thedirect.com Open in urlscan Pro
2606:4700:10::6816:154f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://buff.ly/3zSd6od
Effective URL:
https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_...
Submission: On July 31 via manual (July 31st 2021, 4:04:48 pm UTC) from BH

Summary HTTP 219 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 60 IPs in 10 countries across 50 domains to perform 219 HTTP transactions. The main IP is 2606:4700:10::6816:154f, located in United States and belongs to CLOUDFLARENET, US. The main domain is thedirect.com.
TLS certificate: Issued by R3 on June 28th 2021. Valid for: 3 months.

This is the only time thedirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.12 67.199.248.12	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
6	2606:4700:10:... 2606:4700:10::6816:154f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:7c00:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	52.47.63.168 52.47.63.168	16509 (AMAZON-02) (AMAZON-02)
4	52.216.100.115 52.216.100.115	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.89.159 13.224.89.159	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:5200:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:9c00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:9000:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.219.65.2 3.219.65.2	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:219... 2600:9000:2190:600:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	35.167.53.177 35.167.53.177	16509 (AMAZON-02) (AMAZON-02)
61	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1 3	13.224.96.37 13.224.96.37	16509 (AMAZON-02) (AMAZON-02)
2	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1	54.187.25.111 54.187.25.111	16509 (AMAZON-02) (AMAZON-02)
1	44.240.109.213 44.240.109.213	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
2 7	35.164.229.85 35.164.229.85	16509 (AMAZON-02) (AMAZON-02)
4 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 9	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	52.57.88.239 52.57.88.239	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
25	2600:9000:219... 2600:9000:2190:dc00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
6	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.82.147.164 35.82.147.164	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2 13	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
4 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
3 5	52.58.182.33 52.58.182.33	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.12.64 151.101.12.64	54113 (FASTLY) (FASTLY)
2 3	13.224.96.63 13.224.96.63	16509 (AMAZON-02) (AMAZON-02)
4 6	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 2	34.255.110.255 34.255.110.255	16509 (AMAZON-02) (AMAZON-02)
4 4	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	139.162.40.113 139.162.40.113	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
2 2	18.159.8.206 18.159.8.206	16509 (AMAZON-02) (AMAZON-02)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
1	18.213.12.146 18.213.12.146	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
219	60

1 67.199.248.12 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)

buff.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:154f (United States)

ASN13335 (CLOUDFLARENET, US)

thedirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7c00:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.47.63.168 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com

images.thedirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.100.115 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

thedirect.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-159.zrh50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:5200:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:9c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:9000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.65.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-65-2.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2190:600:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.167.53.177 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-53-177.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-37.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

thedirect.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.25.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.109.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.62 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.164.229.85 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.88.239 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2190:dc00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.82.147.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (United States) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.182.33 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.63 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-63.zrh50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.110.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.38 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.40.113 (Singapore, Singapore) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.8.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.12.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-12-146.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com vidstat.taboola.com il-trc-events.taboola.com images.taboola.com imprammp.taboola.com am-match.taboola.com am-vid-events.taboola.com sync-t1.taboola.com sync.taboola.com match.taboola.com pips.taboola.com cds.taboola.com	1 MB
25	disquscdn.com c.disquscdn.com	785 KB
22	thedirect.com thedirect.com images.thedirect.com	153 KB
13	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	139 KB
10	disqus.com thedirect.disqus.com disqus.com glitter.services.disqus.com referrer.disqus.com	78 KB
10	ad.gt 2 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	15 KB
10	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com l.sharethis.com	46 KB
6	rlcdn.com 4 redirects ejp.rlcdn.com idsync.rlcdn.com	2 KB
6	facebook.net connect.facebook.net	234 KB
6	adsrvr.org 4 redirects match.adsrvr.org	2 KB
6	adnxs.com 6 redirects secure.adnxs.com ib.adnxs.com	6 KB
5	bidswitch.net 3 redirects x.bidswitch.net	1 KB
5	google.com apis.google.com Failed accounts.google.com fcmatch.google.com	41 KB
5	google-analytics.com www.google-analytics.com	22 KB
5	gstatic.com fonts.gstatic.com ssl.gstatic.com	102 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com	3 KB
4	amazonaws.com thedirect.s3.amazonaws.com	100 KB
3	rezync.com 2 redirects live.rezync.com	3 KB
3	facebook.com www.facebook.com	237 B
3	pubmatic.com 2 redirects image2.pubmatic.com simage2.pubmatic.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	3lift.com 1 redirects eb2.3lift.com	737 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	openx.net 1 redirects u.openx.net	504 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	828 B
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	narrative.io 1 redirects io.narrative.io	887 B
2	rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	453 B
2	360yield.com 2 redirects ad.360yield.com	685 B
2	perfectmarket.com widget.perfectmarket.com	33 KB
2	googletagmanager.com www.googletagmanager.com	90 KB
1	postrelease.com jadserve.postrelease.com	428 B
1	clientgear.com 1 redirects event.clientgear.com	263 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	363 B
1	criteo.com 1 redirects dis.criteo.com	568 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	youtube.com fcmatch.youtube.com
1	aufp.io aufp.io	3 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	intergient.com cdn.intergient.com	40 KB
1	googleapis.com fonts.googleapis.com	949 B
1	buff.ly 1 redirects buff.ly	321 B
0	id5-sync.com Failed id5-sync.com Failed
219	50

	Domain	Requested by
40	images.taboola.com	thedirect.com
25	c.disquscdn.com	thedirect.disqus.com disqus.com c.disquscdn.com
16	images.thedirect.com	thedirect.com
10	cdn.taboola.com	thedirect.com cdn.taboola.com
9	cm.g.doubleclick.net	7 redirects
7	sync.taboola.com	2 redirects
7	disqus.com	thedirect.disqus.com c.disquscdn.com cdn.taboola.com
7	ids.ad.gt	2 redirects
6	connect.facebook.net	c.disquscdn.com p.ad.gt connect.facebook.net
6	match.adsrvr.org	4 redirects imprammp.taboola.com am-match.taboola.com
6	trc.taboola.com	cdn.taboola.com
6	platform-cdn.sharethis.com
6	thedirect.com	static.cloudflareinsights.com d3e54v103j8qbb.cloudfront.net
5	x.bidswitch.net	3 redirects imprammp.taboola.com am-match.taboola.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	idsync.rlcdn.com	2 redirects live.rezync.com
4	ib.adnxs.com	4 redirects
4	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
4	sync.search.spotxchange.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	thedirect.s3.amazonaws.com	thedirect.com ajax.cloudflare.com
3	live.rezync.com	2 redirects c.disquscdn.com
3	www.facebook.com	c.disquscdn.com connect.facebook.net
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com
3	securepubads.g.doubleclick.net	ajax.cloudflare.com securepubads.g.doubleclick.net
2	eb2.3lift.com	1 redirects
2	ads.betweendigital.com	2 redirects
2	u.openx.net	1 redirects
2	rtb.mfadsrvr.com	2 redirects
2	ce.lijit.com	1 redirects
2	bh.contextweb.com	1 redirects
2	p.rfihub.com	2 redirects
2	io.narrative.io	1 redirects
2	ejp.rlcdn.com	2 redirects
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
2	apis.google.com	c.disquscdn.com apis.google.com
2	ad.360yield.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	www.googletagmanager.com	thedirect.com www.googletagmanager.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	jadserve.postrelease.com
1	match.taboola.com
1	event.clientgear.com	1 redirects
1	bttrack.com
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com
1	rtb-csync.smartadserver.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	fcmatch.youtube.com	c.disquscdn.com
1	fcmatch.google.com	1 redirects
1	referrer.disqus.com
1	glitter.services.disqus.com	c.disquscdn.com
1	ssl.gstatic.com	accounts.google.com
1	am-vid-events.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	il-trc-events.taboola.com
1	15.taboola.com	cdn.taboola.com
1	pixels.ad.gt	p.ad.gt
1	token.rubiconproject.com
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	thedirect.disqus.com	thedirect.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	a.ad.gt	thedirect.com
1	l.sharethis.com	platform-api.sharethis.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	thedirect.com
1	d3e54v103j8qbb.cloudfront.net	thedirect.com
1	static.cloudflareinsights.com	thedirect.com
1	ajax.cloudflare.com	thedirect.com
1	cdn.intergient.com	thedirect.com
1	fonts.googleapis.com	thedirect.com
1	buff.ly	1 redirects
0	id5-sync.com Failed
219	83

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
thetopfivevpn.com
popup.taboola.com
luxurylife-style.com
om.forgeofempires.com
my-brightside.com
7f24b3.nmptrkgqczwgnrb.com
www.healthy-woman-mag.com

Subject Issuer	Validity	Valid
*.thedirect.com R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
cdn.intergient.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
images.thedirect.com Amazon	`2021-06-17` - `2022-07-16`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.narrative.io Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Frame ID: BA3BB6B604529E57765DC57EEDAFB3F6
Requests: 142 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: F013C1A7DC8709453CCC4DDCD1F58E1A
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
Frame ID: 5157E0D3CC8FC6067C62C8D63A53D1D6
Requests: 17 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 2AAF11BD96E96FB1D63D4232FD0A3309
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 307C6FD1CE458216008B77F2BB92716E
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
Frame ID: A7CDEBB91A48E70C761940E76694A0C6
Requests: 20 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 51F65F2FAFC9656B73418E3589A06F37
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 17C137F2CA9F3ADC90ED52C209D8E73D
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66521735&crid=6374615&dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&cmcv=&pix=undefined&cb=1627747475979&uv=2999&tms=1627747475979&abt=adh5c-1_vA!insc_vA!scec9_vB!spa2_vB!t45!ufm_vC!ul2999_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=7167C570381926230681960722072&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 6888D76BB9CC5CA6D7949A515A4B58D9
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 5C65EE534AFB7BECD93337639933228B
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: CBAEA1E83E301ADFC55BA80F4846BC7D
Requests: 3 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c75epgl2k91jbd&pctry=CZ&referrer=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer
Frame ID: A0B083BDD881501FACCD05F8A5F73F42
Requests: 3 HTTP requests in this frame

Frame: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorubcTL2Mh8Ffo_0tqgX4yZej--cpckiAMPmMfk34ZGvGh2NyZ95opnQls22nqdxXCvq-AZ-YhfTUgkQPQTsLj2dVLdNUGlyLcPoNxqwptGKJZMDng5rpVCjAefeDXhx72Jd_iPc-jwxzywLu-cSf4HjxgjJA
Frame ID: CE895ACA1C9801D75AE52329A0803D7C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: 36741C4304672B5A0EED9059C881533E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://buff.ly/3zSd6od HTTP 301
https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&ut... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

219
Requests

99 %
HTTPS

32 %
IPv6

50
Domains

83
Subdomains

60
IPs

10
Countries

3407 kB
Transfer

6861 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/p/CR9ijGPpsY7/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://thetopfivevpn.com/unblock-netflix-us/?title=Enjoy_Netflix_Now_Without_Any_Restrictions&utm_source=taboola&utm_medium=paid&tblcid=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDNhkYow7zUuajwi9Uy&campaign=Safe+-+MSN+-+Top5+-+D+-+WW+-+CG+-+Netflix+US+-+0909+-+SMB+-+NC3+-+V2&campaignid=6205403&site=thedirect-thedirect&siteid=1394000&title=Enjoy+Netflix+Now+Without+Any+Restrictions&image=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Feadafcad67e3d54d5fb825bec486e135.jpg&accountid=1292460&ad=2926663053#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDNhkYow7zUuajwi9Uy
Title: TheTopFiveVPN

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thedirect-thedirect&utm_medium=referral&utm_content=thumbs-feed-01-b:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://luxurylife-style.com/these-15-illustrations-show-why-living-alone-is-the-best/?utm_source=taboola&utm_medium=referral&utm_campaign=3._ALL-SITE&utm_term=thedirect-thedirect&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb75f88df3d7d0d0f9f20cb4eae49c875.jpg-These+15+Illustrations+Show+Why+Living+Alone+Is+The+Best%C2%A0%C2%A0&tblci=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDiklEonqHN_6TxuJgF#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDiklEonqHN_6TxuJgF
Title: The Luxury Lifestyle Magazine

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/?ref=tab_row_en_mktdet2&&external_param=3018531653&pid=thedirect-thedirect&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F95feb8a1bac1de99d9e6c645b9725250.jpeg&tblci=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDJqD8omem56c7z18bBAQ#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDJqD8omem56c7z18bBAQ
Title: Forge of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://luxurylife-style.com/the-most-remarkable-oscar-outfits-ever/?utm_source=taboola&utm_medium=referral&utm_campaign=4._ALL-SITE&utm_term=thedirect-thedirect&utm_content=https%3A%2F%2Fluxurylife-style.com%2Fwp-content%2Fuploads%2FThe-Most-Remarkable-Oscar-Outfits-Ever.jpg-The+Most+Remarkable+Oscar+Outfits+Ever%C2%A0+%C2%A0%C2%A0&tblci=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDiklEo45LH5Kjy8Nj9AQ#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDiklEo45LH5Kjy8Nj9AQ
Title: The Luxury Lifestyle Magazine

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thedirect-thedirect&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://thetopfivevpn.com/unblock-netflix-us/?title=Working_Abroad_But_Miss_Your_Native_TV_Shows?_This_Ad_Is_For_You&utm_source=taboola&utm_medium=paid&tblcid=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDNhkYojvagsdz0n52SAQ&campaign=Safe+-+MSN+-+Top5+-+D+-+TopG30.4+-+CG+-+Netflix+US+-+0607+-+SMB+-+NC3+-+V2&campaignid=10828601&site=thedirect-thedirect&siteid=1394000&title=How+To+Remove+Netflix+Restrictions+In+Czech+Republic+Easily&image=https%3A%2F%2Fresizing.flixster.com%2FjPu8iLcdzweaxWTxvDHvbQ49U18%3D%2Ffit-in%2F1152x864%2Fv1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA&accountid=1292460&ad=3004813404#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDNhkYojvagsdz0n52SAQ
Title: TheTopFiveVPN

Search URL Search Domain Scan URL

URL: https://my-brightside.com/top-30-most-beautiful-women-in-the-world/?utm_source=taboola&utm_medium=referral&utm_campaign=Beautiful_AGORA_TARGET&utm_term=thedirect-thedirect&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F73250c213c0c8b0a2b9c0728855ec749.jpg-Top+30+Most+Beautiful+Women+in+the+World%C2%A0+%C2%A0%C2%A0&tblci=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDniVQo496stcme3clK#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDniVQo496stcme3clK
Title: MyBrightSide

Search URL Search Domain Scan URL

URL: https://7f24b3.nmptrkgqczwgnrb.com/?network=taboola&site=thedirect-thedirect&adtitle=Maids+in+Prague+Might+Surprise+You&click_id=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSC8rFEo5pPzlqi5lKdJ&dpco=1&subid1=11573820&subid2=thedirect-thedirect&subid3=2021-07-31+16%3A04%3A35&subid4=1394000#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSC8rFEo5pPzlqi5lKdJ
Title: Maid Services

Search URL Search Domain Scan URL

URL: http://www.healthy-woman-mag.com/2018/08/01/top-30-most-beautiful-women-in-the-world/?utm_source=taboola&utm_medium=referral&utm_campaign=Beautiful_AGORA_TARGET-33&utm_term=thedirect-thedirect&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F48532e99fd3e2391745a2d45f05c1cef.jpg-Top+30+Most+Beautiful+Women+in+the+World%C2%A0&tblci=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSCaiFQogNeC15mMy4kt#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSCaiFQogNeC15mMy4kt
Title: HealthyWomanMag

Search URL Search Domain Scan URL

URL: https://thetopfivevpn.com/unblock-netflix-us/?title=Enjoy_Netflix_Now_Without_Any_Restrictions&utm_source=taboola&utm_medium=paid&tblcid=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDNhkYoo_Gm0_rT-s2mAQ&campaign=Safe+-+MSN+-+Top5+-+D+-+WW+-+CG+-+Netflix+US+-+0909+-+SMB+-+NC3+-+V2&campaignid=6205403&site=thedirect-thedirect&siteid=1394000&title=Enjoy+Netflix+Now+Without+Any+Restrictions&image=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Feadafcad67e3d54d5fb825bec486e135.jpg&accountid=1292460&ad=2926663053#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDNhkYoo_Gm0_rT-s2mAQ
Title: TheTopFiveVPN

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thedirect-thedirect&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://luxurylife-style.com/these-15-illustrations-show-why-living-alone-is-the-best/?utm_source=taboola&utm_medium=referral&utm_campaign=3._ALL-SITE&utm_term=thedirect-thedirect&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb75f88df3d7d0d0f9f20cb4eae49c875.jpg-These+15+Illustrations+Show+Why+Living+Alone+Is+The+Best%C2%A0%C2%A0&tblci=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDiklEotpOXk_GVqd5N#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDiklEotpOXk_GVqd5N
Title: The Luxury Lifestyle Magazine

Search URL Search Domain Scan URL

URL: https://luxurylife-style.com/the-most-remarkable-oscar-outfits-ever/?utm_source=taboola&utm_medium=referral&utm_campaign=4._ALL-SITE&utm_term=thedirect-thedirect&utm_content=https%3A%2F%2Fluxurylife-style.com%2Fwp-content%2Fuploads%2FThe-Most-Remarkable-Oscar-Outfits-Ever.jpg-The+Most+Remarkable+Oscar+Outfits+Ever%C2%A0+%C2%A0%C2%A0&tblci=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDiklEopI3dtYCU-rgE#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDiklEopI3dtYCU-rgE
Title: The Luxury Lifestyle Magazine

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thedirect-thedirect&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://thetopfivevpn.com/unblock-netflix-us/?title=Working_Abroad_But_Miss_Your_Native_TV_Shows?_This_Ad_Is_For_You&utm_source=taboola&utm_medium=paid&tblcid=GiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDNhkYo8O3y7pfz6La_AQ&campaign=Safe+-+MSN+-+Top5+-+D+-+TopG30.4+-+CG+-+Netflix+US+-+0607+-+SMB+-+NC3+-+V2&campaignid=10828601&site=thedirect-thedirect&siteid=1394000&title=How+To+Remove+Netflix+Restrictions+In+Czech+Republic+Easily&image=https%3A%2F%2Fresizing.flixster.com%2FjPu8iLcdzweaxWTxvDHvbQ49U18%3D%2Ffit-in%2F1152x864%2Fv1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA&accountid=1292460&ad=3004813404#tblciGiBKflqdqgIKzFCu5gMdeK7NUM8ILLQ2rdqg50am5IxDeSDNhkYo8O3y7pfz6La_AQ
Title: TheTopFiveVPN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://buff.ly/3zSd6od HTTP 301
https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1627747474338&ns_c=UTF-8&cv=3.5&c8=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&c7=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1627747474338&ns_c=UTF-8&cv=3.5&c8=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&c7=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&c9=

Request Chain 65

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&adnxs_id=887796462813939878

Request Chain 66

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=5b7cd01d-2d8b-4336-aa18-5ee25bff9da3&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4

Request Chain 67

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=D9EC5F12-5827-4DB0-A57C-25B71CD33ADF&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&google_gid=CAESEGAYgb9t6SRO9aI5i9p5kSg&google_cver=1&google_ula=450542624,0

Request Chain 69

https://ids.ad.gt/api/v1/g_hosted?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzFlNTFmZmYtN2VhMy00OGY1LWI1YTEtZjllNDgxZmI5YWQ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzFlNTFmZmYtN2VhMy00OGY1LWI1YTEtZjllNDgxZmI5YWQ0&google_tc=

Request Chain 71

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&impr_uid=5d9cade4-754e-4549-9d5f-93f7d5b00d65

Request Chain 72

https://ids.ad.gt/api/v1/rub?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4 HTTP 302
https://token.rubiconproject.com/token?pid=50242&puid=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&gdpr=0

Request Chain 178

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=009d91c8-f219-11eb-a3d9-11e121d60506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=009d915e-f219-11eb-a3d9-11e121d60506&orig=video&us_privacy=1---gdpr=1&

Request Chain 183

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=00a45601-f219-11eb-8517-197e22df0406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=00a45597-f219-11eb-8517-197e22df0406&orig=video&us_privacy=1---gdpr=1&

Request Chain 189

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCJTplYgGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMTNweUZfdUdKRFctbzRWZkI2QXBiS0xoVml2SlVfaHdpS2xjQW1LdGlOaw==&google_cm HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDorubcTL2Mh8Ffo_0tqgX4yZej--cpckiAMPmMfk34ZGvGh2NyZ95opnQls22nqdxXCvq-AZ-YhfTUgkQPQTsLj2dVLdNUGlyLcPoNxqwptGKJZMDng5rpVCjAefeDXhx72Jd_iPc-jwxzywLu-cSf4HjxgjJA HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorubcTL2Mh8Ffo_0tqgX4yZej--cpckiAMPmMfk34ZGvGh2NyZ95opnQls22nqdxXCvq-AZ-YhfTUgkQPQTsLj2dVLdNUGlyLcPoNxqwptGKJZMDng5rpVCjAefeDXhx72Jd_iPc-jwxzywLu-cSf4HjxgjJA

Request Chain 190

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac75epgl2k91jbd&ret=img&ref=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=00e20a10-f219-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac75epgl2k91jbd&ret=img&ref=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer

Request Chain 193

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=131933016303020456 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=8f1218ac-eb3d-48da-bed0-90b10202cfbc%3A1627747476.76&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc75epgl2k91jbd HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c75epgl2k91jbd HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECFNFEGX6weeBR2REubLgZQ&google_cver=1

Request Chain 194

https://p.rfihub.com/cm?pub=39342&in=1&userid=8f1218ac-eb3d-48da-bed0-90b10202cfbc%3A1627747476.76&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597497107345325 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c75epgl2k91jbd HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=131933016303020456

Request Chain 196

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9ST8keUA8pmN&ev=1&orig=trc&pid=562107

Request Chain 197

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=131933016303020456&orig=trc

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAF4EkLA_KoNdm5koy2a5IE&google_cver=1

Request Chain 200

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=417aecf6-afd5-4be0-a313-033638a4b9d2-tuct7fefa14

Request Chain 201

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=74aae32a-b3a6-4efa-a762-23be484940b0

Request Chain 202

https://ce.lijit.com/merge?pid=42&3pid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 206

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=19cf6800-6d20-401e-bed6-1c8babc46389

Request Chain 207

https://id5-sync.com/s/464/9.gif?puid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOeGyLL5nJgRJHKt6NtUrHAROD-ZvnYbNUeIcjjA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOeGyLL5nJgRJHKt6NtUrHAROD-ZvnYbNUeIcjjA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=8ca2feac-aa5b-451d-be4e-d5042e763104&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/5/3.gif?puid=7420a08ec695f7314785da8d1e1ea72f&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/4/4.gif?puid=714a64ac-1c5f-4787-8aed-d1b63a6e0060&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/3/5.gif?puid=6e484dba-153f-426a-9665-0d2890e70c04&gdpr=1&gdpr_consent= HTTP 302
https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F118%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F118%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&prevuid=03030002_6105749696969&knw=0 HTTP 302
https://id5-sync.com/c/464/118/2/6.gif?puid=03030002_6105749696969&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/1/7.gif?puid=57845562-5039-4189-90e0-ac4b8ca782bf&gdpr=1&gdpr_consent=

Request Chain 208

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xdKPAF3WDfqMSMeZlnQFYQ

Request Chain 210

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=taboola&bsw_custom_parameter=c1dd4b06-8fb8-4db9-b00b-52428563961b HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk7ff981ab-94b3-477c-af46-e1b6f92bf872&expires=7&user_group=5&ssp=taboola&bsw_param=c1dd4b06-8fb8-4db9-b00b-52428563961b HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c1dd4b06-8fb8-4db9-b00b-52428563961b

Request Chain 211

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1e7bd9fe-4b4d-4ebd-beac-709970904d6a HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1e7bd9fe-4b4d-4ebd-beac-709970904d6a&tbid=417aecf6-afd5-4be0-a313-033638a4b9d2-tuct7fefa14&query=taboola_hm%3D1e7bd9fe-4b4d-4ebd-beac-709970904d6a&isDirect=0

Request Chain 212

https://u.openx.net/w/1.0/sd?id=543998486&val=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent=

Request Chain 213

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=87b10e1f-c6f5-51d4-8fff-e8e4eefa9c71

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=yfNvLdjmSRGC_iekhCjvPw&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3Dba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12%26ui%3DyfNvLdjmSRGC_iekhCjvPw HTTP 302
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&ui=yfNvLdjmSRGC_iekhCjvPw

Request Chain 216

https://eb2.3lift.com/xuid?mid=7772&xuid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&dongle=tbla HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

219 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ant-man-3-marvel-funny-filming-set-update Show response
thedirect.com/article/
Redirect Chain

https://buff.ly/3zSd6od
https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

68 KB
19 KB

199ms
184ms

Document
text/html

2606:4700:10::6816:154f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:154f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d53d182621574d5fc58e62d8556c058958d992cc26fd3d53107d5dc1b7cc6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:method: GET
:authority: thedirect.com
:scheme: https
:path: /article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Cookie
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 31 Jul 2021 16:04:39 GMT
cache-control: max-age=10
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 677810132a8b4e80-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

cache-control: private, max-age=90
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sat, 31 Jul 2021 16:04:29 GMT
location: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
referrer-policy: unsafe-url
server: nginx
set-cookie: _bit=l6vg4t-5bd15b14d869661341-008; Domain=buff.ly; Expires=Thu, 27 Jan 2022 16:04:29 GMT
content-length: 255

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
949 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66720a732b901113ae8fafc04294ba1549324fecbcc89b7e724574ed3a6e28ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 31 Jul 2021 16:04:29 GMT
server: ESF
date: Sat, 31 Jul 2021 16:04:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 31 Jul 2021 16:04:29 GMT

GET
H2 200 pageos.js Show response
cdn.intergient.com/pageos/ 127 KB
40 KB 124ms
94ms Script
application/javascript 2600:9000:2156:7c00:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/pageos.js
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7c00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: edd5c2ce0a03e748b54f17b6651b8454a3cea8b31e5ec9deb3d76c14d005c31a

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:29 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=814, public, must-revalidate
content-encoding: br
x-amz-cf-id: _M54i_fGRMOTRqEnjCqiMEoldS3_hg22JHqHgsHEb1VvgBvxq8XPfw==

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 27ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b9ee860c200002c229914f000000001
last-modified: Mon, 19 Jul 2021 18:19:39 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60f5c23b-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7P7TzFn698tApqUog3u6ltZocS%2FQ18SxDub9itRKpGHBQD5Fp9bSH71od2Mo5aIho%2BV%2ButC5nreVPTavRIC0oNloqhMb1LQLSQgfDYx7BtrIdqjMM4Orc%2FkfJl4WEUlRAG52UBnsNJ3hpe1B3img298%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 677810146a992c22-FRA
expires: Mon, 02 Aug 2021 16:04:29 GMT

GET
H2 200 AM3_Writer.jpg
images.thedirect.com/media/article_big/ 45 KB
46 KB 156ms
66ms Image
image/jpeg 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/article_big/AM3_Writer.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: d23f65ff7200501e61d9b9013af8c14f6a64bf37bd101b927ade81634e40310e

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:29 GMT
via: 1.1 varnish (Varnish/6.5)
age: 0
x-ie-cache: HIT
content-length: 46509
x-amz-id-2: EbukCROpDpZgeez83RERODXA6g9AZNBMuyF0E9EcVL60DcbeGpbrgJ06z2h8aifPkwlrBw9lKjc=
last-modified: Fri, 30 Jul 2021 22:38:42 GMT
server: ScientiaMobile ImageEngine
etag: "2c45cb5e287dc132a340ec9ad9d380d6"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: GM8AKT5SEHVFNMA2
imgeng-hash: bd1edff0280402426a34bc7573ac6757
cache-control: public, max-age=598, s-maxage=557
imgeng-img-status: origin-object
accept-ranges: bytes
content-type: image/jpeg

GET
H/1.1 200
OK download_10.jpg
thedirect.s3.amazonaws.com/media/photos/ 51 KB
51 KB 662ms
151ms Image
image/jpeg 52.216.100.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedirect.s3.amazonaws.com/media/photos/download_10.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.100.115 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f39acf7028a1e65976cee680dd3157bf4a5b61d2b2d8665386ef957e74f8ce1

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:31 GMT
Last-Modified: Fri, 30 Jul 2021 22:14:32 GMT
Server: AmazonS3
x-amz-request-id: AWJ65RAANG9R1AAQ
ETag: "1a7a12476afd7c43af6c7b5dc83aaf98"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 51974
x-amz-id-2: Yt4UxJtTD6rWa+GMyC6u4pCpokb7+ri3/AE4Cmo5ggagmxAy0izW/3QwlZBZVH3KE9wwFdGeiFs=

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 32ms
15ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:29 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 67781015587605dc-FRA

GET
DATA 200
OK truncated
/ 4 KB
4 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e901d317da87c512cc19faf1b67d8b090876940a6c68e9ac8c0aa2cc517eb6fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: img/png

GET
H/1.1 200
OK lazysizes.min.js Show response
thedirect.s3.amazonaws.com/general/WandaVision/ 8 KB
8 KB 386ms
145ms Script
text/javascript 52.216.100.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thedirect.s3.amazonaws.com/general/WandaVision/lazysizes.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.100.115 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:31 GMT
Last-Modified: Fri, 30 Jul 2021 22:13:00 GMT
Server: AmazonS3
x-amz-request-id: AWJF5HB0FG3XTGSR
ETag: "c75222a837462c1c8da0309810b969da"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 7862
x-amz-id-2: oT7W8F7cFp+N53k8BMnlRTdqG5p5VziyaXA5p533Op+6g7dGvIZ5/0+0JsPpwsu5/Lf8KM7gSZE=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 127ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

9df44053cef2802e8f05e08fb13522d72a7ff0e2d9ef61910fb3d2a44217b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "944 / 504 of 1000 / last-modified: 1627683221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24678
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:04:29 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thedirect.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 21:52:56 GMT
x-content-type-options: nosniff
age: 411093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 21:52:56 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thedirect.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:56:59 GMT
x-content-type-options: nosniff
age: 400050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:56:59 GMT

GET
H3-29 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thedirect.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 13:27:21 GMT
x-content-type-options: nosniff
age: 355028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 13:27:21 GMT

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thedirect.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 20:30:51 GMT
x-content-type-options: nosniff
age: 416018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 20:30:51 GMT

GET
H3-29 200 pubads_impl_2021072801.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
113 KB 88ms
45ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062076

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 08:38:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115904
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:04:30 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
95 B 89ms
46ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thedirect.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

652840f972b16c251da3730e015ac7df971631c024ffeb5338629bf94a6a5c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 16:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:04:30 GMT

GET
H2 200 The_Direct_Tag_-_Black_Widow_Movie_MvyheNH_0NoRVn2_TdC3iqd_v68BujO_1_rhFCVnX.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
3 KB 46ms
44ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Black_Widow_Movie_MvyheNH_0NoRVn2_TdC3iqd_v68BujO_1_rhFCVnX.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: d1ed230b0a1b33eb60cd300cbde3b3dc510167a17c46c302346aca99913cc60b

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 39285
x-ie-cache: HIT
content-length: 2720
x-amz-id-2: QONfEoksPiDKWEixo6+PC9eJMrF43l7G048FP7qmOAU7EffwWUgfQ2eEJUrWlTeMErDF9hYaWJo=
last-modified: Fri, 25 Sep 2020 02:01:00 GMT
server: ScientiaMobile ImageEngine
etag: "a0344ae81bafd6d81eb3e7007b66f4ab"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: CTZCGHZ9DM26XJWV
imgeng-hash: a0344ae81bafd6d81eb3e7007b66f4ab
cache-control: public, max-age=81150, s-maxage=85913
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_Loki_Series_1dqSUIG_Tsl9lYE_RHhAs6f_JjXC1KK_zi8tzju_M6aactl.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
4 KB 48ms
46ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Loki_Series_1dqSUIG_Tsl9lYE_RHhAs6f_JjXC1KK_zi8tzju_M6aactl.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 0e5cf363283dcf6dcf8376adbdd226eb9928c9333aabb0e62da9b4ecfd2660f1

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 51782
x-ie-cache: HIT
content-length: 3232
x-amz-id-2: YeNJoJVYZqUeUFfVP5+j7Wb9MEhjMYo6Vtl4FLircLEOF+AmFrcrhJCn0T+TaCKTY+F/BId2uHg=
last-modified: Fri, 25 Sep 2020 16:04:03 GMT
server: ScientiaMobile ImageEngine
etag: "e4d3c90b4e0c2fcc3e0174a86de6c7e0"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: HZQ5C69GQM3QZJ0F
imgeng-hash: e4d3c90b4e0c2fcc3e0174a86de6c7e0
cache-control: public, max-age=81584, s-maxage=81580
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_What_If_w9CTzq7.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
3 KB 51ms
49ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_What_If_w9CTzq7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 3f383236d81bfed41be042672cfd00fa3c18965bd4d0de54c883bf4b71015bf3

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 40028
x-ie-cache: HIT
content-length: 2876
x-amz-id-2: SQI+ixMQ4cC6c79hUU/Ew+fzBUs+AqFWgeZVrvAT7mfwKtp1uWO89kDTsF1q0pSzehf1EPN1Sts=
last-modified: Fri, 28 Feb 2020 22:31:36 GMT
server: ScientiaMobile ImageEngine
etag: "807aa415bf12deb19c8eb4bfaeaa1e60"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: HZQE0RCRTB5456CQ
imgeng-hash: 807aa415bf12deb19c8eb4bfaeaa1e60
cache-control: public, max-age=83731, s-maxage=81394
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_Star_Wars_The_Bad_Batch.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
3 KB 52ms
51ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Star_Wars_The_Bad_Batch.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 9f47d67bd71b8fec8b33572b9b1d9a38ccd6a1f6c004df1e05feefe49db4e0e2

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 26554
x-ie-cache: HIT
content-length: 3098
x-amz-id-2: /wRmv8DRyENwv6VEtJsFOKrspvNARmqaMlip7tXcvxKANAw0wajdu8+934Lbk7tKzhBDRs6sQ9Q=
last-modified: Mon, 13 Jul 2020 19:44:11 GMT
server: ScientiaMobile ImageEngine
etag: "1c2c1353a91ecc0398e07807b849a3ae"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: HZQD9QKR962D6A42
imgeng-hash: 1c2c1353a91ecc0398e07807b849a3ae
cache-control: public, max-age=83837, s-maxage=84644
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_Spider_Man_No_Way_Home.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
3 KB 50ms
48ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Spider_Man_No_Way_Home.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: e824c202dc6955193b28a1e0ab89b1e7960f358920c06ec6290ae394361b0360

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 49511
x-ie-cache: HIT
content-length: 2778
x-amz-id-2: 8XnUVUnLbMwa7qVWZFoaIw5H9b9uzzOC/U0k3DJCv/XAVew6ULE5pD8bdRDfRQjqSrkL9LYB2rM=
last-modified: Thu, 06 May 2021 14:52:48 GMT
server: ScientiaMobile ImageEngine
etag: "07126ab66e3d8d9f363b58c1e63657cd"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: HZQFWE72773SFJGT
imgeng-hash: 07126ab66e3d8d9f363b58c1e63657cd
cache-control: public, max-age=77983, s-maxage=77870
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_Zack_Snyders_Justice_League_qcmZt7A_n1m0GqB_KKkHeOX_9yNAoWg.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
3 KB 48ms
47ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Zack_Snyders_Justice_League_qcmZt7A_n1m0GqB_KKkHeOX_9yNAoWg.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: f8579d5c4c3ad5b9bce102b1e8d064d62e9c9ddd14319c0eaea551a025d8f9dd

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 42183
x-ie-cache: HIT
content-length: 2936
x-amz-id-2: a+pMLgwNPrU0n/c2ZdExB5TacSBvNDB4LqX8QI9WS+ETV8z0GuX6FOoLSsu1XPSxE67eE5j/yM8=
last-modified: Thu, 24 Sep 2020 20:40:59 GMT
server: ScientiaMobile ImageEngine
etag: "26b7ba9359e7839e6ea18dfb94f507b3"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: VN9XNXNHTA1S0FZY
imgeng-hash: 26b7ba9359e7839e6ea18dfb94f507b3
cache-control: public, max-age=84224, s-maxage=79260
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_Visions.png
images.thedirect.com/media/tag_thumbnail_small/ 2 KB
3 KB 51ms
50ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Visions.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 15b300d8fcb9697d7ff98d5f092d9ef8a3452481de0ddfd7c54ed480dcece6d9

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 64017
x-ie-cache: HIT
content-length: 2300
x-amz-id-2: T680N2zq8kX7dD4elEKv7Q2zrDBGx6JwH5Sw+KCsnNepQNnq5aIIhDNIh2A1VJ6gHKsG/MOONv0=
last-modified: Sun, 03 Jan 2021 21:18:14 GMT
server: ScientiaMobile ImageEngine
etag: "04e04ecde01e92a307418a12519ce94a"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: KS9SSNWN3QH1DFQ5
imgeng-hash: 04e04ecde01e92a307418a12519ce94a
cache-control: public, max-age=78456, s-maxage=81363
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

POST
H3-29 200 rum Show response
thedirect.com/cdn-cgi/ 0
200 B 91ms
76ms XHR
text/plain 2606:4700:10::6816:154f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedirect.com/cdn-cgi/rum?req_id=677810132a8b4e80

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:154f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://thedirect.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 4550
:path: /cdn-cgi/rum?req_id=677810132a8b4e80
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: thedirect.com
referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://thedirect.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6778101adafd435d-FRA
vary: Origin

GET
H2 200 The_Direct_Tag_-_Ant-Man_720OO9v_Ooy86NB_vMwJNSl_JhtRonK.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
3 KB 45ms
45ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Ant-Man_720OO9v_Ooy86NB_vMwJNSl_JhtRonK.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 2a2bc9d285b588bdd4634be9e3627e4a25c81df8ab2a28bd31e16ab7492acfe9

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 81775
x-ie-cache: HIT
content-length: 2954
x-amz-id-2: 68lBn+mvy3kH3Z6txIdBxO8q0+RTOhctatRf5u54eelCySUz1xJO2O+4eLMuH1IcYUN6AHWDv2Y=
last-modified: Fri, 25 Sep 2020 13:25:09 GMT
server: ScientiaMobile ImageEngine
etag: "c42880aada144f34b351d75854769967"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: HRQWBYYS13ZFJTM6
imgeng-hash: c42880aada144f34b351d75854769967
cache-control: public, max-age=85915, s-maxage=83906
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_Ant-Man_and_the_Wasp_Quantumania_rtwtlxP.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
3 KB 57ms
57ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Ant-Man_and_the_Wasp_Quantumania_rtwtlxP.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 8452b518e25ca0b61a3dc907264af6fd478940a79b91dab675d3224728f7e76b

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:30 GMT
via: 1.1 varnish (Varnish/6.5)
age: 62531
x-ie-cache: HIT
content-length: 3012
x-amz-id-2: ipwbRyQcpssrFNJqE6qVFkGHIEnLHyOxzoqOFbQ8hPX0rHzsTgYkNm5FKZqn94GaxBICC9zxHT0=
last-modified: Thu, 06 May 2021 14:46:10 GMT
server: ScientiaMobile ImageEngine
etag: "8c5135e44af18b88f0146135b3757fbf"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: ZRTG93H2XT3J5S54
imgeng-hash: 8c5135e44af18b88f0146135b3757fbf
cache-control: public, max-age=83869, s-maxage=80545
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_MCU_TamDswd_8u3WIeh_hSF8SzJ_1WOgGUr_SO5UO74_nxEUMsf_z2Je1Uw.png
images.thedirect.com/media/tag_thumbnail_small/ 2 KB
3 KB 46ms
45ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_MCU_TamDswd_8u3WIeh_hSF8SzJ_1WOgGUr_SO5UO74_nxEUMsf_z2Je1Uw.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 95140ebb86b5e738910e2cbfed6664106b1b2dfe9b4fcf19fc26309b673e8bb3

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:31 GMT
via: 1.1 varnish (Varnish/6.5)
age: 34361
x-ie-cache: HIT
content-length: 2132
x-amz-id-2: /p2H+9rZp6uTYbpX3lSnvoSK2fzlxEFaoPhPHqyEql/S9HAH6MEnuHqxecFdAAumClTrTYDUWUc=
last-modified: Fri, 25 Sep 2020 16:04:04 GMT
server: ScientiaMobile ImageEngine
etag: "ea532dad88edbe64dc2bb54fde606dba"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: 8HTAYREX28FRBAS6
imgeng-hash: ea532dad88edbe64dc2bb54fde606dba
cache-control: public, max-age=79601, s-maxage=79270
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 The_Direct_Tag_-_Wasp_LW0CQCr_sUj47Ir.png
images.thedirect.com/media/tag_thumbnail_small/ 3 KB
3 KB 45ms
45ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/tag_thumbnail_small/The_Direct_Tag_-_Wasp_LW0CQCr_sUj47Ir.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 4717439348493dc77d6939cef81e2951cfd0509a5f2f1c0bc2582ea5f4e86c98

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:31 GMT
via: 1.1 varnish (Varnish/6.5)
age: 57157
x-ie-cache: HIT
content-length: 2702
x-amz-id-2: hIHCh/0/JXPp9/41mrae0AR7C8w38ZE4ru2L4YUEeDd/Iq7o0fKtwqD+vserXLVbmYtSRTleMMI=
last-modified: Tue, 15 Sep 2020 01:18:18 GMT
server: ScientiaMobile ImageEngine
etag: "0d05e4e7b15c575f215c5b51acb28925"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: XTFQRQX5EBB2HHAW
imgeng-hash: 0d05e4e7b15c575f215c5b51acb28925
cache-control: public, max-age=85988, s-maxage=84629
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 114ms
42ms Script
application/javascript 13.224.89.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=606f24ad712197fe49f8e252
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-159.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 01:05:00 GMT
content-encoding: gzip
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
age: 53973
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: XlsB9vop1SkabfHkpRrf0yyu2lFdOGef_IxVVU99pz0MhrHeD4eNrw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 102 KB
40 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157365854-1

Requested by

Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86a2a3d8554ec67f39ec7124f7440100e3e395a0d3fff58783e3d7870918439b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41348
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:04:32 GMT

GET
H/1.1 200
OK ajax.js Show response
thedirect.s3.amazonaws.com/articles/wandavision/ 1 KB
2 KB 138ms
138ms Script
text/javascript 52.216.100.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thedirect.s3.amazonaws.com/articles/wandavision/ajax.js
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.100.115 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 550caa2ee11653d68188f149e4aa3fad40bb1fcb096e5e72543a64c126e2525a

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:34 GMT
Last-Modified: Fri, 30 Jul 2021 22:12:34 GMT
Server: AmazonS3
x-amz-request-id: B37NVSR3GXJS79H1
ETag: "d613ac720dbb0a4b2391b1224cfc8b73"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 1324
x-amz-id-2: e03/LcbV27ddVzcFsiRCCwAXQUls+X7YG8+kgdfOoA1smTPZeTHOovCEI3TWUHBZAgTaPYsNXkY=

GET
H3-29 200 / Show response
thedirect.com/article/getUpNext/ 627 B
565 B 182ms
182ms XHR
text/html 2606:4700:10::6816:154f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedirect.com/article/getUpNext/?article=6450

Requested by

Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=606f24ad712197fe49f8e252

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:154f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06fae3b416263d00162474a5d3771d3c80429ac65a53152d197451f4ad53cce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /article/getUpNext/?article=6450
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: thedirect.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
:method: GET
Accept: */*
Referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=10
cf-ray: 6778102b68a5435d-FRA
vary: Accept-Encoding
expires: Sat, 31 Jul 2021 16:04:43 GMT

GET
H3-29 200 / Show response
thedirect.com/article/getLatest/ 3 KB
1 KB 190ms
189ms XHR
text/html 2606:4700:10::6816:154f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedirect.com/article/getLatest/?article=6450

Requested by

Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=606f24ad712197fe49f8e252

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:154f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

858695b36636e7ab8069648a7f83b5e40316be5e1c46fbef9df6d217f579dde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /article/getLatest/?article=6450
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: thedirect.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
:method: GET
Accept: */*
Referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=10
cf-ray: 6778102b68a8435d-FRA
vary: Accept-Encoding
expires: Sat, 31 Jul 2021 16:04:43 GMT

GET
H3-29 200 / Show response
thedirect.com/article/getDirectFact/ 1 KB
838 B 152ms
152ms XHR
text/html 2606:4700:10::6816:154f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedirect.com/article/getDirectFact/?article=6450

Requested by

Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=606f24ad712197fe49f8e252

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:154f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acfac3402d6959765bbffd034dbaf1815219b968772dc15945b4eb7d8723d8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /article/getDirectFact/?article=6450
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: thedirect.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
:method: GET
Accept: */*
Referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=10
cf-ray: 6778102b68aa435d-FRA
vary: Accept-Encoding
expires: Sat, 31 Jul 2021 16:04:43 GMT

GET
H3-29 200 / Show response
thedirect.com/article/getTrending/ 3 KB
996 B 199ms
199ms XHR
text/html 2606:4700:10::6816:154f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thedirect.com/article/getTrending/?article=6450

Requested by

Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=606f24ad712197fe49f8e252

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:154f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be61dcd52d57a2923a779af6b63d9fb1802d3c7c0246f281795b7c3ad51cb9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /article/getTrending/?article=6450
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: thedirect.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
:method: GET
Accept: */*
Referer: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: text/html; charset=utf-8
cache-control: max-age=10
cf-ray: 6778102b68ad435d-FRA
vary: Accept-Encoding
expires: Sat, 31 Jul 2021 16:04:43 GMT

GET
H2 200 Thumbnail_2.jpg
images.thedirect.com/media/article_thumbnail/ 11 KB
11 KB 54ms
53ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/article_thumbnail/Thumbnail_2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 5b114d882e0a586d8cda076773de6d7d9dfda6c74a2dda865c6369f8814d1860

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:33 GMT
via: 1.1 varnish (Varnish/6.5)
age: 14529
x-ie-cache: HIT
content-length: 11058
x-amz-id-2: wmxhoMWreObPJOvCnpsBJRskSbVsRHms9oLaNQYZz2u07Ux17kUYT7AKHLgr/RVpW+jfcIqtUC4=
last-modified: Fri, 23 Jul 2021 15:59:21 GMT
server: ScientiaMobile ImageEngine
etag: "0b4021ac93388a57625d1f09da32b5ca-c98f34d941e4f793e80b4041d1f3569c"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: 66PZ014RNTMHBDFN
imgeng-hash: c98f34d941e4f793e80b4041d1f3569c
cache-control: public, max-age=84687, s-maxage=78960
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 spider-man-no-way-home-daredevil-venom-doctor-strange.jpg
images.thedirect.com/media/article_thumbnail/ 13 KB
13 KB 52ms
51ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/article_thumbnail/spider-man-no-way-home-daredevil-venom-doctor-strange.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 13dc4d76765dad7cd9e8f31dfcda1dffc4912f704a2f7639472fa07456c5a21f

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:33 GMT
via: 1.1 varnish (Varnish/6.5)
age: 5897
x-ie-cache: HIT
content-length: 12886
x-amz-id-2: I+7m46qn4e9z4tpHaiZL4wgjQhjC9EoAYr2bdnmzjt3wwt95s/jB3okVHSmZ5nYLYI8yWnnzDPo=
last-modified: Fri, 23 Jul 2021 16:42:12 GMT
server: ScientiaMobile ImageEngine
etag: "afdd09309d0ba17949a2f71541c70ba0-acf1c0e2b48bef7b69f7374f6bd249f9"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: FAVZVNKVV3EE27SP
imgeng-hash: acf1c0e2b48bef7b69f7374f6bd249f9
cache-control: public, max-age=78567, s-maxage=84598
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 marvel-mcu-deleted-scenes.jpg
images.thedirect.com/media/article_thumbnail/ 12 KB
12 KB 49ms
48ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/article_thumbnail/marvel-mcu-deleted-scenes.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: 75e58b10cddb659c62e2562a1fe4d638449b13f76614554a55b16007bb559efc

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:33 GMT
via: 1.1 varnish (Varnish/6.5)
age: 30052
x-ie-cache: HIT
content-length: 11974
x-amz-id-2: jI5Gj0seITlLkUoOcWPDxdEN6zsSutQjWVzn8hJ5Gsub4PbhiNO2juiOMSy4t6mba6qbPywuY/k=
last-modified: Sun, 18 Jul 2021 20:45:36 GMT
server: ScientiaMobile ImageEngine
etag: "c54157a65beb8c329b931e69adb079cb-66ec00543cf24737d89d49d1655e32c2"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: 9VJ13CGX9W5WZK0H
imgeng-hash: 66ec00543cf24737d89d49d1655e32c2
cache-control: public, max-age=79336, s-maxage=80689
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 black-widow-yelena-winter-soldier-mcu.jpg
images.thedirect.com/media/article_thumbnail/ 11 KB
12 KB 56ms
56ms Image
image/webp 52.47.63.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thedirect.com/media/article_thumbnail/black-widow-yelena-winter-soldier-mcu.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.47.63.168 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-63-168.eu-west-3.compute.amazonaws.com
Software: ScientiaMobile ImageEngine /
Resource Hash: a860677131d592e249e55131e4f7f251fdba4e0cc4e2f67fc37cddcad248311a

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:33 GMT
via: 1.1 varnish (Varnish/6.5)
age: 30550
x-ie-cache: HIT
content-length: 11772
x-amz-id-2: W5dkxeXStA5/XyAVmiULBxY1izac/mepM+pp+I9OqyzjmI0O0i1u1kQeXVlpFOUlEJoTgX+ITzo=
last-modified: Thu, 22 Jul 2021 22:25:42 GMT
server: ScientiaMobile ImageEngine
etag: "cbaddb59bab26b4138b660fb2c585d2a-308f4c71b3379ccc80d75449d413bc4e"
vary: Origin,Dpr,User-Agent,Sec-Fetch-Dest,Width,Viewport-Width,Save-Data,Accept
x-amz-request-id: PGFYYD08ER8FZG4P
imgeng-hash: 308f4c71b3379ccc80d75449d413bc4e
cache-control: public, max-age=82615, s-maxage=84637
imgeng-img-status: optimized
accept-ranges: bytes
content-type: image/webp

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 172 KB
38 KB 40ms
13ms Script
text/javascript 2600:9000:2190:5200:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5200:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 03802d56a58d8b2e0c1387eded20a50bae6fcd2e6d5603edbe8d78f7dce0d41b

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 15:59:42 GMT
content-encoding: gzip
age: 291
etag: W/"2af1e-+5OpDRwC1x4aCv4JrvWtVBVbA8Q"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: mXnsO6DozUqnG24Wlckh9gj5DFgoezxCyrw4e-yIWY-SbPPCVC1SoQ==

GET
H/1.1 200
OK webflow.js Show response
thedirect.s3.amazonaws.com/general/WandaVision/ 39 KB
39 KB 138ms
138ms Script
text/javascript 52.216.100.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thedirect.s3.amazonaws.com/general/WandaVision/webflow.js
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.100.115 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8602a7537f44c16111cec616e9b63746e321bb61976e9c442860dbf41f24bd84

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:34 GMT
Last-Modified: Fri, 30 Jul 2021 22:13:01 GMT
Server: AmazonS3
x-amz-request-id: B37T89JXKKJGF3BG
ETag: "cd29deb3e2281dd3c0954812024aba87"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 39767
x-amz-id-2: w2Zpx+Dd8vcxd5M8dWfpSGxNL9UcOfszIePXTJzejL36UGYYmzoS0IrGAqLQ1rSC5VjWa5ISeRw=

GET
H2 200 60e87377baf861001984cbc7.js Show response
buttons-config.sharethis.com/js/ 554 B
935 B 55ms
14ms Script
text/javascript 2600:9000:2190:9c00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/60e87377baf861001984cbc7.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb9334dbc350b9bb88caf09723a615389478c3be9dcf3fd4d5a4d6e8e32cb583

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 31 Jul 2021 16:03:57 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
last-modified: Fri, 09 Jul 2021 19:14:50 GMT
server: AmazonS3
age: 56
etag: "120ec04a9c5a27c289b2a584f82f7224"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 554
x-amz-cf-id: Kn9QH2X6thc1W_MldPWuVHpJvEvc9ORB-wv3408oLWmfGHriyUMnTQ==

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame F013 2 KB
1 KB 46ms
12ms Document
text/html 2600:9000:2190:9000:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thedirect.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedirect.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Sat, 31 Jul 2021 15:21:00 GMT
cache-control: max-age=3600, public
etag: W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: LSSKoe6rYqS1mnG1I3qxQryURsTNfLUTzOFsD_n9mTGlr835t2OmeQ==
age: 2613

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 270 B
516 B 512ms
134ms Script
text/javascript 3.219.65.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.65.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-65-2.compute-1.amazonaws.com
Software: / Express
Resource Hash: ebd245dc638eb55d8735cf3f79becaf67642408fe8feb7b434fe79a6a704bfbd

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:34 GMT
Cache-Control: public, max-age=900
ETag: f84010deaee1962abef113ea372257ba
Connection: keep-alive
X-Powered-By: Express
Content-Length: 270
Content-Type: text/javascript; charset=utf-8

GET
H2 200 facebook-white.svg
platform-cdn.sharethis.com/img/ 357 B
735 B 45ms
12ms Image
image/svg+xml 2600:9000:2190:600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook-white.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 18:58:03 GMT
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1631191
etag: "d2c2caf5b123988ddd17ceeb1c7d9d50"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 357
x-amz-cf-id: bS90kYqV8aXsrbfav1g8yIIpdC1FvL2xk6gagNEBnWnRZyF5EqIo2Q==

GET
H2 200 twitter-white.svg
platform-cdn.sharethis.com/img/ 797 B
1 KB 48ms
14ms Image
image/svg+xml 2600:9000:2190:600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter-white.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26a112b47990822d68103d4ac8d452f78d1da928874a376a7335d26244b50431

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 14 Jul 2021 20:52:25 GMT
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1451529
etag: "011c4584e5c59c6dc0daa1fa5c845b76"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 797
x-amz-cf-id: OF2xs2DTOqt9JVDuV0Z-dM7ZFswEiSqDePmb3Ti8aveDLtUKU5Lp4g==

GET
H2 200 reddit-white.svg
platform-cdn.sharethis.com/img/ 3 KB
2 KB 49ms
15ms Image
image/svg+xml 2600:9000:2190:600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/reddit-white.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 913cd8d481a1c37ca2326b5242f09e92fddd532d93e5c8830a71b5620f10b332

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 15 Jul 2021 00:11:09 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1439605
etag: W/"4e9ff86f0b516d12fdf135941bf88d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 2d9cRJg9nGAgqaSYNH95EpPoGpiRAZO8Kh61femamirxBtKVvttEYQ==

GET
H2 200 messenger-white.svg
platform-cdn.sharethis.com/img/ 346 B
724 B 48ms
14ms Image
image/svg+xml 2600:9000:2190:600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/messenger-white.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a72a6a001720eb75f9c7381db5a0b011430aa144a1da8beca753fdecfa063e1

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 04 Jul 2021 00:15:24 GMT
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2389750
etag: "6e47d1a316ff66022db5c84721bb6cb2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 346
x-amz-cf-id: mdQwQdavWuigPCb7Jrjdb27ePkqCPfk4PKzvEbB-k8qibOLJk8REhg==

GET
H2 200 email-white.svg
platform-cdn.sharethis.com/img/ 599 B
978 B 46ms
13ms Image
image/svg+xml 2600:9000:2190:600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email-white.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5110c1e29bb22f0c8ae1b7af3c994dd4f580d05d8773f5fb1f031b5ce1560c83

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 03 Jul 2021 13:03:00 GMT
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2430094
etag: "69eb3e5fe732c6c9862f5ec42580e1a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 599
x-amz-cf-id: OQxdvlBlQu2ZYWPJjNiALmzEffLnlcNz9ZkzpnbvtPxwW7TdV96ncQ==

GET
H2 200 sharethis-white.svg
platform-cdn.sharethis.com/img/ 625 B
1003 B 46ms
14ms Image
image/svg+xml 2600:9000:2190:600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis-white.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5e92663d140c2742136bd09372e2d37c070b09e3de4cd3bf16dabce17cd02d8

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 10 Jul 2021 18:31:45 GMT
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1805569
etag: "2506159844f1711ede2746e62df1370a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 625
x-amz-cf-id: Yd5x4OtHU4I_zMC1xyP3Tup883JmeBzFAfAdDZNr50KwJC7gn_4U7Q==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
335 B 146ms
37ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=thedirect.com&location=%2Farticle%2Fant-man-3-marvel-funny-filming-set-update&product=inline-share-buttons&url=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&cms=unknown&publisher=60e87377baf861001984cbc7&sop=true&bsamesite=true&consent_cookie_duration=85&consent_duration=85&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Ant-Man%20and%20the%20Wasp%3A%20Quantumania%20writer%20Jeff%20Loveness%20has%20shared%20a%20funny%20behind-the-scenes%20image%20from%20the%20set%20of%20the%20sequel
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:33 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://thedirect.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V3KHRQQGZ1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157365854-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b37418aa99ce5ed683f383e399850530f985d8a4396919b519506ee2ef62019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51070
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:04:34 GMT

GET
H2 200 333 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 598ms
212ms Script
application/javascript 35.167.53.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/333?url=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&ref=
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.53.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-53-177.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e505ac51c1270a3ce375a5582826d2a5ffac3f384d9526d9d0fc7aca8e929862

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:34 GMT
server: nginx/1.18.0
content-length: 3279
content-type: application/javascript

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/thedirect-thedirect/ 167 KB
23 KB 189ms
131ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 183b018d6669d6ff756c38718433c70388256de25d1579078bfdea0f1fbd5200

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: WOwjrw__2jvPGwGAnbGIx879ayxddlI2
content-encoding: gzip
etag: "1073491b7b2719d4d4c073c4780c73de"
age: 0
x-cache: HIT
content-length: 23376
x-amz-id-2: OYXelLEPUDJmC4pJPAdUxnhboafGVm/JX6CSnQLyXZ+drmZGypDdZluqIl/T+PKkgaGjustc9mo=
x-served-by: cache-fra19176-FRA
last-modified: Thu, 29 Jul 2021 08:50:12 GMT
server: AmazonS3
x-timer: S1627747474.086214,VS0,VE102
date: Sat, 31 Jul 2021 16:04:34 GMT
vary: Accept-Encoding
x-amz-request-id: 4MAQYZ0975JD4CFN
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 64
x-cache-hits: 1

POST
H2 204 collect
www.google-analytics.com/g/ 0
70 B 13ms
12ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-V3KHRQQGZ1&gtm=2oe7s0&_p=1708753978&sr=1600x1200&ul=en-us&cid=2093613540.1627747474&_s=1&dl=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&dt=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&sid=1627747474&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V3KHRQQGZ1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157365854-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 1680
date: Sat, 31 Jul 2021 15:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sat, 31 Jul 2021 17:36:34 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1708753978&t=pageview&_s=1&dl=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&ul=en-us&de=UTF-8&dt=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1144309593&gjid=1765934400&cid=2093613540.1627747474&tid=UA-157365854-1&_gid=257534902.1627747474&_r=1&gtm=2ou7s0&cd1=&z=319583750

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-157365854-1&cid=2093613540.1627747474&jid=1144309593&gjid=1765934400&_gid=257534902.1627747474&_u=YADAAUAAAAAAAC~&z=1804626829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 31 Jul 2021 16:04:34 GMT
content-type: text/plain
access-control-allow-origin: https://thedirect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/thedirect-thedirect/ 3 KB
2 KB 403ms
339ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/thedirect-thedirect/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19484c52393ea4d7b6b8cd3f0292e3a363ed5046d84799606ac1fe5d0d620ec7

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kJk24ifXNx5ggQyuRbseAqUOH.fZMolx
content-encoding: gzip
etag: "1174cbe72b146cdec9c73819d598a7c5"
age: 0
x-cache: HIT, HIT
content-length: 1165
x-amz-id-2: CbbZJAxvPoPbXf7yyRIbuN3y3jOigEc8cVMcljQfFOm9n+wU/VK4z5I7i+m31bQ3rCOr9gFhplc=
x-served-by: cache-sna10725-LGB, cache-fra19158-FRA
last-modified: Mon, 12 Jul 2021 16:47:12 GMT
server: AmazonS3
x-timer: S1627747474.309954,VS0,VE311
date: Sat, 31 Jul 2021 16:04:34 GMT
vary: Accept-Encoding,,
x-amz-request-id: EY3J73TMVP34CWDW
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20210729-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 530 KB
118 KB 28ms
27ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 59cb71b9e76b9047bb3d25ff19b6fd4edd00341332c326e9b3c464bc24c5369f

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3ZZCVb_yWNxeLgC1c2_aII0RM8QQYvue
content-encoding: br
etag: "26b9456a5c2cd0e3722c76868e1953d8"
age: 26652
x-cache: HIT
content-length: 120503
x-amz-id-2: cvpXV+OYxr1qkvjVFHw6LP+2pTIRwV6RQeyy8LZciYb1V5BbzuJ1O4cUiI7iXa1NzlZNTpXCVCs=
x-served-by: cache-fra19176-FRA
last-modified: Thu, 29 Jul 2021 08:34:42 GMT
server: AmazonS3-br
x-timer: S1627747474.246541,VS0,VE0
date: Sat, 31 Jul 2021 16:04:34 GMT
vary: Accept-Encoding
x-amz-request-id: E30099QD49D0AXN6
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 17
x-cache-hits: 74588

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 101ms
32ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:10 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 25
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: ZBM9TeNgj2K5sAFfUZVy0QZYfXQwQcyMjZ3MZsOqq8iRxoKv1-S_2g==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1627747474338&ns_c=UTF-8&cv=3.5&c8=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&c7=https%3A...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1627747474338&ns_c=UTF-8&cv=3.5&c8=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&c7=https%3...

64 B
329 B

41ms
41ms

Image
image/gif

13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1627747474338&ns_c=UTF-8&cv=3.5&c8=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&c7=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:34 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: km3f_Ggnf5N1h902s1iy5wvQUlQ3Xb9VwhNpPI3yytObfjhVtMd19w==

Redirect headers

date: Sat, 31 Jul 2021 16:04:34 GMT
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1627747474338&ns_c=UTF-8&cv=3.5&c8=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%20-%20The%20Direct&c7=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&c9=
content-length: 398
x-amz-cf-id: AVCql9bUyKzBmakk4_SbrtUlWj-omIg9GTyiv1SpX8MRlt4j3jw7tw==

GET
H/1.1 200
OK embed.js Show response
thedirect.disqus.com/ 75 KB
25 KB 87ms
28ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thedirect.disqus.com/embed.js

Requested by

Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

ad1c2f87c4f1bf32a4e6cef90ab58775e608d7808d913a72cd5d4d65e3ddec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:34 GMT
Content-Encoding: gzip
Server: openresty
Age: 34
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24718

GET
H2 200 json Show response
trc.taboola.com/thedirect-thedirect/trc/3/ 48 KB
13 KB 927ms
925ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thedirect-thedirect/trc/3/json?tim=18%3A04%3A34.518&lti=deflated&data=%7B%22id%22%3A168%2C%22ii%22%3A%22%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1627548602094%2C%22vi%22%3A1627747474516%2C%22cv%22%3A%2220210729-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3676%2C%22qs%22%3A%22%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3335.5%2C%22mw%22%3A800%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 84e32394c5b5910ab7818e0dab2c450b18fb8669a1bc9a5a549a2f6e5fc9e336

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 898
date: Sat, 31 Jul 2021 16:04:35 GMT
content-encoding: gzip
server: nginx
x-timer: S1627747475.531500,VS0,VE898
x-served-by: cache-fra19176-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://thedirect.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 579ms
193ms Script
application/javascript 54.187.25.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/333?url=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.25.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 17:27:12 GMT
server: nginx/1.18.0
etag: W/"1627493232.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Sun, 01 Aug 2021 04:04:35 GMT

GET
H2 200 333 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 581ms
195ms Script
text/html 44.240.109.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/333
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/333?url=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.109.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44e7b4e1f9bad4c4770eb9acfae713263ce4f4df9814442c3b269eb26e496f6f

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
content-encoding: gzip
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&adnxs_id=887796462813939878

43 B
471 B

598ms
363ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&adnxs_id=887796462813939878
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sun, 01 Aug 2021 04:04:35 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 31 Jul 2021 16:04:34 GMT
X-Proxy-Origin: 89.238.186.253; 89.238.186.253; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 62c81abf-9d66-49f5-8fd2-12cecc3dfa98
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&adnxs_id=887796462813939878
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
https://ids.ad.gt/api/v1/t_match?tdid=5b7cd01d-2d8b-4336-aa18-5ee25bff9da3&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4

43 B
478 B

360ms
208ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=5b7cd01d-2d8b-4336-aa18-5ee25bff9da3&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sun, 01 Aug 2021 04:04:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=5b7cd01d-2d8b-4336-aa18-5ee25bff9da3&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
https://ids.ad.gt/api/v1/pbm_match?pbm=D9EC5F12-5827-4DB0-A57C-25B71CD33ADF&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4

43 B
480 B

364ms
208ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=D9EC5F12-5827-4DB0-A57C-25B71CD33ADF&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sun, 01 Aug 2021 04:04:35 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=D9EC5F12-5827-4DB0-A57C-25B71CD33ADF&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
date: Sat, 31 Jul 2021 16:04:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&google_tc=
https://ids.ad.gt/api/v1/g_match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&google_gid=CAESEGAYgb9t6SRO9aI5i9p5kSg&google_cver=1&google_ula=450542624,0

43 B
478 B

579ms
363ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&google_gid=CAESEGAYgb9t6SRO9aI5i9p5kSg&google_cver=1&google_ula=450542624,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sun, 01 Aug 2021 04:04:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&google_gid=CAESEGAYgb9t6SRO9aI5i9p5kSg&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzFlNTFmZmYtN2VhMy00OGY1LWI1YTEtZjllNDgxZmI5YWQ0
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzFlNTFmZmYtN2VhMy00OGY1LWI1YTEtZjllNDgxZmI5YWQ0&google_tc=

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzFlNTFmZmYtN2VhMy00OGY1LWI1YTEtZjllNDgxZmI5YWQ0&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzFlNTFmZmYtN2VhMy00OGY1LWI1YTEtZjllNDgxZmI5YWQ0&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
151 B 96ms
95ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
pragma: no-cache
date: Sat, 31 Jul 2021 16:04:34 GMT
via: 1.1 varnish
server: nginx
x-timer: S1627747475.629833,VS0,VE68
x-served-by: cache-fra19176-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&impr_uid=5d9cade4-754e-4549-9d5f-93f7d5b00d65

43 B
485 B

578ms
363ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&impr_uid=5d9cade4-754e-4549-9d5f-93f7d5b00d65
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sun, 01 Aug 2021 04:04:35 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/impr_match?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&impr_uid=5d9cade4-754e-4549-9d5f-93f7d5b00d65
date: Sat, 31 Jul 2021 16:04:34 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

204
No Content

token
token.rubiconproject.com/
Redirect Chain

https://ids.ad.gt/api/v1/rub?id=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4
https://token.rubiconproject.com/token?pid=50242&puid=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&gdpr=0

0
214 B

141ms
35ms

Image
text/plain

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://token.rubiconproject.com/token?pid=50242&puid=31e51fff-7ea3-48f5-b5a1-f9e481fb9ad4&gdpr=0
date: Sat, 31 Jul 2021 16:04:35 GMT
server: nginx/1.18.0
content-length: 417
content-type: text/html; charset=utf-8

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 46ms
14ms Other
text/css 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1629807
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Ewpcv9bQ0TUMYyYo82kVlt56xIKy1po6SgYfQ6ii3AXWYlkTu20XKA==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 0
93 KB 13ms
13ms Other
application/javascript 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022241
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 0UnX6eSLVyNraZ6LdwrfAMaNfHRz24KvSOJozkBjOX6Tp8hI-NS87g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js
c.disquscdn.com/next/embed/ 0
119 KB 28ms
27ms Other
application/javascript 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940702
x-cache: Hit from cloudfront
content-length: 120690
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-1d772"
content-type: application/javascript; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 5zTo_2IYTPmYj5VLVGnwRi3BftQvHrzH5-ASV12Tx3NraM5gEYrcSA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 110ms
36ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:34 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 46
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12213
X-XSS-Protection: 1; mode=block

GET
H2 200 pmk-202010011.1.js Show response
widget.perfectmarket.com/thedirect-thedirect/ 118 KB
32 KB 27ms
27ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/thedirect-thedirect/pmk-202010011.1.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/thedirect-thedirect/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 436a01b6b0ba1906b83fa19da55e8ba2fa77751c2d9da4b5f2fa53baaab43fea

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 82bI1mcZFEHs1JhsflONz6.VrsgYlHVk
content-encoding: gzip
etag: "6a5b20c9447ba7aca956e63e062e99c1"
age: 786902
x-cache: HIT, HIT
content-length: 32403
x-amz-id-2: 9sOI4NbCNCHorv+NJksbVPcOYZR+wNvSo7J8Lbkl2NN/xrt4jOA5MVVQJZleunFQNujlC0UM3Lw=
x-served-by: cache-lax10621-LGB, cache-fra19158-FRA
last-modified: Mon, 12 Jul 2021 16:47:11 GMT
server: AmazonS3
x-timer: S1627747475.650578,VS0,VE0
date: Sat, 31 Jul 2021 16:04:34 GMT
vary: Accept-Encoding,,
x-amz-request-id: 9HTMCJJX68KHBET5
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2, 3

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 5157 6 KB
4 KB 216ms
142ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d534d36bb0bc964ab649fcb8a9d6d3c334d9cdfbcdd1d574c50b99aa5261e1bb

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thedirect.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedirect.com/

Response headers

Connection: keep-alive
Content-Length: 2796
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 30 Jul 2021 23:52:53 GMT
ETag: W/"lounge:view:8682697301.e15cd534c457b05f6e8614732234dd3b.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Sat, 31 Jul 2021 16:04:34 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.load.7302391be467f75d298eac65b5cfa2cc.js Show response
c.disquscdn.com/next/embed/ Frame 5157 1 KB
1 KB 37ms
11ms Script
application/javascript 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.7302391be467f75d298eac65b5cfa2cc.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aa9ee4c2caf4f0c4054f1da752a01fec1ff1a656983327b69a75c3c0b63ef270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940701
x-cache: Hit from cloudfront
content-length: 534
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-216"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: nsfDvXp1cnQn5BBe-w8S7S3eAHw3QZXmh4MzqELRYyyP05Mnr0XJmg==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js Show response
c.disquscdn.com/next/embed/ Frame 5157 282 KB
93 KB 12ms
11ms Script
application/javascript 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.7302391be467f75d298eac65b5cfa2cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022242
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: bh0JE2US5PgP-yZ7ofxyxGz6-Tsy5W5xUIEDOJI0TDFNk21NLuefrA==
x-cache-hits: 0

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ Frame 5157 163 KB
26 KB 12ms
11ms Stylesheet
text/css 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1629808
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: nXID9AkJXHOhphnAPjcPQURqC80ZxepXTGZ46ybMhRoXubqBKPb0_g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js Show response
c.disquscdn.com/next/embed/ Frame 5157 468 KB
119 KB 12ms
12ms Script
application/javascript 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bd3479f3c97c6aa3b27aaaae6eb5407fbdc64a942d876db9fbbb08ce06ad63d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940703
x-cache: Hit from cloudfront
content-length: 120690
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-1d772"
content-type: application/javascript; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: oO_u8bAST-uN1knzMrJlDrRTfYN5SV4Xp3qDOqw5uYEJkFJQCLNoGg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 5157 12 KB
12 KB 35ms
35ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5da1b441bda2c1fc650189d51c9ea82441e6ec7d6f65b0bf02bc954b15e073cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:35 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 46
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12213
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 5157 3 KB
3 KB 35ms
35ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=thedirect&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

be3d57858a2857061832600202f5864560c480cd72eaea1e8270125df145be72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:35 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 94
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3128
X-XSS-Protection: 1; mode=block

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/625/3241/ Frame 5157 771 B
1 KB 12ms
12ms Image
image/jpeg 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/625/3241/avatar92.jpg?1594752550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c7d3537410d501cf820611aec5c8d54dc4883a6f8187ad655fd638cc25298a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 22:41:32 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5332983
x-cache: Hit from cloudfront
content-length: 771
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Tue, 14 Jul 2020 18:49:11 GMT
server: nginx
etag: "d57a4e64a74536a4adadeded17935f3e"
content-type: image/jpeg
expires: Mon, 30 May 2022 22:41:32 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: B0QO4mhA8Qa6_v1ZNnF3UPmqVD0zHzskCoGAu0X1LZUsoEQySMLy-Q==
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame 5157 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 5157 13 KB
13 KB 12ms
11ms Image
image/svg+xml 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8126814
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1jaVyfkkAQLCwC48N6BEYNjRkhrB9G5eOKvkxuunioMaBbmRdp2EMQ==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 5157 3 KB
3 KB 12ms
11ms Image
image/gif 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 15419188
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yhSZbm7GQa_ncrCLPGpmr9ZqQ-gmqaCiCE1213wHy0kFiMU5YMJDOA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 5157 8 KB
8 KB 13ms
12ms Font
application/octet-stream 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7628581
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WzqQ9ql9dNkR2rOZ4uJlAYWHEdsae-tpTG-IA6nmFxdqaqfld5dpWw==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 2AAF 337 B
806 B 13ms
13ms Stylesheet
text/css 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7563061
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: jg7gZFpAqZN-qtQUO3VMiEgNel7QA6I5cbT53tsaOF0B2gMW7cgktg==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 307C 337 B
806 B 12ms
11ms Stylesheet
text/css 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7563061
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: -klbcZia0svtuHKcmUiIAgv9_HEmPx0UAkARHYDmrFx6Ig567Qu3qw==
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 5157 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab516284cfd662402ca1d74ee2853871259ffca8df084a3cc63e2a0d783875a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cFTlFkHXoYq/wd4j6vD2pA==
cross-origin-resource-policy: cross-origin
expires: Sat, 31 Jul 2021 16:15:28 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: AT6551h3V8Sq8dqAPJZbXoFfofeNnqxSersV7KWWcWhDHe2iuhGZaYHGC65u/bw+dJU9P19rs47TuxvJ8kl7mg==
x-fb-trip-id: 2050670934
x-fb-content-md5: 1a2e04a30eab8c555d3d5112739e07a6
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Sat, 31 Jul 2021 16:04:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "28d7de3a173be628dcced294c40cad0b"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET api.js
apis.google.com/js/ Frame 5157 0
0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 5157 13 KB
13 KB 12ms
11ms Image
image/svg+xml 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8126814
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: QUzhnwaAAyUmehOebfNrl_0fFboqLDoWB1gsxI7KLtmscGS_o7eZgg==
x-cache-hits: 0

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 587ms
194ms Script
text/plain 35.82.147.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=18eef6b7c84f3bdc518e9bab03364ac4&url=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/333
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.147.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 31 Jul 2021 16:04:35 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/333

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: mWSSMKdlGuX9Cvwq5mI3Z9vNDxMO3U6zLlDLzG/FwBQY8agJbC2+FwLUCVjQiqh7lc9b30UriVdFcO++RzufAg==
x-frame-options: DENY
date: Sat, 31 Jul 2021 16:04:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
827 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 15:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:51:12 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 15:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:56:44 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 5157 227 KB
66 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a5a4ac7e4805e6d2873a78b9f2b1f1ed

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19d4769a84fc5e58a47a7e0b9794ea591c92827cf65f638429bfda0bf8ca3440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GOfPPC73TnTrZMbWQoB/dA==
cross-origin-resource-policy: cross-origin
expires: Sun, 31 Jul 2022 13:35:40 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67638
x-fb-rlafr: 0
x-fb-debug: PbnDbIN7H/ap0PwE0Qk+Hk3oFquyTkKfMpWt4N28kjdHQkwt07XlIO0pCfXb8Z26UKXdvtGSYeGt/BV99lO5aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: cce099ef5e4708d1398083fefc3bfe53
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 31 Jul 2021 16:04:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ddcfaeac9a2eb64880a0b1ba1d14b4e7"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

990f1d0013531c0e9894935d4f185fb80a65f814c76f4b672f52f67ec1fbb038

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74977
x-xss-protection: 0
pragma: public
x-fb-debug: 7OzclDMOovmZZDQYb8g00FFKByN8DeNbv65xrW9Wgp1AYfbZVET3rE/QbGJQ4XENUe6osqU/jjB14Bd0M2L+yg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 31 Jul 2021 16:04:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 5157 0
0 35ms
35ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fthedirect.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dthedirect%26t_u%3Dhttps%253A%252F%252Fthedirect.com%252Farticle%252Fant-man-3-marvel-funny-filming-set-update%253Futm_content%253Dbufferebc69%2526utm_medium%253Dsocial%2526utm_source%253Dtwitter.com%2526utm_campaign%253Dbuffer%26t_d%3DAnt-Man%25203%2520Writer%2520Shares%2520Funny%2520Update%2520From%2520Marvel%2520Set%26t_t%3DAnt-Man%25203%2520Writer%2520Shares%2520Funny%2520Update%2520From%2520Marvel%2520Set%26s_o%3Ddefault%23version%3D7302391be467f75d298eac65b5cfa2cc&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Tqep5Yiwb9ALKES1E9dOvrzcp4urzr+/irMTSOTqbF7G8GJcQy6bUisSj4w5dDJha74VZk3nJsTbHu+V1hvHeg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 31 Jul 2021 16:04:35 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
220 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&rl=&if=false&ts=1627747475425&cd[partner_id]=333&cd[tagger_id]=18eef6b7c84f3bdc518e9bab03364ac4&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1627747475424.681081598&it=1627747475372&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 31 Jul 2021 16:04:35 GMT

GET
H2 200 tfa-eid.20210729-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 32ms
31ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210729-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f7871d93d5c3d1704ff63df786e947d15254a0dc27af5b429b03a7090d07ff0

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KIt47jUShIAEejR4_9LKbcUQxM1qfkyU
content-encoding: gzip
etag: "1420293eab19df25c2ca25d9d3552a23"
age: 37
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: Eb9VYvSNNZp/7tpiIvYlcUWCA159EDpemM7AJBFR6yae+ggwAy9epCPh8sYLIzu13Qj0nUmguQk=
x-served-by: cache-fra19176-FRA
last-modified: Thu, 29 Jul 2021 12:45:46 GMT
server: AmazonS3
x-timer: S1627747475.489605,VS0,VE0
date: Sat, 31 Jul 2021 16:04:35 GMT
vary: Accept-Encoding
x-amz-request-id: 4ABCGB3XPJ7A1XKH
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 17
x-cache-hits: 137

GET
H2 200 sha256.20210729-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 32ms
32ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210729-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8fbfb42bb82ce3052352ce7cf22ae4e2b0dbeed1c324f2c490e8e0405d09b3d7

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zxaJkOHJyCvsP09HGr0yxlkmlSldsQYt
content-encoding: gzip
etag: "d2490b745585466574523b6bd4db0629"
age: 99
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: zHb1egd2VQ09BdWYbJVnhPMEjJAgxL22Irs43pJ431Lp3CtqFn5X7tYyWoqZtQzccsq0orwX2Fc=
x-served-by: cache-fra19176-FRA
last-modified: Thu, 29 Jul 2021 12:45:33 GMT
server: AmazonS3
x-timer: S1627747475.489977,VS0,VE0
date: Sat, 31 Jul 2021 16:04:35 GMT
vary: Accept-Encoding
x-amz-request-id: 10DGCRSMYJWXAD6Z
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 17
x-cache-hits: 326

GET
H2 200 tb Show response
15.taboola.com/ 37 KB
10 KB 53ms
52ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=thedirect-thedirect&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update&encoded=1&uid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1627747475481&tagid=&cntry=CZ&platform=1&sesid=443aa95d0778eba70f2beaa5fd9a2368&itemid=/article/ant-man-3-marvel-funny-filming-set-update&viewid=1627747474516&geolat=&geoing=&deviceifa=&appid=&sd=v2_443aa95d0778eba70f2beaa5fd9a2368_ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12_1627747474_1627747474_CNawjgYQ0IpVGNS4veqvLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAXAA&ri=710decc2fd698fc0bf71bd5ace321b0e&appname=&cdb=&gdprApplies=true&rid=&sii=-8170804876516149208&oee=true&tpubid=1394000&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=10&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1393998&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e52b52d646f09d85a48a87cc6c2c00ebad77cde72c5f8d027b50fa0bd290fe4c

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
content-encoding: gzip
access-control-allow-origin: https://thedirect.com
machineid: 1448
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19176-FRA
pragma: no-cache
server: nginx
x-timer: S1627747475.493876,VS0,VE25
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20210729-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 30ms
29ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210729-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81ac86866f450460ed3daebc32527ec54f64d78153929bd114c8f5fbfcd0f868

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GjDeGqkHxFnX8CKu7jelbrP7GNMckJd4
content-encoding: gzip
etag: "5db1f4600fde9bba62e72e55afbcdb86"
age: 88
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: Dkmtal9L+rgN6Oz1JExDzJ4iAXe40M5qAG7ToVrAhsA+YcjNebx/ALHOP6jO02bkTtS6+3kYFkw=
x-served-by: cache-fra19176-FRA
last-modified: Thu, 29 Jul 2021 12:45:35 GMT
server: AmazonS3
x-timer: S1627747475.495351,VS0,VE0
date: Sat, 31 Jul 2021 16:04:35 GMT
vary: Accept-Encoding
x-amz-request-id: KVY9M2RBJ6MT6KK7
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 17
x-cache-hits: 223

GET
H2 200 userx.20210729-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 29ms
29ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210729-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d3b5cfd747f2915e403e9f4d3310d859ef2b23032411d69ff8cde3e9252594d

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3FWNaQpY14nv9YfgTme19Tpuwt7PAx05
content-encoding: gzip
etag: "4567f38701a0018aa2456bb843567147"
age: 78
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7949
x-amz-id-2: E4rgCevo+PIWHL9GH43jMgop4rQE2wLsZu+2z+Yuat6HMJBq7yf0KlUr5UqoVRP+6N/8EQTin8Q=
x-served-by: cache-fra19176-FRA
last-modified: Thu, 29 Jul 2021 12:45:51 GMT
server: AmazonS3
x-timer: S1627747476.509129,VS0,VE0
date: Sat, 31 Jul 2021 16:04:35 GMT
vary: Accept-Encoding
x-amz-request-id: JZTEPA05A6D6NNTD
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 17
x-cache-hits: 41

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame A7CD 6 KB
4 KB 35ms
35ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d534d36bb0bc964ab649fcb8a9d6d3c334d9cdfbcdd1d574c50b99aa5261e1bb

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thedirect.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: __jid=75epgj939nku3o; disqus_unique=75epgl2k91jbd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedirect.com/

Response headers

Connection: keep-alive
Content-Length: 2796
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 30 Jul 2021 23:52:53 GMT
ETag: W/"lounge:view:8682697301.e15cd534c457b05f6e8614732234dd3b.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Sat, 31 Jul 2021 16:04:35 GMT
Age: 1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 27ms
27ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 106
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: QvMTzrJ1sqHqbtTS38GSlbgcAwEVpb/6/VVZi7XQWhIdO7VhR40gonWNObdQTHplF21EUdzhZZA=
x-served-by: cache-fra19176-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1627747476.539522,VS0,VE0
date: Sat, 31 Jul 2021 16:04:35 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: QQEHSY6P3GVEQ2QG
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 17
x-cache-hits: 132

GET
H2 200 explore-more.20210729-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
7 KB 27ms
27ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20210729-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thedirect-thedirect/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b63016206a811ec3e73149fa4752692a5b55d714b80b0724c6d25ca654f1a985

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 20CLVfmOf1J3TcN20XmSTTBaZArCmSMz
content-encoding: gzip
etag: "6655b4168a4541ab5756a82ffa0c4430"
age: 28
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6760
x-amz-id-2: TFZuekiwXkJuSdsXfFfSEZ2G3Qr+sHsHLqO4SIeJ7tY1EzHm7l4HDavJF3d1ZleBp3v48huf32E=
x-served-by: cache-fra19176-FRA
last-modified: Thu, 29 Jul 2021 12:45:37 GMT
server: AmazonS3
x-timer: S1627747476.544916,VS0,VE0
date: Sat, 31 Jul 2021 16:04:35 GMT
vary: Accept-Encoding
x-amz-request-id: 3PX300KSABDAKHNG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 17
x-cache-hits: 31

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.8/ 96 KB
28 KB 30ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db5bf9a91b7e05388b953154183762971d47ef02aa365db3cf4187dddbb86080

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront), 1.1 varnish
age: 454207
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 28132
x-served-by: cache-fra19176-FRA
last-modified: Mon, 26 Jul 2021 09:53:28 GMT
server: AmazonS3
x-timer: S1627747476.622988,VS0,VE0
etag: "e8d2f43df8d5011ca2de7e55d7bcb3f8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZxadBrSkd87SRI9xwghYSc9r-jUi9_mHxrB5tYJiAgXB8vFjcIz8oQ==
x-cache-hits: 73933

GET
H2 204 social
il-trc-events.taboola.com/thedirect-thedirect/log/3/ 0
231 B 289ms
89ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/thedirect-thedirect/log/3/social?route=AM:IL:V&tvi2=-2&lti=deflated&ri=710decc2fd698fc0bf71bd5ace321b0e&sd=v2_443aa95d0778eba70f2beaa5fd9a2368_ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12_1627747474_1627747474_CNawjgYQ0IpVGNS4veqvLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&pi=/article/ant-man-3-marvel-funny-filming-set-update&wi=-8170804876516149208&pt=text&vi=1627747474516&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set%22%2C%22sec%22%3A%22article%22%2C%22aut%22%3A%5B%22Sam%20Hargrave%22%5D%2C%22img%22%3A%22https%3A%2F%2Fthedirect.s3.amazonaws.com%2Fmedia%2Farticle_full%2FAM3_Writer.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A04%3A35.620&id=7263&llvl=1&cv=20210729-2-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 31 Jul 2021 16:04:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
trc.taboola.com/thedirect-thedirect/log/3/ 0
262 B 94ms
94ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/thedirect-thedirect/log/3/abtests?route=AM:IL:V&tvi2=-2&lti=deflated&ri=710decc2fd698fc0bf71bd5ace321b0e&sd=v2_443aa95d0778eba70f2beaa5fd9a2368_ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12_1627747474_1627747474_CNawjgYQ0IpVGNS4veqvLyABKAEwNzjBqwhA5okQSL6G2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&pi=/article/ant-man-3-marvel-funny-filming-set-update&wi=-8170804876516149208&pt=text&vi=1627747474516&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1627747475632%7D&tim=18%3A04%3A35.632&id=1961&llvl=1&cv=20210729-2-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 67
pragma: no-cache
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish
server: nginx
x-timer: S1627747476.647870,VS0,VE67
x-served-by: cache-fra19176-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 eadafcad67e3d54d5fb825bec486e135.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
14 KB 33ms
31ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eadafcad67e3d54d5fb825bec486e135.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 373f32215698b5c685fa28c63110f6cf0f3c68e2c7ab5d4b6f3b1ff619ee66b4

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1406819
edge-cache-tag: 411907142504635666297386841823132749850,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 95
expiration: expiry-date="Sat, 31 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eadafcad67e3d54d5fb825bec486e135.jpg
content-length: 13898
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Wed, 30 Jun 2021 14:58:00 GMT
server: nginx
x-timer: S1627747476.658047,VS0,VE1
etag: "f99dcd49b864fc563dbaf4fad6624ced"
x-served-by: cache-wdc5556-WDC, cache-dca17764-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 b75f88df3d7d0d0f9f20cb4eae49c875.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
12 KB 34ms
32ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b75f88df3d7d0d0f9f20cb4eae49c875.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 73e99c02aee475f826abfa48b04d238966158bed2fc6b0de6299c64b8dd96fa4

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4439586
edge-cache-tag: 607774692394393994021228870968615286194,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 36
expiration: expiry-date="Sat, 19 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b75f88df3d7d0d0f9f20cb4eae49c875.jpg
content-length: 12132
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 19 May 2021 16:05:13 GMT
server: nginx
x-timer: S1627747476.658061,VS0,VE1
etag: "7fd41344a4f754b4e0af14cd9cfd15b0"
x-served-by: cache-wdc5549-WDC, cache-dca17771-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 95feb8a1bac1de99d9e6c645b9725250.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
15 KB 30ms
29ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a797b8c479f50296be85f64c63c924e364dcf171924f475e6e1719a32181310d

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4441159
edge-cache-tag: 454495853063637850906140981329147654090,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 38
expiration: expiry-date="Thu, 01 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
content-length: 14944
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 31 May 2021 23:18:05 GMT
server: nginx
x-timer: S1627747476.657921,VS0,VE1
etag: "13ad938c59934b479b78fe4c6a06e31c"
x-served-by: cache-wdc5543-WDC, cache-dca17755-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 The-Most-Remarkable-Oscar-Outfits-Ever.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//luxurylife-style.com/wp-content/uploads/ 7 KB
8 KB 32ms
31ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//luxurylife-style.com/wp-content/uploads/The-Most-Remarkable-Oscar-Outfits-Ever.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8cf129e3dd9526e7bee451b7285bcad8cedb292d674a147c82b21d852bd410a4

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1416925
edge-cache-tag: 445346360242726465032208973006017195545,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 188
expiration: expiry-date="Sat, 24 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//luxurylife-style.com/wp-content/uploads/The-Most-Remarkable-Oscar-Outfits-Ever.jpg
content-length: 7350
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 23 Jun 2021 12:40:15 GMT
server: nginx
x-timer: S1627747476.658038,VS0,VE1
etag: "9d1a7c168373fe545b6eb8f6c949de20"
x-served-by: cache-wdc5574-WDC, cache-dca17733-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 v1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//resizing.flixster.com/jPu8iLcdzweaxWTxvDHvbQ49U18%3D/fit-in/1152x864/ 18 KB
19 KB 36ms
35ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//resizing.flixster.com/jPu8iLcdzweaxWTxvDHvbQ49U18%3D/fit-in/1152x864/v1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 003c41d19b1eb5787f5defcb70227c25f95f8b385b8016d7e4690ea3b3316259

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 268672
edge-cache-tag: 294115687647342558516413840454238636568,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 143
expiration: expiry-date="Tue, 03 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//resizing.flixster.com/jPu8iLcdzweaxWTxvDHvbQ49U18%3D/fit-in/1152x864/v1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA
content-length: 18454
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Sat, 03 Jul 2021 19:25:12 GMT
server: nginx
x-timer: S1627747476.658478,VS0,VE1
etag: "81c6ff449a3d2ed42be071210b005112"
x-served-by: cache-wdc5572-WDC, cache-dca17774-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 73250c213c0c8b0a2b9c0728855ec749.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 33ms
33ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/73250c213c0c8b0a2b9c0728855ec749.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b4b8625693aa28e72bb1f27f57644742c979f79eda5b588928c112d67fd3297

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4441205
edge-cache-tag: 543236249243493042395855631023196968017,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 66
expiration: expiry-date="Sat, 12 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/73250c213c0c8b0a2b9c0728855ec749.jpg
content-length: 7680
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Wed, 12 May 2021 04:33:26 GMT
server: nginx
x-timer: S1627747476.658407,VS0,VE1
etag: "2fe962428426c15a61c3177ae69ac98d"
x-served-by: cache-wdc5528-WDC, cache-dca12922-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 39b18a95cada77f69313df99f6326cf6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 32ms
32ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39b18a95cada77f69313df99f6326cf6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e8c5e1474f023e4d20341e15bd5a006451483504732a6bbae06914e5c702fa38

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4441272
edge-cache-tag: 503354400634921894464367962284098690742,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 164
expiration: expiry-date="Fri, 02 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39b18a95cada77f69313df99f6326cf6.jpg
content-length: 11234
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Tue, 01 Jun 2021 16:27:48 GMT
server: nginx
x-timer: S1627747476.688335,VS0,VE1
etag: "c18fbd2b5faa1e4aaf97a7af5b34cf4c"
x-served-by: cache-wdc5528-WDC, cache-dca17783-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 48532e99fd3e2391745a2d45f05c1cef.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 36ms
35ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48532e99fd3e2391745a2d45f05c1cef.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 29e272da6910607cf727fd9a069640ba7701f38aeb5870b3e2afa423a4b4aaae

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4442146
edge-cache-tag: 476857340380205251361942202200864022489,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 20
expiration: expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48532e99fd3e2391745a2d45f05c1cef.jpg
content-length: 9248
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Thu, 20 May 2021 09:23:18 GMT
server: nginx
x-timer: S1627747476.691447,VS0,VE2
etag: "8edc927ddeab031af40ac21f73fe6a7a"
x-served-by: cache-wdc5559-WDC, cache-dca17729-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 shetat.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 20 KB
21 KB 31ms
30ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/shetat.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b81526a02edac0e3e01b33c82bb110451dbf44a38e9c046a7b5163343e7601b8

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1414156
edge-cache-tag: 546897350029990108570463956323027452303,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 50
expiration: expiry-date="Wed, 04 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/shetat.jpg
content-length: 20592
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 04 Jul 2021 10:24:51 GMT
server: nginx
x-timer: S1627747476.691455,VS0,VE1
etag: "6a07527d3d9517b2f6fc1f8cb73b9f46"
x-served-by: cache-wdc5552-WDC, cache-dca17767-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 thorthunder.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 21 KB
22 KB 33ms
32ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/thorthunder.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92daf9cc02057d3de361d5b0fc432c8d82d55a49ccbc05066e1ca82fbe7e0b74

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2156914
edge-cache-tag: 435016107258865345194204464752713818472,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 33
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/thorthunder.jpg
content-length: 21376
x-request-id: 96fd13ae925cea06755273775d9288ea
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Tue, 06 Jul 2021 13:42:10 GMT
server: nginx
x-timer: S1627747476.691504,VS0,VE1
etag: "3f53dc440909d2f76cb79c23d8f37f2f"
x-served-by: cache-wdc5567-WDC, cache-dca17775-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 black-widow-kevin-feige-disney_Fz6ywbJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 22 KB
23 KB 34ms
34ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/black-widow-kevin-feige-disney_Fz6ywbJ.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da2c2747f5b20830fa22baeb71437331f901e87555ac004bb569fd9e24705418

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 17729
edge-cache-tag: 352670963978724182318531305142217320508,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 689
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/black-widow-kevin-feige-disney_Fz6ywbJ.jpg
content-length: 22724
x-request-id: e18220243b9063abc5c416f98bf804e8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 30 Jul 2021 14:55:41 GMT
server: nginx
x-timer: S1627747476.691939,VS0,VE1
etag: "fe6f8f7a9ee602c612ab1fc633213516"
x-served-by: cache-wdc5568-WDC, cache-dca17745-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 strangetva.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 17 KB
18 KB 35ms
35ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/strangetva.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02d06f64a0626f104d1268290601895f6b30d2658e27a56c9c52209029155636

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2470407
edge-cache-tag: 619355183068226024831311412205451942669,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 582
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/strangetva.jpg
content-length: 17822
x-request-id: 6e0ded60f973aede03eebea2c0a0d677
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Sat, 03 Jul 2021 01:28:49 GMT
server: nginx
x-timer: S1627747476.695089,VS0,VE1
etag: "9c3d7435c4b48d46c39e61e77dd40a88"
x-served-by: cache-wdc5572-WDC, cache-dca12921-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 shetat.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 67 KB
68 KB 30ms
30ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/shetat.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 181a6054c6305659b7a8e2537852bb063be418a3e78bd3b8c58cbb99bd8efd0f

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 771174
edge-cache-tag: 546897350029990108570463956323027452303,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 323
expiration: expiry-date="Wed, 04 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/shetat.jpg
content-length: 68888
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Sun, 04 Jul 2021 10:45:48 GMT
server: nginx
x-timer: S1627747476.719934,VS0,VE1
etag: "ec8ee38ffe2aad2a634f4e59aff4bfe0"
x-served-by: cache-wdc5539-WDC, cache-dca17727-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 thorthunder.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 82 KB
83 KB 36ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/thorthunder.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 855d64486b548b78a395688c55d50f95aa9321046a0692049e4350606be6a004

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2144641
edge-cache-tag: 435016107258865345194204464752713818472,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 871
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/thorthunder.jpg
content-length: 83988
x-request-id: 343bc135544be3afaea930e3433da112
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Tue, 06 Jul 2021 13:42:10 GMT
server: nginx
x-timer: S1627747476.721910,VS0,VE1
etag: "4657b0ddb749af5f56ec9ebb7aef358b"
x-served-by: cache-wdc5559-WDC, cache-dca17782-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 black-widow-kevin-feige-disney_Fz6ywbJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 84 KB
85 KB 40ms
40ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/black-widow-kevin-feige-disney_Fz6ywbJ.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf5696ca46a643c1e91443d4e1fbacb264ae7d59d460f1fdc46f0afd1e458ada

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 13513
edge-cache-tag: 352670963978724182318531305142217320508,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 708
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/black-widow-kevin-feige-disney_Fz6ywbJ.jpg
content-length: 86266
x-request-id: ac9da98acd08c3434e01c06b6a351b7c
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Fri, 30 Jul 2021 14:55:41 GMT
server: nginx
x-timer: S1627747476.725226,VS0,VE1
etag: "2b241a705f228f2a056ed5a743cf3595"
x-served-by: cache-wdc5525-WDC, cache-dca12920-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 strangetva.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 82 KB
83 KB 53ms
53ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/strangetva.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 266c573c586d1dac488c1ce94b6d1c32cecdc2f1409c1bfb08c3fb7d8d7ca9e4

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2369360
edge-cache-tag: 619355183068226024831311412205451942669,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 135
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/strangetva.jpg
content-length: 84376
x-request-id: e418ce68dbc00e2c7f8cd6605b3e86a7
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sat, 03 Jul 2021 01:28:49 GMT
server: nginx
x-timer: S1627747476.726465,VS0,VE1
etag: "cb5539a4c2aa85fbf774ce5c067c0e33"
x-served-by: cache-wdc5540-WDC, cache-dca17736-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 spider-man-no-way-home-rumored-characters.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 39 KB
39 KB 124ms
124ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/spider-man-no-way-home-rumored-characters.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d69ad551e2744d78186ff89311a061bdedda24eea1e9abd9e0488d7c946329a

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 792470
edge-cache-tag: 314509183096822320926514783527857653584,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 187
expiration: expiry-date="Fri, 06 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/spider-man-no-way-home-rumored-characters.jpg
content-length: 39708
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Tue, 06 Jul 2021 11:35:58 GMT
server: nginx
x-timer: S1627747476.728604,VS0,VE89
etag: "33361231ef67b24568ee17daad4f298c"
x-served-by: cache-wdc5553-WDC, cache-dca17777-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 hulk2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 45 KB
45 KB 55ms
54ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/hulk2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5288ef44ea4a6c43cc49ff13de168c188de9d9caf3ebc7981522bc5ba909abf3

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2314809
edge-cache-tag: 523777118247344246655584714474393144555,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 58
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/hulk2.jpg
content-length: 45694
x-request-id: 05b17faf480a476271996b1405bc4881
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Sun, 04 Jul 2021 20:33:11 GMT
server: nginx
x-timer: S1627747476.729540,VS0,VE1
etag: "9c959bd3db4cd0192fe0cd9ae167e939"
x-served-by: cache-wdc5571-WDC, cache-dca17754-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 a5villains_ARJ8mCr_IXSKa4u_MRbCynr_Y0smD2R_u0N6pp9_eVkJO1W_3uarN2i_ZbAoieA.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 52 KB
53 KB 33ms
31ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/a5villains_ARJ8mCr_IXSKa4u_MRbCynr_Y0smD2R_u0N6pp9_eVkJO1W_3uarN2i_ZbAoieA.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba350b6d0e4efc1f4ecb5bb3dd6d38294cce65f79ee51523bcdcdf3508dd1df3

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2427922
edge-cache-tag: 336445824167167427292759066807626961189,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 67
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/a5villains_ARJ8mCr_IXSKa4u_MRbCynr_Y0smD2R_u0N6pp9_eVkJO1W_3uarN2i_ZbAoieA.jpg
content-length: 53538
x-request-id: 291b243322fcae9ac08997d4c297dad5
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Sat, 03 Jul 2021 08:09:49 GMT
server: nginx
x-timer: S1627747476.761138,VS0,VE1
etag: "0775b0216b8f333bff655684f132ec30"
x-served-by: cache-wdc5575-WDC, cache-dca17735-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 letitia1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 39 KB
40 KB 31ms
31ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/letitia1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 91a16ecb0caf0e3aae2a6b1d2d04b0b0fc10f1ea9b2442db083880c0c95e4e81

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1444543
edge-cache-tag: 629563481615961489075283634372310487868,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 586
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/letitia1.jpg
content-length: 39894
x-request-id: 751327e2884f802da9224f3b91a84c47
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 14 Jul 2021 17:07:32 GMT
server: nginx
x-timer: S1627747476.765361,VS0,VE1
etag: "26692b805752036706836046ccf6889d"
x-served-by: cache-wdc5532-WDC, cache-dca17741-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 eadafcad67e3d54d5fb825bec486e135.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 62 KB
63 KB 29ms
29ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eadafcad67e3d54d5fb825bec486e135.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b2a636f75560c25b197b663e3cebaa12f47965109609b526aa6fd16c8eac5cb2

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1404709
edge-cache-tag: 411907142504635666297386841823132749850,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 133
expiration: expiry-date="Fri, 16 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eadafcad67e3d54d5fb825bec486e135.jpg
content-length: 63686
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Tue, 15 Jun 2021 12:28:42 GMT
server: nginx
x-timer: S1627747476.779335,VS0,VE1
etag: "c0ed7a0ef9b56ee9b29317a7641e1f47"
x-served-by: cache-wdc5524-WDC, cache-dca17782-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 b75f88df3d7d0d0f9f20cb4eae49c875.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 56 KB
57 KB 30ms
30ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b75f88df3d7d0d0f9f20cb4eae49c875.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fa280e6dbcabebb17330f0bb7b2cd39c8bf5a7b53712a27b780b25d46e0c590

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4438567
edge-cache-tag: 607774692394393994021228870968615286194,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 153
expiration: expiry-date="Mon, 21 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b75f88df3d7d0d0f9f20cb4eae49c875.jpg
content-length: 57394
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Fri, 21 May 2021 00:17:34 GMT
server: nginx
x-timer: S1627747476.784409,VS0,VE1
etag: "a2ce0317e50ff378d4765f972a9fa0ca"
x-served-by: cache-wdc5543-WDC, cache-dca17760-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 shang-chi-poster.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 25 KB
25 KB 30ms
30ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/shang-chi-poster.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5d452c95775c90f010dfc2261d192521967ccd68942d07e426453c25f034d89

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 79343
edge-cache-tag: 336761287625770037038794801038340722326,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 591
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/shang-chi-poster.jpg
content-length: 25308
x-request-id: 0651796e10ce542a30b3cf1ec8a2793a
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Fri, 30 Jul 2021 13:18:56 GMT
server: nginx
x-timer: S1627747476.785258,VS0,VE1
etag: "c70d4f591a9bf29a212730426cd8cb45"
x-served-by: cache-wdc5570-WDC, cache-dca17754-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 captain-america-captain-marvel-what-if.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 27 KB
27 KB 30ms
29ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/captain-america-captain-marvel-what-if.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 024b361e43e968331adcc62a978629017f572fa07d4f83d17da08faee340ea15

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 850017
edge-cache-tag: 379314886381955240718154850713957631563,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 40
expiration: expiry-date="Mon, 09 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/captain-america-captain-marvel-what-if.jpg
content-length: 27160
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Fri, 09 Jul 2021 05:12:04 GMT
server: nginx
x-timer: S1627747476.792520,VS0,VE1
etag: "6312105be8b561f46bec1c4c389474d9"
x-served-by: cache-wdc5522-WDC, cache-dca17768-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 The-Most-Remarkable-Oscar-Outfits-Ever.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//luxurylife-style.com/wp-content/uploads/ 7 KB
8 KB 29ms
28ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//luxurylife-style.com/wp-content/uploads/The-Most-Remarkable-Oscar-Outfits-Ever.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c2d8d4ca41a655f891de37900a9a1dfc3ba7ffa2c76a20eb15439cf47f63930

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 980069
edge-cache-tag: 445346360242726465032208973006017195545,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 456
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//luxurylife-style.com/wp-content/uploads/The-Most-Remarkable-Oscar-Outfits-Ever.jpg
content-length: 7350
x-request-id: 49728458d7645dde9addd4568edbb711
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Sat, 19 Jun 2021 06:06:41 GMT
server: nginx
x-timer: S1627747476.797368,VS0,VE1
etag: "906f0e18920015b0529349632da007a8"
x-served-by: cache-wdc5552-WDC, cache-dca17769-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 v1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//resizing.flixster.com/jPu8iLcdzweaxWTxvDHvbQ49U18%3D/fit-in/1152x864/ 18 KB
18 KB 29ms
29ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//resizing.flixster.com/jPu8iLcdzweaxWTxvDHvbQ49U18%3D/fit-in/1152x864/v1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 534c2e6d4d672dc1d914fd9fc88c709b181ac82d141016678e178bae5fdfb938

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2015456
edge-cache-tag: 294115687647342558516413840454238636568,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 577
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//resizing.flixster.com/jPu8iLcdzweaxWTxvDHvbQ49U18%3D/fit-in/1152x864/v1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA
content-length: 17940
x-request-id: afe2bc05b6e18f1de0797aee03e079e7
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Sat, 12 Jun 2021 17:01:17 GMT
server: nginx
x-timer: S1627747476.810700,VS0,VE1
etag: "bb2b65c8c0aa64f222973e15feccedce"
x-served-by: cache-wdc5579-WDC, cache-dca17758-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 loki-disney-plus-finale-tva.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 97 KB
98 KB 29ms
28ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/loki-disney-plus-finale-tva.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9bb1fbac505f91eafe5554147ee431f0d94e8908ed02c3df8172a02d1cbd1441

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1465589
edge-cache-tag: 516465627542178213132738150756531731159,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 185
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/loki-disney-plus-finale-tva.jpg
content-length: 99484
x-request-id: 054395bddc7273da2cf847d52e5f3f64
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 14 Jul 2021 15:08:02 GMT
server: nginx
x-timer: S1627747476.816672,VS0,VE1
etag: "dcba26f6b459db71ef402cc7e0482c36"
x-served-by: cache-wdc5575-WDC, cache-dca17759-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 ant-man-loki-spider-man.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 88 KB
88 KB 32ms
31ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ant-man-loki-spider-man.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77c8517d3eb119ca180125ff29952fccf13094f766f552db941c890922280c6d

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1445176
edge-cache-tag: 533266362116139367725050127252763488495,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 836
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ant-man-loki-spider-man.jpg
content-length: 89826
x-request-id: dfc0eeb787e2f97c2335cd77c5264e05
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 14 Jul 2021 19:30:53 GMT
server: nginx
x-timer: S1627747476.816658,VS0,VE1
etag: "c5e951a0ede6b289f50d530e352a963d"
x-served-by: cache-wdc5544-WDC, cache-dca17756-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 lounge.load.7302391be467f75d298eac65b5cfa2cc.js Show response
c.disquscdn.com/next/embed/ Frame A7CD 1 KB
1 KB 12ms
11ms Script
application/javascript 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.7302391be467f75d298eac65b5cfa2cc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aa9ee4c2caf4f0c4054f1da752a01fec1ff1a656983327b69a75c3c0b63ef270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940702
x-cache: Hit from cloudfront
content-length: 534
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-216"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: UmM2DXuFVJa9bheaOwF_DzTfPGfH_Hxjq3blMuiLr_bKS2QGcT8k4w==
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eadafcad67e3d54d5fb825bec486e135.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 373f32215698b5c685fa28c63110f6cf0f3c68e2c7ab5d4b6f3b1ff619ee66b4

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1406819
edge-cache-tag: 411907142504635666297386841823132749850,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 95
expiration: expiry-date="Sat, 31 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eadafcad67e3d54d5fb825bec486e135.jpg
content-length: 13898
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Wed, 30 Jun 2021 14:58:00 GMT
server: nginx
x-timer: S1627747476.823488,VS0,VE0
etag: "f99dcd49b864fc563dbaf4fad6624ced"
x-served-by: cache-wdc5556-WDC, cache-dca17764-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b75f88df3d7d0d0f9f20cb4eae49c875.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 73e99c02aee475f826abfa48b04d238966158bed2fc6b0de6299c64b8dd96fa4

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4439586
edge-cache-tag: 607774692394393994021228870968615286194,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 36
expiration: expiry-date="Sat, 19 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b75f88df3d7d0d0f9f20cb4eae49c875.jpg
content-length: 12132
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 19 May 2021 16:05:13 GMT
server: nginx
x-timer: S1627747476.827091,VS0,VE0
etag: "7fd41344a4f754b4e0af14cd9cfd15b0"
x-served-by: cache-wdc5549-WDC, cache-dca17771-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a797b8c479f50296be85f64c63c924e364dcf171924f475e6e1719a32181310d

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4441159
edge-cache-tag: 454495853063637850906140981329147654090,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 38
expiration: expiry-date="Thu, 01 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
content-length: 14944
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 31 May 2021 23:18:05 GMT
server: nginx
x-timer: S1627747476.840193,VS0,VE0
etag: "13ad938c59934b479b78fe4c6a06e31c"
x-served-by: cache-wdc5543-WDC, cache-dca17755-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//luxurylife-style.com/wp-content/uploads/The-Most-Remarkable-Oscar-Outfits-Ever.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8cf129e3dd9526e7bee451b7285bcad8cedb292d674a147c82b21d852bd410a4

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1416925
edge-cache-tag: 445346360242726465032208973006017195545,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 188
expiration: expiry-date="Sat, 24 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//luxurylife-style.com/wp-content/uploads/The-Most-Remarkable-Oscar-Outfits-Ever.jpg
content-length: 7350
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 23 Jun 2021 12:40:15 GMT
server: nginx
x-timer: S1627747476.848540,VS0,VE0
etag: "9d1a7c168373fe545b6eb8f6c949de20"
x-served-by: cache-wdc5574-WDC, cache-dca17733-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//resizing.flixster.com/jPu8iLcdzweaxWTxvDHvbQ49U18%3D/fit-in/1152x864/v1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 003c41d19b1eb5787f5defcb70227c25f95f8b385b8016d7e4690ea3b3316259

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 268672
edge-cache-tag: 294115687647342558516413840454238636568,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 143
expiration: expiry-date="Tue, 03 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//resizing.flixster.com/jPu8iLcdzweaxWTxvDHvbQ49U18%3D/fit-in/1152x864/v1.bjsyNDQ4NTY3O2o7MTg4Mzg7MTIwMDsxNjAwOzEyMDA
content-length: 18454
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Sat, 03 Jul 2021 19:25:12 GMT
server: nginx
x-timer: S1627747476.852377,VS0,VE0
etag: "81c6ff449a3d2ed42be071210b005112"
x-served-by: cache-wdc5572-WDC, cache-dca17774-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/73250c213c0c8b0a2b9c0728855ec749.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b4b8625693aa28e72bb1f27f57644742c979f79eda5b588928c112d67fd3297

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4441205
edge-cache-tag: 543236249243493042395855631023196968017,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 66
expiration: expiry-date="Sat, 12 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/73250c213c0c8b0a2b9c0728855ec749.jpg
content-length: 7680
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Wed, 12 May 2021 04:33:26 GMT
server: nginx
x-timer: S1627747476.853844,VS0,VE0
etag: "2fe962428426c15a61c3177ae69ac98d"
x-served-by: cache-wdc5528-WDC, cache-dca12922-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39b18a95cada77f69313df99f6326cf6.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e8c5e1474f023e4d20341e15bd5a006451483504732a6bbae06914e5c702fa38

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4441272
edge-cache-tag: 503354400634921894464367962284098690742,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 164
expiration: expiry-date="Fri, 02 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39b18a95cada77f69313df99f6326cf6.jpg
content-length: 11234
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Tue, 01 Jun 2021 16:27:48 GMT
server: nginx
x-timer: S1627747476.853900,VS0,VE0
etag: "c18fbd2b5faa1e4aaf97a7af5b34cf4c"
x-served-by: cache-wdc5528-WDC, cache-dca17783-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/shetat.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b81526a02edac0e3e01b33c82bb110451dbf44a38e9c046a7b5163343e7601b8

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 1414156
edge-cache-tag: 546897350029990108570463956323027452303,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 50
expiration: expiry-date="Wed, 04 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/shetat.jpg
content-length: 20592
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 04 Jul 2021 10:24:51 GMT
server: nginx
x-timer: S1627747476.855388,VS0,VE0
etag: "6a07527d3d9517b2f6fc1f8cb73b9f46"
x-served-by: cache-wdc5552-WDC, cache-dca17767-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js Show response
c.disquscdn.com/next/embed/ Frame A7CD 282 KB
93 KB 12ms
12ms Script
application/javascript 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.7302391be467f75d298eac65b5cfa2cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1022242
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: JNySEUaktLTAIZhnKRpQRnll2GEhTVFKc0C2hyLL8-_iFpxy4wDfFw==
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48532e99fd3e2391745a2d45f05c1cef.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 29e272da6910607cf727fd9a069640ba7701f38aeb5870b3e2afa423a4b4aaae

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 4442146
edge-cache-tag: 476857340380205251361942202200864022489,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 20
expiration: expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48532e99fd3e2391745a2d45f05c1cef.jpg
content-length: 9248
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Thu, 20 May 2021 09:23:18 GMT
server: nginx
x-timer: S1627747476.869941,VS0,VE0
etag: "8edc927ddeab031af40ac21f73fe6a7a"
x-served-by: cache-wdc5559-WDC, cache-dca17729-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 thorthunder.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/ 21 KB
21 KB 28ms
28ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/thorthunder.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92daf9cc02057d3de361d5b0fc432c8d82d55a49ccbc05066e1ca82fbe7e0b74

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2156914
edge-cache-tag: 435016107258865345194204464752713818472,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 33
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/thorthunder.jpg
content-length: 21376
x-request-id: 96fd13ae925cea06755273775d9288ea
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Tue, 06 Jul 2021 13:42:10 GMT
server: nginx
x-timer: S1627747476.879471,VS0,VE0
etag: "3f53dc440909d2f76cb79c23d8f37f2f"
x-served-by: cache-wdc5567-WDC, cache-dca17775-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/black-widow-kevin-feige-disney_Fz6ywbJ.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da2c2747f5b20830fa22baeb71437331f901e87555ac004bb569fd9e24705418

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 17729
edge-cache-tag: 352670963978724182318531305142217320508,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 689
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/black-widow-kevin-feige-disney_Fz6ywbJ.jpg
content-length: 22724
x-request-id: e18220243b9063abc5c416f98bf804e8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 30 Jul 2021 14:55:41 GMT
server: nginx
x-timer: S1627747476.881130,VS0,VE0
etag: "fe6f8f7a9ee602c612ab1fc633213516"
x-served-by: cache-wdc5568-WDC, cache-dca17745-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/strangetva.jpg
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02d06f64a0626f104d1268290601895f6b30d2658e27a56c9c52209029155636

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 2470407
edge-cache-tag: 619355183068226024831311412205451942669,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 582
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thedirect.s3.amazonaws.com/media/article_full/strangetva.jpg
content-length: 17822
x-request-id: 6e0ded60f973aede03eebea2c0a0d677
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Sat, 03 Jul 2021 01:28:49 GMT
server: nginx
x-timer: S1627747476.883115,VS0,VE0
etag: "9c3d7435c4b48d46c39e61e77dd40a88"
x-served-by: cache-wdc5572-WDC, cache-dca12921-DCA, cache-fra19176-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ Frame A7CD 163 KB
26 KB 12ms
12ms Stylesheet
text/css 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1629808
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: TwJxjEfZwwCCttBbpMAxZ0IP537XjFgx6Kl5mMdLnCvDNd9dUVd6eg==
x-cache-hits: 0

GET
H2 200 lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js Show response
c.disquscdn.com/next/embed/ Frame A7CD 468 KB
119 KB 12ms
12ms Script
application/javascript 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bd3479f3c97c6aa3b27aaaae6eb5407fbdc64a942d876db9fbbb08ce06ad63d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940703
x-cache: Hit from cloudfront
content-length: 120690
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-1d772"
content-type: application/javascript; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Pjl1t0kwFqOHVsi7YKKiqAAfETN58xsf68qN_SpYhx2oekfjOLAdUQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame A7CD 12 KB
12 KB 35ms
35ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5da1b441bda2c1fc650189d51c9ea82441e6ec7d6f65b0bf02bc954b15e073cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:35 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 47
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12213
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame A7CD 3 KB
3 KB 143ms
143ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=thedirect&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

be3d57858a2857061832600202f5864560c480cd72eaea1e8270125df145be72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:35 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3128
X-XSS-Protection: 1; mode=block

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/625/3241/ Frame A7CD 771 B
1 KB 12ms
11ms Image
image/jpeg 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/625/3241/avatar92.jpg?1594752550

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c7d3537410d501cf820611aec5c8d54dc4883a6f8187ad655fd638cc25298a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 22:41:32 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5332983
x-cache: Hit from cloudfront
content-length: 771
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Tue, 14 Jul 2020 18:49:11 GMT
server: nginx
etag: "d57a4e64a74536a4adadeded17935f3e"
content-type: image/jpeg
expires: Mon, 30 May 2022 22:41:32 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 4O3cjaG82E2PM-5EAkznyGE7ookWRIFYISDfNfCjW_QOF9y9Kp-m5Q==
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame A7CD 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame A7CD 13 KB
13 KB 13ms
11ms Image
image/svg+xml 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8126814
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9A92fWKHNbSjnGlun1WDncZNMlbOepENebzskC246442dtBvKvuWvQ==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame A7CD 3 KB
3 KB 12ms
12ms Image
image/gif 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 15419188
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RhLP2-fyBJLgvF2ZP1OoR3cCfYDwTWwwvrL-gtG-KLOvW_JQDSucnw==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame A7CD 8 KB
8 KB 12ms
12ms Font
application/octet-stream 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7628581
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9rXLOb8uZBUtIrkUmjW2NJJ_ogdcOLqYm-hoDXmhGWcfeGhvxCmkoA==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 51F6 337 B
808 B 11ms
11ms Stylesheet
text/css 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7563061
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: K5SIeg1rzLNYy67sWyPXgSoXOx1kki4N1PLQOPb0K_1XdkIa3X0SOQ==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 17C1 337 B
807 B 12ms
11ms Stylesheet
text/css 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: thedirect.disqus.com
URL: https://thedirect.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7563061
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Lk72P_dZ5wx-ZJIdADkNdlOOo2D2emdE5C0P8Api2oJzXemxUpppxQ==
x-cache-hits: 0

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame A7CD 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab516284cfd662402ca1d74ee2853871259ffca8df084a3cc63e2a0d783875a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cFTlFkHXoYq/wd4j6vD2pA==
cross-origin-resource-policy: cross-origin
expires: Sat, 31 Jul 2021 16:15:28 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: AT6551h3V8Sq8dqAPJZbXoFfofeNnqxSersV7KWWcWhDHe2iuhGZaYHGC65u/bw+dJU9P19rs47TuxvJ8kl7mg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 1a2e04a30eab8c555d3d5112739e07a6
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 31 Jul 2021 16:04:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "28d7de3a173be628dcced294c40cad0b"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 api.js Show response
apis.google.com/js/ Frame A7CD 13 KB
6 KB 28ms
26ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

988bcde72299686944d0d999925fb176b03d274eb3f1b2dc9f714654a93bfabf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q4412d3WcqdsgoG5YsqTAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "b6acb3309cfece49fdc532caca33f653"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-q4412d3WcqdsgoG5YsqTAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 31 Jul 2021 16:04:35 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame A7CD 227 KB
66 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a5a4ac7e4805e6d2873a78b9f2b1f1ed

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19d4769a84fc5e58a47a7e0b9794ea591c92827cf65f638429bfda0bf8ca3440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GOfPPC73TnTrZMbWQoB/dA==
cross-origin-resource-policy: cross-origin
expires: Sun, 31 Jul 2022 13:35:40 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67638
x-fb-rlafr: 0
x-fb-debug: PbnDbIN7H/ap0PwE0Qk+Hk3oFquyTkKfMpWt4N28kjdHQkwt07XlIO0pCfXb8Z26UKXdvtGSYeGt/BV99lO5aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: cce099ef5e4708d1398083fefc3bfe53
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 31 Jul 2021 16:04:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ddcfaeac9a2eb64880a0b1ba1d14b4e7"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3-29 200 /
www.facebook.com/tr/ 0
17 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryaKHFoQiahAxOzHFs

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 31 Jul 2021 16:04:35 GMT
content-type: text/plain
access-control-allow-origin: https://thedirect.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame A7CD 103 KB
34 KB 257ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a8dbc111ec4272a34fae97aa7a2dcd6f99cfb9b3067dcac29abc892912b6ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 15:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35063
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 15:25:16 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 6888 551 B
464 B 45ms
41ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66521735&crid=6374615&dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&cmcv=&pix=undefined&cb=1627747475979&uv=2999&tms=1627747475979&abt=adh5c-1_vA!insc_vA!scec9_vB!spa2_vB!t45!ufm_vC!ul2999_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=7167C570381926230681960722072&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c1d580b9bb525eda3d08afbfd5697915c9303ab3f31e6d90efe7df57980cebf

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66521735&crid=6374615&dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&cmcv=&pix=undefined&cb=1627747475979&uv=2999&tms=1627747475979&abt=adh5c-1_vA!insc_vA!scec9_vB!spa2_vB!t45!ufm_vC!ul2999_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=7167C570381926230681960722072&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thedirect.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedirect.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 31 Jul 2021 16:04:36 GMT
via: 1.1 varnish
x-served-by: cache-fra19176-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1627747476.191973,VS0,VE14
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 5C65 551 B
637 B 154ms
50ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3c1d580b9bb525eda3d08afbfd5697915c9303ab3f31e6d90efe7df57980cebf

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thedirect.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedirect.com/

Response headers

server: nginx
date: Sat, 31 Jul 2021 16:04:36 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H2 200 wf-generator.js Show response
vidstat.taboola.com/wf-generator/1.1.5/ 13 KB
6 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/wf-generator/1.1.5/wf-generator.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 253e207811811f532a96e83c8c05d4a1da5a5ead8751d2b5ae98ca6b463e5d17

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:35 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age: 543434
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 5504
x-served-by: cache-fra19176-FRA
last-modified: Mon, 14 Jun 2021 10:33:18 GMT
server: AmazonS3
x-timer: S1627747476.995082,VS0,VE0
etag: "0db1e60d5975c9daae20996e2dcf2ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: gbjnjPqPmiUVAhfhyLPytGgVcJHyh8FSjMrHZ6w4TelMroDzBySn1A==
x-cache-hits: 587386

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 249ms
50ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66521735&crid=6374615&dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&cmcv=&pix=31589837&cb=1627747475979&uv=2999&tms=1627747475979&abt=adh5c-1_vA!insc_vA!scec9_vB!spa2_vB!t45!ufm_vC!ul2999_vA&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1627747468981!ts:1627747475979&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:36 GMT
content-length: 0
server: nginx

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame CBAE 513 B
922 B 36ms
16ms Document
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bd914998f3523fb62785885b7fbd0d0ceb590a4a7dc71aca9a54e970c257c29

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EacdOUxHpitB23+HoGjMvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=220=S_vwN-aVoYIKg4yUAyNc0Q_I8gdd95Jf4LMzQAPZnzzWGrZ3Nv0v_R9VNkZFWPeWfeShcDFSElBF50-l1s-Wm5Wi8Bt-Q4NKNS0qof0a-7yfHtpH0jxZYH0WNDtB-XVPUDLM87wZBhId0UJSOIwEOk7o-5IdKramOSei2sPkOy0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 31 Jul 2021 16:04:36 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-EacdOUxHpitB23+HoGjMvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6888 70 B
264 B 61ms
60ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66521735&crid=6374615&dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&cmcv=&pix=undefined&cb=1627747475979&uv=2999&tms=1627747475979&abt=adh5c-1_vA!insc_vA!scec9_vB!spa2_vB!t45!ufm_vC!ul2999_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=7167C570381926230681960722072&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6888
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=009d915e-f219-11eb-a3d9-11e121d60506&orig=video&us_privacy=1---gdpr=1&

0
255 B

50ms
48ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=009d915e-f219-11eb-a3d9-11e121d60506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66521735&crid=6374615&dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&cmcv=&pix=undefined&cb=1627747475979&uv=2999&tms=1627747475979&abt=adh5c-1_vA!insc_vA!scec9_vB!spa2_vB!t45!ufm_vC!ul2999_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=7167C570381926230681960722072&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Sat, 31 Jul 2021 16:04:36 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31914

Redirect headers

Date: Sat, 31 Jul 2021 16:04:36 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=009d915e-f219-11eb-a3d9-11e121d60506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 127
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 6888 43 B
146 B 113ms
37ms Image
image/gif 52.58.182.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66521735&crid=6374615&dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&cmcv=&pix=undefined&cb=1627747475979&uv=2999&tms=1627747475979&abt=adh5c-1_vA!insc_vA!scec9_vB!spa2_vB!t45!ufm_vC!ul2999_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=7167C570381926230681960722072&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.182.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 1376071356-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame CBAE 116 KB
40 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1376071356-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cd47b8df2fcfbefbac624b4a6856f65e13d83721be2805e864f5993a05428e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 18:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40353
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 02:24:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 18:54:02 GMT

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame CBAE 14 B
58 B 67ms
52ms XHR
application/json 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1376071356-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Sat, 31 Jul 2021 16:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 31 Jul 2021 17:04:36 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5C65 70 B
264 B 60ms
59ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 5C65
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=00a45597-f219-11eb-8517-197e22df0406&orig=video&us_privacy=1---gdpr=1&

0
255 B

49ms
48ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=00a45597-f219-11eb-8517-197e22df0406&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Sat, 31 Jul 2021 16:04:36 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31447

Redirect headers

Date: Sat, 31 Jul 2021 16:04:36 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=00a45597-f219-11eb-8517-197e22df0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 140
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 5C65 43 B
145 B 37ms
37ms Image
image/gif 52.58.182.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7iBICFgM8e25HVGrKEQQ8e25HVGrKEQUAAAAGBvQHHbeY7Tas3WAzXCwns8lmMBsulrPBbjIZ7CZD4LjFbLdh7Qab4WI5mU02g9lus5vNJpvFZjOFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w1HaDodPte9XnR0mZyWl8d01_jdfoXl9PSYXX6F3fRWO-xuzVrtsNxeZrfMdbc73zKn2e20-9yal-mtOpwcppcdAAAAAB4AwoiuIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwABQuozUAcjgM4PLwuV7-AAB4KAABABDAIAE4OM4vAWipHTsBAAAAAAAAAGD5____jxm4VziUGegXS-4BePABeCAqQC1iBAAAAJDlrtt_NKkTKosqAACCdCuAKwCAAL3-JzCVMAAAAIGxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJoR05JoWdMaVovYLCACw9gsIAMCmbgAAbwFwQUfQisFgdQExOwAAAIC7____fz0QGm0WDudqZNjthiuLwzeYWSYuh8M1MzkXls1suL3w6IThgCXu_r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7E8DlACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYcThGnlmK9taZXMu3KLlxrdW2DwLt8ZjsVlWnoVxsJusRa-P6Tdz2RyOyRQP5uNy7msXLgoGQO1FcJFOREeXyWl5eUxv0dFlclpeHtNFLNGcLNKJ7LIvjTYLh3M1Mux2w5XF4RvMLBOXw-GamZwLy2Y23FccrpFntrKtVTbnwi1abnxrhc2zcGs8Fptl5VkYB7vJWvT6mH4zl83hmOwbs8luN9qNdqN9YzbZ7Ua70W6079AZvqvP2SgsCbcenVOavRy3M_NB4TJYvDv1amH8jg7W3uvolGk7yoLO6Pf7_X6_3-_3-_0GredgNih8z8NfOH0sz-VwNnoQGwyKWCI4XaQT0ct4uoglkqdFOtEtBiOXx2OZmWzL4cxjmNh8i4nJtfC4PJPFxLCyiCVK00U60Sssp6fH7PIr7Ka32mF3a9Zqh-X2Mrtlrrvd-ZY5zW6n3efWvExv1eHkML0s6j864HIu2QzniuFsLlltVgkAAAAAAAAAYAlz5k0AAAAAToMaLJej1XIBKoqgdIFBAAAAAAAAdh038YLccnBRihs_nqCjy-S0vDymt-joMjktL4_pygAVRU7Mmz0TxFqtljUAAIAANgAAQAC3bt4CMRg5!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.182.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame A7CD 533 B
806 B 197ms
137ms Script
application/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=thedirect&thread_id=8682697301&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

23cfdaca5c4d8ce1d44881dbdee9a6ccde9bf58462448cb9056b66facf15c5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/forums/625/3241/ Frame A7CD 771 B
1 KB 12ms
11ms Image
image/jpeg 2600:9000:2190:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/forums/625/3241/avatar92.jpg?1594752550

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c7d3537410d501cf820611aec5c8d54dc4883a6f8187ad655fd638cc25298a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 30 May 2021 22:41:32 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5332984
x-cache: Hit from cloudfront
content-length: 771
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Tue, 14 Jul 2020 18:49:11 GMT
server: nginx
etag: "d57a4e64a74536a4adadeded17935f3e"
content-type: image/jpeg
expires: Mon, 30 May 2022 22:41:32 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: R_Wj9KKBaG0oqZ5apQYC8tEbmmXfmDLAsuD4H29VlUu3ZpFc-hdHgw==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame A7CD 43 B
295 B 179ms
119ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=684&event=init_embed&thread=8682697301&forum=thedirect&forum_id=6253241&imp=75epdb11mp8re3&prev_imp=75epgj939nku3o&thread_slug=ant_man_3_writer_shares_funny_update_from_marvel_set_99&user_type=anon&referrer=https%3A%2F%2Fthedirect.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame A0B0 507 B
1 KB 285ms
194ms Document
text/html 13.224.96.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c75epgl2k91jbd&pctry=CZ&referrer=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-63.zrh50.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: fea599a3694fdeed13fd7e978a72a45167fe8838bbff2224a93949e97969f385

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c75epgl2k91jbd&pctry=CZ&referrer=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 507
date: Sat, 31 Jul 2021 16:04:36 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=8f1218ac-eb3d-48da-bed0-90b10202cfbc:1627747476.76; Domain=rezync.com; Expires=Thu, 27-Jan-2022 09:04:36 GMT; Path=/; SameSite=None; Secure sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJjbGllbnRzIjp7ImRpc3F1cyI6ImM3NWVwZ2wyazkxamJkIn0sInNlc3Npb25faWQiOnsiIGIiOiJPR1l4TWpFNFlXTXRaV0l6WkMwME9HUmhMV0psWkRBdE9UQmlNVEF5TURKalptSmpPakUyTWpjM05EYzBOell1TnpZPSJ9fQ.E-cGFA.xAD-UN4wkeMJ_9gTCpaDCHiO_eY; Expires=Thu, 27-Jan-2022 16:04:36 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: myMrPXF86JAmgFPYJJaX1omeN9kCkbKS9YyhMZiQfQAn41MRXuzo_Q==

GET
H2

200

pixel
fcmatch.youtube.com/ Frame CE89
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCJTplYgGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMTNweUZfdUdKRFctbzRWZkI2QXBiS0xoVml2SlVfaHdpS2xjQW1LdGlOaw==&google_cm
https://fcmatch.google.com/pixel?google_gm=AMnCDorubcTL2Mh8Ffo_0tqgX4yZej--cpckiAMPmMfk34ZGvGh2NyZ95opnQls22nqdxXCvq-AZ-YhfTUgkQPQTsLj2dVLdNUGlyLcPoNxqwptGKJZMDng5rpVCjAefeDXhx72Jd_iPc-jwxzywLu-cSf...
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorubcTL2Mh8Ffo_0tqgX4yZej--cpckiAMPmMfk34ZGvGh2NyZ95opnQls22nqdxXCvq-AZ-YhfTUgkQPQTsLj2dVLdNUGlyLcPoNxqwptGKJZMDng5rpVCjAefeDXhx72Jd_iPc-jwxzywLu-cS...

0
0

70ms
50ms

Document
image/png

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDorubcTL2Mh8Ffo_0tqgX4yZej--cpckiAMPmMfk34ZGvGh2NyZ95opnQls22nqdxXCvq-AZ-YhfTUgkQPQTsLj2dVLdNUGlyLcPoNxqwptGKJZMDng5rpVCjAefeDXhx72Jd_iPc-jwxzywLu-cSf4HjxgjJA

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: fcmatch.youtube.com
:scheme: https
:path: /pixel?google_gm=AMnCDorubcTL2Mh8Ffo_0tqgX4yZej--cpckiAMPmMfk34ZGvGh2NyZ95opnQls22nqdxXCvq-AZ-YhfTUgkQPQTsLj2dVLdNUGlyLcPoNxqwptGKJZMDng5rpVCjAefeDXhx72Jd_iPc-jwxzywLu-cSf4HjxgjJA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default

Response headers

content-type: image/png
date: Sat, 31 Jul 2021 16:04:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorubcTL2Mh8Ffo_0tqgX4yZej--cpckiAMPmMfk34ZGvGh2NyZ95opnQls22nqdxXCvq-AZ-YhfTUgkQPQTsLj2dVLdNUGlyLcPoNxqwptGKJZMDng5rpVCjAefeDXhx72Jd_iPc-jwxzywLu-cSf4HjxgjJA
date: Sat, 31 Jul 2021 16:04:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 403
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
io.narrative.io/ Frame A7CD
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac75epgl2k91jbd&ret=img&ref=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_m...
https://io.narrative.io/?io.narrative.guid.v2=00e20a10-f219-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac75epgl2k91jbd&ret=img&ref=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-fu...

35 B
319 B

62ms
61ms

Image
image/gif

34.255.110.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=00e20a10-f219-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac75epgl2k91jbd&ret=img&ref=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.110.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thedirect&t_u=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer&t_d=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&t_t=Ant-Man%203%20Writer%20Shares%20Funny%20Update%20From%20Marvel%20Set&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 16:04:36 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=00e20a10-f219-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac75epgl2k91jbd&ret=img&ref=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer
Date: Sat, 31 Jul 2021 16:04:36 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

POST
H2 204 bulk Show response
trc.taboola.com/thedirect-thedirect/log/3/ 0
277 B 130ms
130ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thedirect-thedirect/log/3/bulk?tvi2=-2&route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 79
pragma: no-cache
date: Sat, 31 Jul 2021 16:04:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1627747477.659605,VS0,VE79
x-served-by: cache-fra19176-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://thedirect.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
699 B 27ms
27ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: thedirect.com
URL: https://thedirect.com/article/ant-man-3-marvel-funny-filming-set-update?utm_content=bufferebc69&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 1619
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by: cache-fra19176-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1627747477.695597,VS0,VE0
date: Sat, 31 Jul 2021 16:04:36 GMT
x-amz-request-id: 6P8Y14FA9N2SAAH6
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 71
x-cache-hits: 829

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame A0B0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=131933016303020456
https://p.rfihub.com/cm?pub=39342&in=1&userid=8f1218ac-eb3d-48da-bed0-90b10202cfbc%3A1627747476.76&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc75epgl2k91jbd
https://idsync.rlcdn.com/501709.gif?partner_uid=c75epgl2k91jbd
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECFNFEGX6weeBR2REubLgZQ&google_cver=1

42 B
315 B

44ms
43ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECFNFEGX6weeBR2REubLgZQ&google_cver=1
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c75epgl2k91jbd&pctry=CZ&referrer=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 16:04:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECFNFEGX6weeBR2REubLgZQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

52154.gif
idsync.rlcdn.com/ Frame A0B0
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=8f1218ac-eb3d-48da-bed0-90b10202cfbc%3A1627747476.76&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597497107345325
https://idsync.rlcdn.com/501709.gif?partner_uid=c75epgl2k91jbd
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=131933016303020456

42 B
326 B

44ms
43ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=131933016303020456
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c75epgl2k91jbd&pctry=CZ&referrer=https%3A%2F%2Fthedirect.com%2Farticle%2Fant-man-3-marvel-funny-filming-set-update%3Futm_content%3Dbufferebc69%26utm_medium%3Dsocial%26utm_source%3Dtwitter.com%26utm_campaign%3Dbuffer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 16:04:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 31 Jul 2021 16:04:37 GMT
X-Proxy-Origin: 89.238.186.253; 89.238.186.253; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6e9e3424-34ce-44ea-816a-edea214c615f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=131933016303020456
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 3674 0
239 B 142ms
35ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 3674
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9ST8keUA8pmN&ev=1&orig=trc&pid=562107

0
246 B

49ms
49ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9ST8keUA8pmN&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Sat, 31 Jul 2021 16:04:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29913

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9ST8keUA8pmN&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-589cbd599f-h8dt7
expires: -1

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 3674
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=131933016303020456&orig=trc

0
255 B

49ms
49ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=131933016303020456&orig=trc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Sat, 31 Jul 2021 16:04:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31040

Redirect headers

Pragma: no-cache
Date: Sat, 31 Jul 2021 16:04:37 GMT
X-Proxy-Origin: 89.238.186.253; 89.238.186.253; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: dfaeae7b-30b1-4a48-bab8-7da01419d186
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=131933016303020456&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 3674
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAF4EkLA_KoNdm5koy2a5IE&google_cver=1

0
206 B

95ms
95ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAF4EkLA_KoNdm5koy2a5IE&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
date: Sat, 31 Jul 2021 16:04:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1627747478.538954,VS0,VE68
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19176-FRA

Redirect headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAF4EkLA_KoNdm5koy2a5IE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3674 42 B
414 B 64ms
55ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12:$UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:350
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3674
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=417aecf6-afd5-4be0-a313-033638a4b9d2-tuct7fefa14

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=417aecf6-afd5-4be0-a313-033638a4b9d2-tuct7fefa14

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=417aecf6-afd5-4be0-a313-033638a4b9d2-tuct7fefa14
tbl-x-upstream: 10.40.0.134:10213
date: Sat, 31 Jul 2021 16:04:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31040

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 3674
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=74aae32a-b3a6-4efa-a762-23be484940b0

0
82 B

36ms
36ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=74aae32a-b3a6-4efa-a762-23be484940b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sat, 31 Jul 2021 16:04:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1627747478.616855,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19176-FRA

Redirect headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:37 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=74aae32a-b3a6-4efa-a762-23be484940b0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 3674
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

48ms
48ms

Image
text/plain

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Jul 2021 16:04:37 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 31 Jul 2021 16:04:37 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 3674 49 B
406 B 371ms
128ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-589cbd599f-hn554
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 3674 43 B
697 B 157ms
50ms Image
image/gif 185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:37 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 3674 0
59 B 189ms
35ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:37 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3674
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=19cf6800-6d20-401e-bed6-1c8babc46389

0
255 B

49ms
49ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=19cf6800-6d20-401e-bed6-1c8babc46389
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Sat, 31 Jul 2021 16:04:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30145

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=19cf6800-6d20-401e-bed6-1c8babc46389
cache-control: no-cache
date: Sat, 31 Jul 2021 16:04:36 GMT
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2043
content-type: text/html; charset=utf-8
content-length: 222
expires: Sat, 31 Jul 2021 00:00:00 GMT

GET

7.gif
id5-sync.com/c/464/146/1/ Frame 3674
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOeGyLL5nJgRJHKt6NtUrHAROD-ZvnYbNUeIcjjA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOeGyLL5nJgRJHKt6NtUrHAROD-ZvnYbNUeIcjjA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=8ca2feac-aa5b-451d-be4e-d5042e763104&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/5/3.gif?puid=7420a08ec695f7314785da8d1e1ea72f&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/4/4.gif?puid=714a64ac-1c5f-4787-8aed-d1b63a6e0060&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/3/5.gif?puid=6e484dba-153f-426a-9665-0d2890e70c04&gdpr=1&gdpr_consent=
https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F118%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F118%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&prevuid=03030002_6...
https://id5-sync.com/c/464/118/2/6.gif?puid=03030002_6105749696969&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/1/7.gif?puid=57845562-5039-4189-90e0-ac4b8ca782bf&gdpr=1&gdpr_consent=

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 3674
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xdKPAF3WDfqMSMeZlnQFYQ

0
246 B

49ms
49ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xdKPAF3WDfqMSMeZlnQFYQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Sat, 31 Jul 2021 16:04:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30661

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=xdKPAF3WDfqMSMeZlnQFYQ
date: Sat, 31 Jul 2021 16:04:38 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 3674 35 B
380 B 521ms
131ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Sat, 31 Jul 2021 16:03:55 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 3674
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=taboola&bsw_custom_parameter=c1dd4b06-8fb8-4db9-b00b-52428563961b
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk7ff981ab-94b3-477c-af46-e1b6f92bf872&expires=7&user_group=5&ssp=taboola&bsw_param=c1dd4b06-8fb8-4db9-b00b-52428563961b
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c1dd4b06-8fb8-4db9-b00b-52428563961b

0
256 B

49ms
49ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c1dd4b06-8fb8-4db9-b00b-52428563961b
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Sat, 31 Jul 2021 16:04:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29528

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c1dd4b06-8fb8-4db9-b00b-52428563961b
date: Sat, 31 Jul 2021 16:04:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 3674
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1e7bd9fe-4b4d-4ebd-beac-709970904d6a
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1e7bd9fe-4b4d-4ebd-beac-709970904d6a&tbid=417aecf6-afd5-4be0-a313-033638a4b9d2-tuct7fefa14&query=taboola_hm%3D1e7bd9fe-4b4d-...

0
53 B

37ms
36ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1e7bd9fe-4b4d-4ebd-beac-709970904d6a&tbid=417aecf6-afd5-4be0-a313-033638a4b9d2-tuct7fefa14&query=taboola_hm%3D1e7bd9fe-4b4d-4ebd-beac-709970904d6a&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1627747478.891255,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19176-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1e7bd9fe-4b4d-4ebd-beac-709970904d6a&tbid=417aecf6-afd5-4be0-a313-033638a4b9d2-tuct7fefa14&query=taboola_hm%3D1e7bd9fe-4b4d-4ebd-beac-709970904d6a&isDirect=0
tbl-x-upstream: 10.41.10.104:10213
date: Sat, 31 Jul 2021 16:04:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29913

GET
H2

200

sd
u.openx.net/w/1.0/ Frame 3674
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent=

43 B
180 B

44ms
43ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:37 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&gdpr=0&gdpr_consent=
date: Sat, 31 Jul 2021 16:04:37 GMT
via: 1.1 google
server: OXGW/16.211.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 3674
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=87b10e1f-c6f5-51d4-8fff-e8e4eefa9c71

0
255 B

49ms
49ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=87b10e1f-c6f5-51d4-8fff-e8e4eefa9c71
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Sat, 31 Jul 2021 16:04:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29528

Redirect headers

location: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=87b10e1f-c6f5-51d4-8fff-e8e4eefa9c71
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame 3674 43 B
428 B 377ms
125ms Image
image/gif 18.213.12.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.12.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-12-146.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:37 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 3674
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=yfNvLdjmSRGC_iekhCjvPw&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&ui=yfNvLdjmSRGC_iekhCjvPw

0
114 B

49ms
49ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&ui=yfNvLdjmSRGC_iekhCjvPw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Sat, 31 Jul 2021 16:04:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30703

Redirect headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:04:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&ui=yfNvLdjmSRGC_iekhCjvPw
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3674
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&dongle=tbla
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

37ms
37ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date: Sat, 31 Jul 2021 16:04:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 28ms
27ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 1897
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19176-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1627747478.820684,VS0,VE0
date: Sat, 31 Jul 2021 16:04:37 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 71
x-cache-hits: 10617

GET
H2 200 / Show response
pips.taboola.com/ 64 B
238 B 19ms
5ms XHR
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:04:37 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19137-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://thedirect.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 362ms
121ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ba5d36e6-ef9a-49c7-af3a-ccbf2e3a8072-tuct7fefa12&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thedirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Jul 2021 16:04:38 GMT
Cache-Control: no-store
Server: nginx
Connection: close

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/js/api.js

Domain: id5-sync.com
URL: https://id5-sync.com/c/464/146/1/7.gif?puid=57845562-5039-4189-90e0-ac4b8ca782bf&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://thedirect.s3.amazonaws.com/articles/wandavision/ajax.js(Line 2) Message: Loading Ajax....
console-api	log	URL: https://thedirect.s3.amazonaws.com/articles/wandavision/ajax.js(Line 11) Message: Up Next Successful....

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.ad.gt
accounts.google.com
ad.360yield.com
ads.betweendigital.com
ajax.cloudflare.com
am-match.taboola.com
am-vid-events.taboola.com
apis.google.com
aufp.io
bh.contextweb.com
bttrack.com
buff.ly
buttons-config.sharethis.com
c.disquscdn.com
c.sharethis.mgr.consensu.org
cdn.intergient.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
count-server.sharethis.com
d3e54v103j8qbb.cloudfront.net
dis.criteo.com
disqus.com
e1.emxdgt.com
eb2.3lift.com
ejp.rlcdn.com
event.clientgear.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
ib.adnxs.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
images.taboola.com
images.thedirect.com
imprammp.taboola.com
io.narrative.io
jadserve.postrelease.com
l.sharethis.com
live.rezync.com
match.adsrvr.org
match.taboola.com
p.ad.gt
p.rfihub.com
pips.taboola.com
pixel.rubiconproject.com
pixels.ad.gt
platform-api.sharethis.com
platform-cdn.sharethis.com
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssl.gstatic.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
sync.taboola.com
thedirect.com
thedirect.disqus.com
thedirect.s3.amazonaws.com
token.rubiconproject.com
trc.taboola.com
u.openx.net
vidstat.taboola.com
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
apis.google.com
id5-sync.com
13.224.89.159
13.224.96.37
13.224.96.63
13.248.245.213
139.162.40.113
141.226.224.32
141.226.228.48
142.250.184.226
142.250.186.98
151.101.12.134
151.101.12.64
151.101.13.181
151.101.13.44
151.101.192.134
178.250.2.151
18.159.8.206
18.195.155.181
18.198.109.212
18.213.12.146
185.106.33.48
185.64.190.80
185.86.138.142
185.94.180.126
192.132.33.46
193.0.160.128
198.148.27.140
216.52.2.19
23.111.200.118
2600:9000:2156:7c00:12:4abd:d340:93a1
2600:9000:2190:5200:1c:8a07:5e80:93a1
2600:9000:2190:600:1d:85c3:6640:93a1
2600:9000:2190:9000:c:a9b7:ddc0:93a1
2600:9000:2190:9c00:c:abe:f440:93a1
2600:9000:2190:dc00:6:8656:f5c0:93a1
2606:4700:10::6816:154f
2606:4700::6810:5e41
2606:4700::6810:a823
2a00:1450:4001:800::2003
2a00:1450:4001:800::200d
2a00:1450:4001:800::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:3::300
3.219.65.2
34.255.110.255
34.98.64.218
35.164.229.85
35.167.53.177
35.244.174.68
35.82.147.164
37.252.172.38
37.252.173.62
44.240.109.213
47.252.78.131
52.216.100.115
52.47.63.168
52.57.88.239
52.58.182.33
54.187.25.111
67.199.248.12
69.173.144.139
69.173.144.165
76.223.111.131
003c41d19b1eb5787f5defcb70227c25f95f8b385b8016d7e4690ea3b3316259
024b361e43e968331adcc62a978629017f572fa07d4f83d17da08faee340ea15
02d06f64a0626f104d1268290601895f6b30d2658e27a56c9c52209029155636
03802d56a58d8b2e0c1387eded20a50bae6fcd2e6d5603edbe8d78f7dce0d41b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06fae3b416263d00162474a5d3771d3c80429ac65a53152d197451f4ad53cce9
0b4b8625693aa28e72bb1f27f57644742c979f79eda5b588928c112d67fd3297
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d53d182621574d5fc58e62d8556c058958d992cc26fd3d53107d5dc1b7cc6fd
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0e5cf363283dcf6dcf8376adbdd226eb9928c9333aabb0e62da9b4ecfd2660f1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13dc4d76765dad7cd9e8f31dfcda1dffc4912f704a2f7639472fa07456c5a21f
15b300d8fcb9697d7ff98d5f092d9ef8a3452481de0ddfd7c54ed480dcece6d9
181a6054c6305659b7a8e2537852bb063be418a3e78bd3b8c58cbb99bd8efd0f
183b018d6669d6ff756c38718433c70388256de25d1579078bfdea0f1fbd5200
19484c52393ea4d7b6b8cd3f0292e3a363ed5046d84799606ac1fe5d0d620ec7
19d4769a84fc5e58a47a7e0b9794ea591c92827cf65f638429bfda0bf8ca3440
23cfdaca5c4d8ce1d44881dbdee9a6ccde9bf58462448cb9056b66facf15c5fc
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
253e207811811f532a96e83c8c05d4a1da5a5ead8751d2b5ae98ca6b463e5d17
266c573c586d1dac488c1ce94b6d1c32cecdc2f1409c1bfb08c3fb7d8d7ca9e4
26a112b47990822d68103d4ac8d452f78d1da928874a376a7335d26244b50431
29e272da6910607cf727fd9a069640ba7701f38aeb5870b3e2afa423a4b4aaae
2a2bc9d285b588bdd4634be9e3627e4a25c81df8ab2a28bd31e16ab7492acfe9
2c2d8d4ca41a655f891de37900a9a1dfc3ba7ffa2c76a20eb15439cf47f63930
2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51
2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
373f32215698b5c685fa28c63110f6cf0f3c68e2c7ab5d4b6f3b1ff619ee66b4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3c1d580b9bb525eda3d08afbfd5697915c9303ab3f31e6d90efe7df57980cebf
3f383236d81bfed41be042672cfd00fa3c18965bd4d0de54c883bf4b71015bf3
436a01b6b0ba1906b83fa19da55e8ba2fa77751c2d9da4b5f2fa53baaab43fea
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
44e7b4e1f9bad4c4770eb9acfae713263ce4f4df9814442c3b269eb26e496f6f
4717439348493dc77d6939cef81e2951cfd0509a5f2f1c0bc2582ea5f4e86c98
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f39acf7028a1e65976cee680dd3157bf4a5b61d2b2d8665386ef957e74f8ce1
5110c1e29bb22f0c8ae1b7af3c994dd4f580d05d8773f5fb1f031b5ce1560c83
5288ef44ea4a6c43cc49ff13de168c188de9d9caf3ebc7981522bc5ba909abf3
534c2e6d4d672dc1d914fd9fc88c709b181ac82d141016678e178bae5fdfb938
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550caa2ee11653d68188f149e4aa3fad40bb1fcb096e5e72543a64c126e2525a
59cb71b9e76b9047bb3d25ff19b6fd4edd00341332c326e9b3c464bc24c5369f
5b114d882e0a586d8cda076773de6d7d9dfda6c74a2dda865c6369f8814d1860
5da1b441bda2c1fc650189d51c9ea82441e6ec7d6f65b0bf02bc954b15e073cc
652840f972b16c251da3730e015ac7df971631c024ffeb5338629bf94a6a5c1f
66720a732b901113ae8fafc04294ba1549324fecbcc89b7e724574ed3a6e28ac
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd914998f3523fb62785885b7fbd0d0ceb590a4a7dc71aca9a54e970c257c29
6d69ad551e2744d78186ff89311a061bdedda24eea1e9abd9e0488d7c946329a
6f7871d93d5c3d1704ff63df786e947d15254a0dc27af5b429b03a7090d07ff0
73e99c02aee475f826abfa48b04d238966158bed2fc6b0de6299c64b8dd96fa4
75e58b10cddb659c62e2562a1fe4d638449b13f76614554a55b16007bb559efc
77c8517d3eb119ca180125ff29952fccf13094f766f552db941c890922280c6d
7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8
7a8dbc111ec4272a34fae97aa7a2dcd6f99cfb9b3067dcac29abc892912b6ab9
7b37418aa99ce5ed683f383e399850530f985d8a4396919b519506ee2ef62019
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
81ac86866f450460ed3daebc32527ec54f64d78153929bd114c8f5fbfcd0f868
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8452b518e25ca0b61a3dc907264af6fd478940a79b91dab675d3224728f7e76b
84e32394c5b5910ab7818e0dab2c450b18fb8669a1bc9a5a549a2f6e5fc9e336
855d64486b548b78a395688c55d50f95aa9321046a0692049e4350606be6a004
858695b36636e7ab8069648a7f83b5e40316be5e1c46fbef9df6d217f579dde7
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
8602a7537f44c16111cec616e9b63746e321bb61976e9c442860dbf41f24bd84
86a2a3d8554ec67f39ec7124f7440100e3e395a0d3fff58783e3d7870918439b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
8cf129e3dd9526e7bee451b7285bcad8cedb292d674a147c82b21d852bd410a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8fa280e6dbcabebb17330f0bb7b2cd39c8bf5a7b53712a27b780b25d46e0c590
8fbfb42bb82ce3052352ce7cf22ae4e2b0dbeed1c324f2c490e8e0405d09b3d7
913cd8d481a1c37ca2326b5242f09e92fddd532d93e5c8830a71b5620f10b332
91a16ecb0caf0e3aae2a6b1d2d04b0b0fc10f1ea9b2442db083880c0c95e4e81
92daf9cc02057d3de361d5b0fc432c8d82d55a49ccbc05066e1ca82fbe7e0b74
95140ebb86b5e738910e2cbfed6664106b1b2dfe9b4fcf19fc26309b673e8bb3
96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d
988bcde72299686944d0d999925fb176b03d274eb3f1b2dc9f714654a93bfabf
990f1d0013531c0e9894935d4f185fb80a65f814c76f4b672f52f67ec1fbb038
9a72a6a001720eb75f9c7381db5a0b011430aa144a1da8beca753fdecfa063e1
9bb1fbac505f91eafe5554147ee431f0d94e8908ed02c3df8172a02d1cbd1441
9cd47b8df2fcfbefbac624b4a6856f65e13d83721be2805e864f5993a05428e0
9d3b5cfd747f2915e403e9f4d3310d859ef2b23032411d69ff8cde3e9252594d
9df44053cef2802e8f05e08fb13522d72a7ff0e2d9ef61910fb3d2a44217b5c7
9f47d67bd71b8fec8b33572b9b1d9a38ccd6a1f6c004df1e05feefe49db4e0e2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a5e92663d140c2742136bd09372e2d37c070b09e3de4cd3bf16dabce17cd02d8
a797b8c479f50296be85f64c63c924e364dcf171924f475e6e1719a32181310d
a860677131d592e249e55131e4f7f251fdba4e0cc4e2f67fc37cddcad248311a
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa9ee4c2caf4f0c4054f1da752a01fec1ff1a656983327b69a75c3c0b63ef270
ab516284cfd662402ca1d74ee2853871259ffca8df084a3cc63e2a0d783875a7
acfac3402d6959765bbffd034dbaf1815219b968772dc15945b4eb7d8723d8f3
ad1c2f87c4f1bf32a4e6cef90ab58775e608d7808d913a72cd5d4d65e3ddec87
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b2a636f75560c25b197b663e3cebaa12f47965109609b526aa6fd16c8eac5cb2
b63016206a811ec3e73149fa4752692a5b55d714b80b0724c6d25ca654f1a985
b81526a02edac0e3e01b33c82bb110451dbf44a38e9c046a7b5163343e7601b8
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
ba350b6d0e4efc1f4ecb5bb3dd6d38294cce65f79ee51523bcdcdf3508dd1df3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd3479f3c97c6aa3b27aaaae6eb5407fbdc64a942d876db9fbbb08ce06ad63d5
be3d57858a2857061832600202f5864560c480cd72eaea1e8270125df145be72
be61dcd52d57a2923a779af6b63d9fb1802d3c7c0246f281795b7c3ad51cb9ee
bf5696ca46a643c1e91443d4e1fbacb264ae7d59d460f1fdc46f0afd1e458ada
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c5d452c95775c90f010dfc2261d192521967ccd68942d07e426453c25f034d89
c7d3537410d501cf820611aec5c8d54dc4883a6f8187ad655fd638cc25298a50
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cb9334dbc350b9bb88caf09723a615389478c3be9dcf3fd4d5a4d6e8e32cb583
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1ed230b0a1b33eb60cd300cbde3b3dc510167a17c46c302346aca99913cc60b
d23f65ff7200501e61d9b9013af8c14f6a64bf37bd101b927ade81634e40310e
d534d36bb0bc964ab649fcb8a9d6d3c334d9cdfbcdd1d574c50b99aa5261e1bb
da2c2747f5b20830fa22baeb71437331f901e87555ac004bb569fd9e24705418
db5bf9a91b7e05388b953154183762971d47ef02aa365db3cf4187dddbb86080
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e505ac51c1270a3ce375a5582826d2a5ffac3f384d9526d9d0fc7aca8e929862
e52b52d646f09d85a48a87cc6c2c00ebad77cde72c5f8d027b50fa0bd290fe4c
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e824c202dc6955193b28a1e0ab89b1e7960f358920c06ec6290ae394361b0360
e8c5e1474f023e4d20341e15bd5a006451483504732a6bbae06914e5c702fa38
e901d317da87c512cc19faf1b67d8b090876940a6c68e9ac8c0aa2cc517eb6fe
ebd245dc638eb55d8735cf3f79becaf67642408fe8feb7b434fe79a6a704bfbd
edd5c2ce0a03e748b54f17b6651b8454a3cea8b31e5ec9deb3d76c14d005c31a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8579d5c4c3ad5b9bce102b1e8d064d62e9c9ddd14319c0eaea551a025d8f9dd
fea599a3694fdeed13fd7e978a72a45167fe8838bbff2224a93949e97969f385

thedirect.com Open in urlscan Pro 2606:4700:10::6816:154f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

219 Requests

99 %HTTPS

32 %IPv6

50 Domains

83 Subdomains

60 IPs

10 Countries

3407 kBTransfer

6861 kBSize

0 Cookies

18 Outgoing links

Page URL History

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thedirect.com Open in urlscan Pro
2606:4700:10::6816:154f Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

99 %
HTTPS

32 %
IPv6

50
Domains

83
Subdomains

60
IPs

10
Countries

3407 kB
Transfer

6861 kB
Size

0
Cookies

219 HTTP transactions
2 data transactions