=3&is_vtc=1&random=1817245503&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Dec 2019 15:15:16 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1546435542051612&ev=PageView&dl=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&rl=&if=false&ts=1576077316765&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22393318891392457%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22THB%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22432628770654515%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1576077316765.48007790&it=1576077316661&coo=false&rqm=GET
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Wed, 11 Dec 2019 15:15:16 GMT
/
www.facebook.com/tr/ 		44 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1546435542051612&ev=Purchase&dl=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&rl=&if=false&ts=1576077316767&sw=1600&sh=1200&v=2.9.14&r=stable&ec=1&o=30&fbp=fb.1.1576077316765.48007790&it=1576077316661&coo=false&rqm=GET
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Wed, 11 Dec 2019 15:15:16 GMT
1
mc.yandex.ru/watch/38282680/
Redirect Chain
  • https://mc.yandex.ru/watch/38282680?wmode=7&page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576077314154%3As...
  • https://mc.yandex.ru/watch/38282680/1?wmode=7&page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576077314154%3...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/38282680/1?wmode=7&page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161516%3Aet%3A1576077317%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A105028012%3Ahid%3A781442017%3Ads%3A70%2C537%2C1052%2C513%2C0%2C0%2C0%2C804%2C%2C%2C%2C%2C%3Afp%3A2475%3Awn%3A17440%3Ahl%3A2%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077317%3Au%3A1576077317991405605%3At%3APage%20not%20found%20%7C%20Ramayana%20Water%20Park
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Dec 2019 15:15:16 GMT
Last-Modified
Wed, 11-Dec-2019 15:15:16 GMT
Server
nginx/1.14.2
Location
/watch/38282680/1?wmode=7&page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161516%3Aet%3A1576077317%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A105028012%3Ahid%3A781442017%3Ads%3A70%2C537%2C1052%2C513%2C0%2C0%2C0%2C804%2C%2C%2C%2C%2C%3Afp%3A2475%3Awn%3A17440%3Ahl%3A2%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077317%3Au%3A1576077317991405605%3At%3APage%20not%20found%20%7C%20Ramayana%20Water%20Park
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://www.ramayanawaterpark.cn
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 11-Dec-2019 15:15:16 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 11 Dec 2019 15:15:16 GMT
Last-Modified
Wed, 11-Dec-2019 15:15:16 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://www.ramayanawaterpark.cn
Strict-Transport-Security
max-age=31536000
Location
/watch/38282680/1?wmode=7&page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161516%3Aet%3A1576077317%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A105028012%3Ahid%3A781442017%3Ads%3A70%2C537%2C1052%2C513%2C0%2C0%2C0%2C804%2C%2C%2C%2C%2C%3Afp%3A2475%3Awn%3A17440%3Ahl%3A2%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077317%3Au%3A1576077317991405605%3At%3APage%20not%20found%20%7C%20Ramayana%20Water%20Park
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 11-Dec-2019 15:15:16 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Dec 2019 15:15:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Wed, 11 Dec 2019 16:15:16 GMT
/
www.ramayanawaterpark.cn/ 		237 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ramayanawaterpark.cn/?wc-ajax=get_refreshed_fragments
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6dfb1d4733b9c715a4398dd400a3efba9962bf187453ebebad5458efd80642e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Origin
https://www.ramayanawaterpark.cn
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 11 Dec 2019 15:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.ramayanawaterpark.cn
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=31536000;
x-robots-tag
noindex
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
expires
Wed, 11 Jan 1984 05:00:00 GMT
1
mc.yandex.ru/watch/38282680/ 		152 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/38282680/1?wmode=7&page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161516%3Aet%3A1576077317%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A105028012%3Ahid%3A781442017%3Ads%3A70%2C537%2C1052%2C513%2C0%2C0%2C0%2C804%2C%2C%2C%2C%2C%3Afp%3A2475%3Awn%3A17440%3Ahl%3A2%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077317%3Au%3A1576077317991405605%3At%3APage%20not%20found%20%7C%20Ramayana%20Water%20Park
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
81e97d9733b57ace3a3ab11507e70d7d4492f2054038fed329aa96fa8277f832
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Origin
https://www.ramayanawaterpark.cn
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 11 Dec 2019 15:15:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11-Dec-2019 15:15:17 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.ramayanawaterpark.cn
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Wed, 11-Dec-2019 15:15:17 GMT
rwp-logo.png
www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/
Redirect Chain
  • https://cdn.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
  • https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.199.128.210 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
210.128.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c059b68c01d2f6e8ac72c45ae661b7a364c9c8dc5522133e926695bf69db43c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:17 GMT
last-modified
Mon, 06 Aug 2018 04:24:04 GMT
server
nginx
etag
"5b67cd64-3bdf"
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
content-type
image/png
status
200
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
15327
expires
Fri, 10 Jan 2020 15:15:17 GMT

Redirect headers

date
Wed, 11 Dec 2019 15:15:17 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
location
https://www.ramayanawaterpark.cn/wp-content/themes/ramayana/img/rwp-logo.png
x-hw
1576077317.cds016.fr8.hn,1576077317.cds120.fr8.sc,1576077317.cds120.fr8.p
content-type
text/html; charset=UTF-8
status
307
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
/
www.facebook.com/tr/ 		44 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1546435542051612&ev=Microdata&dl=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&rl=&if=false&ts=1576077317267&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20not%20found%20%7C%20Ramayana%20Water%20Park%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22zh_CN%22%2C%22og%3Atype%22%3A%22object%22%2C%22og%3Atitle%22%3A%22Page%20not%20found%20%7C%20Ramayana%20Water%20Park%22%2C%22og%3Asite_name%22%3A%22Ramayana%20Water%20Park%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Ramayana%20Water%20Park%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ramayanawaterpark.com%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.ramayanawaterpark.com%2Flogo-r.png%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FRamayanaWaterParkThailand%22%2C%22https%3A%2F%2Fwww.twitter.com%2Framayanawp%22%2C%22https%3A%2F%2Fplus.google.com%2F%2BRamayanaWaterpark%22%2C%22https%3A%2F%2Finstagram.com%2Framayanawaterpark%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCRxuu7hIyJLsh9MbiQ-ZCrQ%22%5D%7D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%5B%7B%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.ramayanawaterpark.cn%2F%23website%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ramayanawaterpark.cn%2F%22%2C%22name%22%3A%22Ramayana%20Water%20Park%22%2C%22description%22%3A%22Thailand%E2%80%99s%20biggest%20waterpark%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.ramayanawaterpark.cn%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.14&r=stable&ec=2&o=30&fbp=fb.1.1576077316765.48007790&it=1576077316661&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.ramayanawaterpark.cn
URL: https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 15:15:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Wed, 11 Dec 2019 15:15:17 GMT
1
mc.yandex.ru/watch/38282680/
Redirect Chain
  • https://mc.yandex.ru/watch/38282680?page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%...
  • https://mc.yandex.ru/watch/38282680/1?page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3An...
43 B
444 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/38282680/1?page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161531%3Aet%3A1576077332%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A141%3Arn%3A781947239%3Ahid%3A781442017%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C12%2C3424%2C3424%2C9%2C2753%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077332%3Au%3A1576077317991405605%3App%3A3629563401
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ramayanawaterpark.cn/signmail/INC/1hko8jjyc13/%7CDemisto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Dec 2019 15:15:31 GMT
Last-Modified
Wed, 11-Dec-2019 15:15:31 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Wed, 11-Dec-2019 15:15:31 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 11 Dec 2019 15:15:31 GMT
Last-Modified
Wed, 11-Dec-2019 15:15:31 GMT
Server
nginx/1.14.2
Location
/watch/38282680/1?page-url=https%3A%2F%2Fwww.ramayanawaterpark.cn%2Fsignmail%2FINC%2F1hko8jjyc13%2F%257CDemisto&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576077314154%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191211161531%3Aet%3A1576077332%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A141%3Arn%3A781947239%3Ahid%3A781442017%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C12%2C3424%2C3424%2C9%2C2753%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576077332%3Au%3A1576077317991405605%3App%3A3629563401
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://www.ramayanawaterpark.cn
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 11-Dec-2019 15:15:31 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| _wpemojiSettings function| hideTextMore function| $ function| jQuery object| UIkit object| lis function| pagination function| sort object| lazySizesConfig function| c_webp function| s_webp object| wpcf7 object| wc_add_to_cart_params object| woocommerce_params object| wc_cart_fragments_params function| fbq function| _fbq boolean| supportsWebP object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| numeral object| Ya object| yaCounter38282680 object| lazySizes object| twemoji object| wp function| Cookies object| oSpPOptions function| oSendpulsePush object| oSpP function| UAParser object| attr

0 Cookies

2 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Required parameter 'value' is missing for event 'Purchase'.
console-api log URL: https://www.ramayanawaterpark.cn/wp-content/cache/autoptimize/js/autoptimize_190e4356ff08ccc46c0f08d50a54a381.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.sendpulse.com
cdn.shortpixel.ai
connect.facebook.net
googleads.g.doubleclick.net
mc.yandex.ru
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ramayanawaterpark.cn
www.ramayanawaterpark.com
104.199.128.210
151.139.128.10
195.181.175.10
216.58.208.34
23.111.9.35
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:814::2002
2a00:1450:4001:817::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0decd7d85befaf7bad72df2363c595cddc7ba92bc04a29425b65e07df6b2865e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
180e85ee8f2e7ffcd92987162766e1e0d2f63494807321d5b54e4651df9ae78b
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
369d525dabfb3a1cbd4f680516b45adbdb487503cfb7f627ae180bfb091bea55
38f2fc5ff0b6ee5fca5de8ad685f8621f64caa297c190d53dacc8338a7839b25
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
48f5a9b797ed646487cc0a07f13c00a821a3af3a1618f5730b70f0ab4b400867
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
5ac992726ee0cbebaca73d65075ea438cd458c3298a9ae3340dc1e1a0141f79f
5ef425067cdf830b7588c4d9c0849c5cee88fff913a8007a6cdf959e03f3e644
6dfb1d4733b9c715a4398dd400a3efba9962bf187453ebebad5458efd80642e9
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
79a441e2498c830644d546f702f343399ecee92ddfa6f4b5d224474e367dcb89
7a1b432e23c8d95067c94854c169961b8e25eb63fcfaa77fd957840e9042c536
81e97d9733b57ace3a3ab11507e70d7d4492f2054038fed329aa96fa8277f832
8360a63c784e9fde39ecce18de1eaae0b85e9fe2fe0b12595954abf132161670
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
91e1c47787b4bfe01eb7315529e29514daf9e21ce5db8174d7fbcae5284efd26
94f250edc9dcebb535bf5d09fe638d08b865502dd8dc500eeda084578cdfaef3
9ed39dacb095f8bdcfe8ee6448c284ce3a0217820c52d618ae446f7a090ed0ca
aa393718bc92962d475535354c38dcd95c4d22eb24ed19316ca0547355e4b33a
b24d8a4ace8c1a13ccb94b77ceac513d371d5822ed03a81e74c60ed545eda861
c059b68c01d2f6e8ac72c45ae661b7a364c9c8dc5522133e926695bf69db43c5
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8172918240c7294eb2439f911cc8ded63a4b61d38be4ef1f2b14d05c762014e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f52bebe63bee125ce49b8820e8d572476c08fe96a9e4ee92d154890ff88370
fbd6e1388833dc7e4fb82007ae3ad8263bcf0374d404a204d169f4d41a4069d5