www.darkoperator.com Open in urlscan Pro
198.49.23.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Submission: On February 18 via api (February 18th 2021, 1:50:33 pm UTC) from CA

Summary HTTP 66 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 66 HTTP transactions. The main IP is 198.49.23.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.darkoperator.com.
TLS certificate: Issued by R3 on January 17th 2021. Valid for: 3 months.

This is the only time www.darkoperator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	198.49.23.144 198.49.23.144	53831 (SQUARESPACE) (SQUARESPACE)
17	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	151.101.12.237 151.101.12.237	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	151.101.12.238 151.101.12.238	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	151.101.112.238 151.101.112.238	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:295::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	198.185.159.177 198.185.159.177	53831 (SQUARESPACE) (SQUARESPACE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
66	15

6 198.49.23.144 (United States)

ASN53831 (SQUARESPACE, US)

www.darkoperator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.12.237 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.238 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.238 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:295::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.185.159.177 (United States)

ASN53831 (SQUARESPACE, US)

carlos-perez-3jaw.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	squarespace.com assets.squarespace.com static1.squarespace.com carlos-perez-3jaw.squarespace.com	1 MB
18	typekit.net use.typekit.net p.typekit.net	322 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	158 KB
6	darkoperator.com www.darkoperator.com	23 KB
4	squarespace-cdn.com images.squarespace-cdn.com	582 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	169 B
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	643 B
1	gstatic.com fonts.gstatic.com	23 KB
1	googleapis.com fonts.googleapis.com	741 B
66	13

	Domain	Requested by
17	use.typekit.net	www.darkoperator.com
16	assets.squarespace.com	www.darkoperator.com static1.squarespace.com assets.squarespace.com
6	www.darkoperator.com	assets.squarespace.com
5	pagead2.googlesyndication.com	www.darkoperator.com pagead2.googlesyndication.com assets.squarespace.com tpc.googlesyndication.com
4	images.squarespace-cdn.com	www.darkoperator.com
3	static1.squarespace.com	www.darkoperator.com static1.squarespace.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	carlos-perez-3jaw.squarespace.com	assets.squarespace.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.darkoperator.com www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	p.typekit.net	www.darkoperator.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.darkoperator.com
66	17

This site contains links to these domains. Also see Links.

Domain
github.com
gist.github.com
none

Subject Issuer	Validity	Valid
www.darkoperator.com R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.squarespace.com DigiCert SHA2 High Assurance Server CA	`2020-08-18` - `2021-03-30`	7 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.squarespace-cdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-02-05`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Frame ID: 35B7460DF772D8B03E66F35B69B79BD8
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: B8512D2CB25782472E4C373A4077DE9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9625308250592016&output=html&adk=99217981&adf=1731056007&lmt=1613656215&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.darkoperator.com%2Fblog%2F2017%2F10%2F14%2Fbasics-of-tracking-wmi-activity&ea=0&flash=0&pra=5&wgl=1&dt=1613656215856&bpp=10&bdt=497&idt=93&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5626579178618&frm=20&pv=2&ga_vid=861942735.1613656216&ga_sid=1613656216&ga_hid=974916327&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068769%2C21068893&oid=3&pvsid=3701639610603977&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108
Frame ID: 58795F9B8587834FC5DDA6C9C9FA479E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 6E6060D6CC8BEA9215663FB1ED2170DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

html //i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

66
Requests

100 %
HTTPS

60 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

2571 kB
Transfer

7206 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/darkoperator
Title: Projects

Search URL Search Domain Scan URL

URL: https://gist.github.com/subTee/c6bd1401504f9d4d52a0
Title: https://gist.github.com/subTee/c6bd1401504f9d4d52a0

Search URL Search Domain Scan URL

URL: https://github.com/jaredcatkinson/EvilNetConnectionWMIProvider
Title: https://github.com/jaredcatkinson/EvilNetConnectionWMIProvider

Search URL Search Domain Scan URL

URL: http://none/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request basics-of-tracking-wmi-activity Show response
www.darkoperator.com/blog/2017/10/14/ 75 KB
19 KB 357ms
119ms Document
text/html 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

9efd130319b18a518e3634e65f98ec578ee9e8138dd14ca0567bbd3d7d4fe174

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.darkoperator.com
:scheme: https
:path: /blog/2017/10/14/basics-of-tracking-wmi-activity
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

accept-ranges: bytes
age: 722
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 18 Feb 2021 13:38:12 GMT
etag: W/"34a43f8fb6b80d9166333f651adcff1b"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BQqJyL6R5FSoZTBmNWYwNmQxNjBjZTI3YzM2MDA3OTM5YTAyYmVh;Path=/
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: mI68xncf/5matq9UH
content-length: 18894

GET
H2 200 0CrjyhPHdONld6dOy_nGl2OV2sw8GL2Uu7UorWqxdOtfeGG2fFHN4UJLFRbh52jhWD9kjAbUZ2qUZQsKw2gy5QyywRiKjQJ3Zs7dMPG0jhBkdeNDOWg8ScmEOQF7jWS0SaBujW48Sagyjh90jhNlOeFyScUzSku3ZW48pKXD-cBaO1FUiABkZWF3jAF8OcFzdPUqj... Show response
use.typekit.net/ik/ 20 KB
7 KB 9ms
8ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/0CrjyhPHdONld6dOy_nGl2OV2sw8GL2Uu7UorWqxdOtfeGG2fFHN4UJLFRbh52jhWD9kjAbUZ2qUZQsKw2gy5QyywRiKjQJ3Zs7dMPG0jhBkdeNDOWg8ScmEOQF7jWS0SaBujW48Sagyjh90jhNlOeFyScUzSku3ZW48pKXD-cBaO1FUiABkZWF3jAF8OcFzdPUqjW4ndag8ScBXdaJ0jhNlOeUzjhBC-eNDifUaiaS0jhBkdeNDOWg8ScmEOQF7jWS0SaBujW48Sagyjh90jhNlOYiaikoqjW4ndag8ScBXdaJ0jhNlJ6U3ScNt-AuyOAozicI7fbKnMsMMeMI6MKG4fH3gIMMjfkMfH6qJtKGbMg62JMJ7fbRRHyMMeMX6MKG4fHvgIMMjgfMfH6qJCMIbMg65JMJ7f6K3UMIbMg6BJMJ7f6KUUMIbMg6VJMJ7fbKlMsMMeMj6MKG4fHtgIMMjIfMfH6qJK3IbMg6YJMJ7fbKwMsMMegI6MKG4fHqgIMMjffMfH6qJ76IbMg6PJMJ7fbK4MsMMeMq6MKG4fJGgIMMjIkMfqMYox0WBgb.js

Requested by

Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

25568e4665a2e6e9114c843a7c1667f1984e75439d80169bc649dd405b443c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 18 Feb 2021 13:50:15 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 7179

GET
H2 200 cldr-resource-pack-ee539354c82111cc002ed-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
25 KB 89ms
28ms Script
text/javascript 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-ee539354c82111cc002ed-min.en-US.js
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: aaf25cbe0ca496b38d5c47ff68015b0b607f1ea7802964116004850956f5dad7

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 1439833
x-cache: HIT, HIT
x-cache-hits: 3, 32598
content-encoding: gzip
content-length: 24853
x-served-by: cache-bwi5124-BWI, cache-fra19134-FRA
last-modified: Mon, 01 Feb 2021 21:23:09 GMT
server: UploadServer
x-timer: S1613656215.432456,VS0,VE0
etag: "c91b2f2e25244b941b7e632e88477fa7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 21:53:01 GMT

GET
H2 200 common-vendors-3d940e527dba194a2c319-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 709 KB
199 KB 108ms
48ms Script
text/javascript 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-3d940e527dba194a2c319-min.en-US.js
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1760c2d4906672c83e6791f920c78c2ba0fae22b1075e80c60f9022338ecde49

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 485505
x-cache: HIT, HIT
x-cache-hits: 3, 2044
content-encoding: gzip
content-length: 203212
x-served-by: cache-bwi5169-BWI, cache-fra19134-FRA
last-modified: Fri, 12 Feb 2021 21:43:28 GMT
server: UploadServer
x-timer: S1613656215.432548,VS0,VE0
etag: "0a7d08feb97b9800429dfb493a9837ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Feb 2022 22:58:30 GMT

GET
H2 200 common-7fc90c832f0c9e9591975-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 893 KB
231 KB 108ms
48ms Script
text/javascript 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b6748eaaa4c5bfb43a9591d6cf2dde21ef1896830cdf632ce6eb8f403326099b

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 140772
x-cache: HIT, HIT
x-cache-hits: 1, 1006
content-encoding: gzip
content-length: 236170
x-served-by: cache-bwi5177-BWI, cache-fra19134-FRA
last-modified: Tue, 16 Feb 2021 20:48:19 GMT
server: UploadServer
x-timer: S1613656215.432545,VS0,VE0
etag: "7f1a5e8527da4490a0900d58641eec4d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 22:44:02 GMT

GET
H2 200 performance-fce1ecd97ff38813b9cf9-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 115 KB
32 KB 30ms
30ms Script
text/javascript 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-fce1ecd97ff38813b9cf9-min.en-US.js
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 70b8cef61d1557e2e1d63aed207d20fce65b0e1fbafe4c1cdedc1b5e08572b99

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 1439833
x-cache: HIT, HIT
x-cache-hits: 2, 25009
content-encoding: gzip
content-length: 32306
x-served-by: cache-bwi5155-BWI, cache-fra19134-FRA
last-modified: Mon, 01 Feb 2021 21:23:26 GMT
server: UploadServer
x-timer: S1613656216.569723,VS0,VE0
etag: "8fd45c54614127a60820b4bd78dcf72f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 21:53:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
741 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cabin:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700

Requested by

Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02d7123d215b023c34334a2682bcaf0e88aa139faa4cd77a76f1b08755f6bc0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 13:50:15 GMT
server: ESF
date: Thu, 18 Feb 2021 13:50:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Feb 2021 13:50:15 GMT

GET
H2 200 site.css
static1.squarespace.com/static/sitecss/52ad1d91e4b00a98a27ba20e/15/4f6a1392e4b07090d46e7ec9/52ae65d1e4b04dd8c25d043c/1597-05142015/1508853406510/ 507 KB
56 KB 101ms
40ms Stylesheet
text/css 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/sitecss/52ad1d91e4b00a98a27ba20e/15/4f6a1392e4b07090d46e7ec9/52ae65d1e4b04dd8c25d043c/1597-05142015/1508853406510/site.css?&filterFeatures=false

Requested by

Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

5467a516ced46db914dbdbf050c149a3009f072c924ef2628c76f23188629703

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86069
x-cache: HIT, HIT
x-contextid: cBf5KzF2/J00HjSkt
x-cache-hits: 1, 1
content-length: 56767
x-served-by: cache-dfw18627-DFW, cache-fra19158-FRA
pragma: cache
server: Squarespace
x-timer: S1613656216.527836,VS0,VE1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

557c7eff7e290be0c9ba43c9992a9a53511608560c9e1c23efc05851e186a2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48512
x-xss-protection: 0
server: cafe
etag: 8824829217438060229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Feb 2021 13:50:15 GMT

GET
H2 200 / Show response
static1.squarespace.com/static/ta/4f6798afe4b097349e410d49/1597/scripts/combo/ 409 B
608 B 97ms
38ms Script
application/javascript 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/4f6798afe4b097349e410d49/1597/scripts/combo/?site.js

Requested by

Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

4a2c81d61546843a787489a4133b7c4cdd2b43883370024696c81c7022da7a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537707
x-cache: HIT, HIT
x-contextid: 7O0IIY1N/gAyCOiCY
x-cache-hits: 11, 9
content-length: 256
x-served-by: cache-dfw18633-DFW, cache-fra19158-FRA
pragma: cache
server: Squarespace
x-timer: S1613656216.527818,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 178
date: Thu, 18 Feb 2021 13:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 18 Feb 2021 15:47:17 GMT

GET
H2 200 l
use.typekit.net/af/98e3f6/000000000000000077359562/30/ 19 KB
20 KB 6ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f28dd61b09a81f60bf0ad313a27e13c2aabc0fe74d6abbac9cb3c3565c5d9f1f

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "1bcc3d3d54b5ccfdbefb7ed0822f73955bbc2e51"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19892

GET
H2 200 l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ 19 KB
19 KB 7ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5c76c1194cff752f3d0fa5236f005277b36c5401e456dddd546b23e11806be66

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "4e934be2b8b3d403db81d77d43b23dd8cc77d1d7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19352

GET
H2 200 fontawesome-webfont.woff
static1.squarespace.com/static/ta/4f6798afe4b097349e410d49/1561/assets/ 23 KB
23 KB 86ms
29ms Font
application/x-font-woff 151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/4f6798afe4b097349e410d49/1561/assets/fontawesome-webfont.woff

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/sitecss/52ad1d91e4b00a98a27ba20e/15/4f6a1392e4b07090d46e7ec9/52ae65d1e4b04dd8c25d043c/1597-05142015/1508853406510/site.css?&filterFeatures=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

daafcf5b1d4b5b3bd4f0c6df3045dcca98a5b4776ee7567e803dbb48bb656b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.darkoperator.com
Referer: https://static1.squarespace.com/static/sitecss/52ad1d91e4b00a98a27ba20e/15/4f6a1392e4b07090d46e7ec9/52ae65d1e4b04dd8c25d043c/1597-05142015/1508853406510/site.css?&filterFeatures=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 621421
x-cache: HIT, HIT
x-contextid: RA8b7Hb1/AYAB8VCl
x-cache-hits: 2, 3
content-length: 23416
x-served-by: cache-dfw18664-DFW, cache-fra19179-FRA
pragma: cache
server: Squarespace
x-timer: S1613656216.774372,VS0,VE0
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 squarespace-ui-font.woff
assets.squarespace.com/universal/fonts/ 9 KB
9 KB 29ms
28ms Font
application/octet-stream 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/fonts/squarespace-ui-font.woff
Requested by: Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/sitecss/52ad1d91e4b00a98a27ba20e/15/4f6a1392e4b07090d46e7ec9/52ae65d1e4b04dd8c25d043c/1597-05142015/1508853406510/site.css?&filterFeatures=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b980267ac2254ef534bfe32055489ed677d461077b37f2ee62bf7b5fc4f7362f

Request headers

Origin: https://www.darkoperator.com
Referer: https://static1.squarespace.com/static/sitecss/52ad1d91e4b00a98a27ba20e/15/4f6a1392e4b07090d46e7ec9/52ae65d1e4b04dd8c25d043c/1597-05142015/1508853406510/site.css?&filterFeatures=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 3536950
x-cache: HIT, HIT
x-cache-hits: 1, 4622
content-encoding: gzip
content-length: 9023
x-served-by: cache-bwi5127-BWI, cache-fra19134-FRA
last-modified: Thu, 09 May 2019 21:33:27 GMT
server: UploadServer
x-timer: S1613656216.716450,VS0,VE0
etag: "e99a175a26d1be1ff88c5c1aafc58e1e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jan 2022 15:21:05 GMT

GET
H2 200 social-icon-font.woff
assets.squarespace.com/universal/fonts/social-20141119/ 32 KB
12 KB 29ms
29ms Font
application/octet-stream 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/fonts/social-20141119/social-icon-font.woff
Requested by: Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/sitecss/52ad1d91e4b00a98a27ba20e/15/4f6a1392e4b07090d46e7ec9/52ae65d1e4b04dd8c25d043c/1597-05142015/1508853406510/site.css?&filterFeatures=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4c2536979555e40b739d742d722d84ac0f2fc5c0911ab833773008b781411d54

Request headers

Origin: https://www.darkoperator.com
Referer: https://static1.squarespace.com/static/sitecss/52ad1d91e4b00a98a27ba20e/15/4f6a1392e4b07090d46e7ec9/52ae65d1e4b04dd8c25d043c/1597-05142015/1508853406510/site.css?&filterFeatures=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 1659498
x-cache: HIT, HIT
x-cache-hits: 1, 3
content-encoding: gzip
content-length: 11876
x-served-by: cache-bwi5158-BWI, cache-fra19134-FRA
last-modified: Thu, 09 May 2019 21:33:25 GMT
server: UploadServer
x-timer: S1613656216.716523,VS0,VE0
etag: "4e53042a254861ee8cf4cad171643ff0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jan 2022 08:51:57 GMT

GET
H2 200 l
use.typekit.net/af/6cc429/00000000000000007735957a/30/ 20 KB
20 KB 6ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6cc429/00000000000000007735957a/30/l?subset_id=2&fvd=i4&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9d584e93431d504916b367221ef2e4b83e8742383d9f1f70359fe82a4c483e5c

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "fbdc46ab1a5a002fde16de9a1eb2474fced219c5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20032

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
fonts.gstatic.com/s/cabin/v18/ 22 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v18/u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7155833c6617404acf8abb8e48f76bc1bff361860773a9e415df10434225c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.darkoperator.com
Referer: https://fonts.googleapis.com/css2?family=Cabin:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:17:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 21:01:47 GMT
server: sffe
age: 477174
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22704
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:17:21 GMT

GET
H2 200 dialog-4c984bcaacc45888f9092057493234b6-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 23 KB
5 KB 94ms
28ms Stylesheet
text/css 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/dialog-4c984bcaacc45888f9092057493234b6-min.en-US.css
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f75bf53416d2f37a4c7c4385760525531c89a8db70942fd8219d95c42ff4894d

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 3476845
x-cache: HIT, HIT
x-cache-hits: 7, 206
content-encoding: gzip
content-length: 4432
x-served-by: cache-bwi5131-BWI, cache-fra19183-FRA
last-modified: Tue, 03 Nov 2020 19:38:34 GMT
server: UploadServer
x-timer: S1613656216.891624,VS0,VE0
etag: "c97231770a2316174e2e5b44b3985fca"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jan 2022 08:02:50 GMT

GET
H2 200 comments-f794dccd3bb871fc0cbc0bb7ad024168-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 29 KB
4 KB 95ms
29ms Stylesheet
text/css 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/comments-f794dccd3bb871fc0cbc0bb7ad024168-min.en-US.css
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 75e06239c1162d898e73e1e16c68b953016562a57173d2896397d4a4dc1cc470

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 1826918
x-cache: HIT, HIT
x-cache-hits: 1, 192
content-encoding: gzip
content-length: 4318
x-served-by: cache-bwi5139-BWI, cache-fra19183-FRA
last-modified: Mon, 27 Jul 2020 21:44:18 GMT
server: UploadServer
x-timer: S1613656216.891722,VS0,VE0
etag: "ae6c665ff4044a46a5d444b5a6d79ed3"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 10:21:37 GMT

GET
H2 200 dialog-37cbe20daf721872ebe16-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 2 MB
569 KB 102ms
36ms Script
text/javascript 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/dialog-37cbe20daf721872ebe16-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8fbd1ca34d18e1bac26d30ddc716d06af1c273f983bc955521dde5ad8be43054

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 56539
x-cache: HIT, HIT
x-cache-hits: 2, 1
content-encoding: gzip
content-length: 582580
x-served-by: cache-bwi5126-BWI, cache-fra19183-FRA
last-modified: Wed, 17 Feb 2021 14:42:34 GMT
server: UploadServer
x-timer: S1613656216.891708,VS0,VE2
etag: "92a4a1b118021be142a22784d3d42b56"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Feb 2022 22:07:56 GMT

GET
H2 200 5857.png
images.squarespace-cdn.com/content/v1/52ad1d91e4b00a98a27ba20e/1508012599678-4GSID1OAQG7FEBSF2JRS/ke17ZwdGBToddI8pDm48kIr1COHr4-1h2t0ru7J9AUR7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCL... 131 KB
132 KB 100ms
36ms Image
image/png 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/52ad1d91e4b00a98a27ba20e/1508012599678-4GSID1OAQG7FEBSF2JRS/ke17ZwdGBToddI8pDm48kIr1COHr4-1h2t0ru7J9AUR7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCLfrh8O1z5QPOohDIaIeljMHgDF5CVlOqpeNLcJ80NK65_fV7S1UePrbb9QJKcfkE2NpfkQjR2bbAak_bv6tPtmdTxMCUwDpC969RuPXvt2ZwyzUXQf7Q/5857.png?format=750w
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76ae7074d6b734cbe6fafe10f49edaf3fe52bff24d5dbb51a0b62c3ae2ebd37c

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 509404
x-cache: HIT, HIT
content-length: 134314
x-served-by: cache-bwi5132-BWI, cache-hhn4078-HHN
x-timer: S1613656216.892343,VS0,VE1
tracepoint: Fastly
etag: CJqHkYbUiesCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 5858.png
images.squarespace-cdn.com/content/v1/52ad1d91e4b00a98a27ba20e/1508024819156-K606CSI6FKZMB8TIALTM/ke17ZwdGBToddI8pDm48kELdRd5dDY-lB_dpDcDcoMt7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCL... 141 KB
141 KB 201ms
136ms Image
image/png 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/52ad1d91e4b00a98a27ba20e/1508024819156-K606CSI6FKZMB8TIALTM/ke17ZwdGBToddI8pDm48kELdRd5dDY-lB_dpDcDcoMt7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCLfrh8O1z5QPOohDIaIeljMHgDF5CVlOqpeNLcJ80NK65_fV7S1Uftit90KHlX1-9WaSapKaNw-sM3Uy4lH1ajT15PlElyPG6v6ULRah83RgHXAWD5lbQ/5858.png?format=750w
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4f88e7b4b4a8c06706e780238a38e2273b8f9057c81bdee122d52b0f0e76dc9b

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 20582
x-cache: HIT, HIT
content-length: 144237
x-served-by: cache-bwi5149-BWI, cache-hhn4078-HHN
x-timer: S1613656216.892354,VS0,VE107
tracepoint: Fastly
etag: CLOezJbUiesCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 5960.png
images.squarespace-cdn.com/content/v1/52ad1d91e4b00a98a27ba20e/1508036598086-07BQNCFB148LNA3OMR11/ke17ZwdGBToddI8pDm48kI0IVb6ippnmGqJgjdwQIhF7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCL... 119 KB
119 KB 144ms
80ms Image
image/png 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/52ad1d91e4b00a98a27ba20e/1508036598086-07BQNCFB148LNA3OMR11/ke17ZwdGBToddI8pDm48kI0IVb6ippnmGqJgjdwQIhF7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCLfrh8O1z5QPOohDIaIeljMHgDF5CVlOqpeNLcJ80NK65_fV7S1UbavfbAEihkk9AEbsQ-CxsV8heaKIlLcPLAEv_iUwQbCm7cT0R_dexc_UL_zbpz6JQ/5960.png?format=750w
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 42fcf1489dac2bdf4dfa316b50c2f6e6d133185d80477b2e883001a1b5757456

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 509404
x-cache: HIT, HIT
content-length: 121546
x-served-by: cache-bwi5140-BWI, cache-hhn4078-HHN
x-timer: S1613656216.892367,VS0,VE1
tracepoint: Fastly
etag: CNiD+InUiesCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 5961.png
images.squarespace-cdn.com/content/v1/52ad1d91e4b00a98a27ba20e/1508112397446-EO5XVH0EQ3OXVG9DIZU2/ke17ZwdGBToddI8pDm48kPvHIeBXqG31RmbLHUCxZnF7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCL... 190 KB
190 KB 280ms
216ms Image
image/png 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/52ad1d91e4b00a98a27ba20e/1508112397446-EO5XVH0EQ3OXVG9DIZU2/ke17ZwdGBToddI8pDm48kPvHIeBXqG31RmbLHUCxZnF7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCLfrh8O1z5QPOohDIaIeljMHgDF5CVlOqpeNLcJ80NK65_fV7S1Ueq5z-ch9aFxc0aXLS3oXIF8a0sAj92jwb6S4r-z2J4Gm4bjm9DAHF2kOsIZRJKXnA/5961.png?format=750w
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d62e7c276b48ff7d89a1bb0ae5781d4875fcc1368c8817217a18a6473654cf1a

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, HIT
content-length: 194419
x-served-by: cache-bwi5131-BWI, cache-hhn4078-HHN
x-timer: S1613656216.892377,VS0,VE187
tracepoint: Fastly
etag: CJ2P6pHUiesCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

POST
H2 200 RecordHit Show response
www.darkoperator.com/api/census/ 17 B
298 B 118ms
117ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkoperator.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-3d940e527dba194a2c319-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
X-CSRF-Token: BQqJyL6R5FSoZTBmNWYwNmQxNjBjZTI3YzM2MDA3OTM5YTAyYmVh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: mI68xncf/WO5knuGo
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 settings Show response
www.darkoperator.com/api/1/performance/ 3 KB
518 B 109ms
109ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkoperator.com/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-fce1ecd97ff38813b9cf9-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: dfab1ca3e1d422591eded5496cdbdb618f87290065e038bb932f8767d2221312

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
content-encoding: gzip
server: Squarespace
x-contextid: mI68xncf/mOv9Qi34
content-length: 416
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 l
use.typekit.net/af/7a16a7/000000000000000077359568/30/ 18 KB
19 KB 9ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7a16a7/000000000000000077359568/30/l?subset_id=2&fvd=n1&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 56fde094ef7ea6ece05cbd9f1745e7ceeef3f49db1de5762dffff8394b9f9116

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "c8e9081d167c1ca081d04ee50ab17c30a3070578"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18788

GET
H2 200 l
use.typekit.net/af/4daeb9/00000000000000007735956c/30/ 19 KB
19 KB 9ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4daeb9/00000000000000007735956c/30/l?subset_id=2&fvd=i1&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b4d0dc33c8e0869dd139e1644e4411ae2552b74d623fce2fa75229a6387cbd9f

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "a758f85f9ee4b1e8dd67e15f45021ec0afd0b7e7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19540

GET
H2 200 l
use.typekit.net/af/56b0cd/00000000000000007735957d/30/ 19 KB
19 KB 10ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/56b0cd/00000000000000007735957d/30/l?subset_id=2&fvd=n3&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ffc5e3a95c6fc9a870b726347a1a74e0edf7761902913590e53ed496e3e31e92

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "2ab80025f707ba3aba50be31b8fc7414c40a7f9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19692

GET
H2 200 l
use.typekit.net/af/fcae55/000000000000000077359580/30/ 20 KB
20 KB 12ms
9ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/fcae55/000000000000000077359580/30/l?subset_id=2&fvd=i3&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6cb874827be78055acc59ae47f7c51144c81c7d158de9ad1d1915f993e0c6166

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "c6f6d01d55868d4f76d90d458f2fa8bbe74aac8f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20712

GET
H2 200 l
use.typekit.net/af/0758f3/000000000000000077359583/30/ 19 KB
19 KB 13ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0758f3/000000000000000077359583/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3943cf6dd5586e5b0a45f26c05e41514ed4eb747b131ad544471192ba0f58de3

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "dc3189e92c4d4f9401557b2ce3900e590ba01241"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19404

GET
H2 200 l
use.typekit.net/af/69ecb3/000000000000000077359585/30/ 20 KB
20 KB 16ms
13ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/69ecb3/000000000000000077359585/30/l?subset_id=2&fvd=i5&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 991016e1d94f059c34830797e4a19ee6e3a6f3afd59c059238f29ca60baeebc3

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "cc6761605db08af38d5e5f6a38acbd4949bd744c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20092

GET
H2 200 l
use.typekit.net/af/e4b1a9/000000000000000077359571/30/ 19 KB
19 KB 17ms
15ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e4b1a9/000000000000000077359571/30/l?subset_id=2&fvd=n6&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 49ea35b561bc45155317a97c2baa519a0ad2c18c1e5eec0175d641097288b167

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "e9609bced7717a72d97a3bf1f5d40d8b305d62c8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19316

GET
H2 200 l
use.typekit.net/af/eb4c83/000000000000000077359574/30/ 20 KB
20 KB 18ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eb4c83/000000000000000077359574/30/l?subset_id=2&fvd=i6&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 514d717d621979be6b46d50995c893167011283636cfb49c82beefd822d23eee

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "3bf26bf1f8b2fd7a5df7ea57943d57039c234fb5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20284

GET
H2 200 l
use.typekit.net/af/624cab/000000000000000077359558/30/ 20 KB
20 KB 22ms
20ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/624cab/000000000000000077359558/30/l?subset_id=2&fvd=i7&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 57802df57e29d3eff2f13893b3bdf23d763a9df895e1c151c93819b97e495efe

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "ada2269062790ffde5ca0d0c3f3893865b70699e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20664

GET
H2 200 l
use.typekit.net/af/199a3f/00000000000000007735955e/30/ 20 KB
20 KB 25ms
24ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/199a3f/00000000000000007735955e/30/l?subset_id=2&fvd=n8&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c105e92e6d74d51c6452e1a43eebcfc303d88f98aed8c41c8c63b26f5793adca

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "4d63fb8d8caf8ff8476cf83b11ee093a28942062"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20160

GET
H2 200 l
use.typekit.net/af/00841f/000000000000000077359564/30/ 20 KB
20 KB 31ms
29ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/00841f/000000000000000077359564/30/l?subset_id=2&fvd=i8&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 86b2ae6da11df465dbe98bd663b06201235a574c36740b08fa56deef8ad4281a

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "525eb8059ea60e265bcc64f3a26788b56e86ac9f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20712

GET
H2 200 l
use.typekit.net/af/ad9c1c/000000000000000077359549/30/ 20 KB
20 KB 33ms
32ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ad9c1c/000000000000000077359549/30/l?subset_id=2&fvd=n9&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4bd01181f7a12d57835448722bd207d01bf15484e9c676e186269edca3200422

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "fbcfc1bc7a5799d94dd7c084982224a28bf18f37"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20052

GET
H2 200 l
use.typekit.net/af/671919/00000000000000007735954e/30/ 20 KB
20 KB 36ms
35ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/671919/00000000000000007735954e/30/l?subset_id=2&fvd=i9&v=3
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8c72933a702139bd7420fb907086aa954a8bf730b62092b27cd71dae849d87ac

Request headers

Origin: https://www.darkoperator.com
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
server: nginx
etag: "62c7d040331121fb4d285b0d3fb6ac2f500ffc36"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20292

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=974916327&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkoperator.com%2Fblog%2F2017%2F10%2F14%2Fbasics-of-tracking-wmi-activity&ul=en-us&de=UTF-8&dt=Basics%20of%20Tracking%20WMI%20Activity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1046802664&gjid=541169480&cid=861942735.1613656216&tid=UA-47048887-1&_gid=2063482801.1613656216&_r=1&_slc=1&z=519249512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 13:50:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkoperator.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 227 KB
86 KB 65ms
50ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9625308250592016&plah=www.darkoperator.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87061
x-xss-protection: 0
server: cafe
etag: 9039926254773515089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Feb 2021 13:50:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame B851 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Feb 2021 04:14:22 GMT
expires: Thu, 04 Mar 2021 04:14:22 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 34553
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p.gif
p.typekit.net/ 35 B
182 B 6ms
6ms Image
image/gif 2a02:26f0:7100:295::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_52ad1d91e4b00a98a27ba20e&ht=tk&h=www.darkoperator.com&f=171.172.5474.5475.175.176.25136.25137.173.174.139.140.169.170.137.138&a=646866&js=1.20.0&app=typekit&e=js&_=1613656215896
Requested by: Host: www.darkoperator.com
URL: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:295::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
last-modified: Wed, 02 Sep 2020 04:04:42 GMT
server: nginx
etag: "5f4f19da-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
643 B 114ms
49ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.darkoperator.com&callback=_gfp_s_&client=ca-pub-9625308250592016

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9625308250592016&plah=www.darkoperator.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

080f4a8eb9b448d7f6ce9a3a9d655bfa77cde5e91bbbdbf7ccf9a94db5ffad20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 28ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.darkoperator.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Feb 2021 13:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 27ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.darkoperator.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Feb 2021 13:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5879 54 B
355 B 74ms
72ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9625308250592016&output=html&adk=99217981&adf=1731056007&lmt=1613656215&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.darkoperator.com%2Fblog%2F2017%2F10%2F14%2Fbasics-of-tracking-wmi-activity&ea=0&flash=0&pra=5&wgl=1&dt=1613656215856&bpp=10&bdt=497&idt=93&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5626579178618&frm=20&pv=2&ga_vid=861942735.1613656216&ga_sid=1613656216&ga_hid=974916327&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068769%2C21068893&oid=3&pvsid=3701639610603977&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9625308250592016&output=html&adk=99217981&adf=1731056007&lmt=1613656215&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.darkoperator.com%2Fblog%2F2017%2F10%2F14%2Fbasics-of-tracking-wmi-activity&ea=0&flash=0&pra=5&wgl=1&dt=1613656215856&bpp=10&bdt=497&idt=93&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5626579178618&frm=20&pv=2&ga_vid=861942735.1613656216&ga_sid=1613656216&ga_hid=974916327&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44731609%2C21068769%2C21068893&oid=3&pvsid=3701639610603977&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Feb 2021 13:50:16 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Feb-2021 14:05:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Feb 2021 13:50:16 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565174175677"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Thu, 18 Feb 2021 13:50:15 GMT

GET
H2 200 comments-a26828dec32d8fcdacd49-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 982 KB
237 KB 31ms
31ms Script
text/javascript 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/comments-a26828dec32d8fcdacd49-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d028eb23e7ed206cf214fdc884ccc677f296948a5499b3a8f6e28895cff70294

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 140768
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 242355
x-served-by: cache-bwi5129-BWI, cache-fra19183-FRA
last-modified: Tue, 16 Feb 2021 20:48:28 GMT
server: UploadServer
x-timer: S1613656216.162037,VS0,VE2
etag: "4d18f11fa9fd36cb76d30304b13f112a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 22:44:07 GMT

OPTIONS
H2 200 CheckAuthentication
carlos-perez-3jaw.squarespace.com/api/auth/ Frame 0
0 360ms
126ms Other
application/json 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://carlos-perez-3jaw.squarespace.com/api/auth/CheckAuthentication?crumb=BQqJyL6R5FSoZTBmNWYwNmQxNjBjZTI3YzM2MDA3OTM5YTAyYmVh

Protocol

Server

198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://www.darkoperator.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.darkoperator.com
content-type: application/json;charset=utf-8
date: Thu, 18 Feb 2021 13:50:16 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: DcBmAQsc/ZDQRn7Ts
content-length: 17

GET
H2 200 CheckAuthentication Show response
carlos-perez-3jaw.squarespace.com/api/auth/ 2 B
320 B 339ms
128ms XHR
application/json 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://carlos-perez-3jaw.squarespace.com/api/auth/CheckAuthentication?crumb=BQqJyL6R5FSoZTBmNWYwNmQxNjBjZTI3YzM2MDA3OTM5YTAyYmVh

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-fce1ecd97ff38813b9cf9-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
vary: Accept-Encoding, User-Agent
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.darkoperator.com
x-contextid: z2qizPQG/fJJEBebJ
access-control-allow-credentials: true
strict-transport-security: max-age=0
content-length: 22
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 simple-liking-9ef41bf7ba753d65ec1acf18e093b88a-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 834 B
665 B 28ms
28ms Stylesheet
text/css 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/simple-liking-9ef41bf7ba753d65ec1acf18e093b88a-min.en-US.css
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4a54eb26c7ebba01507bd1d00e02d5e15bf033dfb6589976b1c8a558cd7eb9c9

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 1142887
x-cache: HIT, HIT
x-cache-hits: 3, 148
content-encoding: gzip
content-length: 379
x-served-by: cache-bwi5168-BWI, cache-fra19183-FRA
last-modified: Tue, 24 Mar 2020 18:20:46 GMT
server: UploadServer
x-timer: S1613656216.281228,VS0,VE0
etag: "f5319f8c0ee8b7b51a82a3c927ca9db4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 08:22:08 GMT

GET
H2 200 simple-liking-2207ca46fc8e98609572b-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 6 KB
3 KB 29ms
29ms Script
text/javascript 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/simple-liking-2207ca46fc8e98609572b-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fc217c5cf4c02c4635ff26750684b6cd99f611a5aa87648798a40ba674f08096

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 140770
x-cache: HIT, HIT
x-cache-hits: 2, 119
content-encoding: gzip
content-length: 2505
x-served-by: cache-bwi5139-BWI, cache-fra19183-FRA
last-modified: Tue, 16 Feb 2021 20:48:16 GMT
server: UploadServer
x-timer: S1613656216.281226,VS0,VE0
etag: "569fcfc72608b8c8aa8e8fc5b322ff0d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 22:44:07 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-fce1ecd97ff38813b9cf9-min.en-US.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c36350f6c982d33d95c10d63caa9495fd0579f6131abbf068254a3247649b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Feb 2021 13:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6474
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 18 Feb 2021 13:50:16 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6E60 12 KB
5 KB 38ms
22ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 18 Feb 2021 13:11:39 GMT
expires: Fri, 18 Feb 2022 13:11:39 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2317
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E60 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 10:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 12658
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 10:19:18 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 43ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=3701639610603977&bg=!Z2SlZCfNAAXRs2QT0TsAKQB2-DxarlvVN6JyS26kQmCAmGf4i5u3zWxDZxBLYpVE6V9nmIGsYzt_AgAAADRSAAAADGgBBwoBFGR2Mh3APSRGCUkgWGtkhA_gONYhQ2igw92RMS1VyMbpwbWgikF1pgs1UEeC1EVJ4ilo3usfGOmQWOHuZE7LBqcUOmopJsG8sONOPYLDKLcQwceZRMRnAqeHt5NhzoG7Hb73twXw53EsLMyHjmaNOmmIqYwP0YkhBNOidcn-0kd5tyUY6cXlKEfk1FXtxVn6HRJ1fBdMD44ElvbWuMolTjXSytkE72q39HrVp0jZIW8nPOuDyCvUfBqZPyhn8e2vXqcI11v2MvoqwIeJ35j3gO2NNylnHP0-OI3yntmes1iMzje-qb09pIQe77YyncbBABSG_X8NU0BPRAt-1aki6RA9tiebS4B3gU8AWzkpaQthHAvGk5kB6ZObI3gEAXCDnhGEJcG9I2yTOYvGd6_q5BgFRTzpwRK8gAhrtKAhIZaUs2tQfHbyOMbGzlcNqaNivX6vjrahrIf-5yWIwK0MgI9AW7vIRuI6qhUzuqy65wW0VSZEW8JQHgLEj7L5hAxCe_9z8LGJT3Ezi2oMDKs7ZvL9TPTBKnLhDIATS0s2rbeoQ_mf2RcZBnmfGNahxxCjSofq_tHJ2mOqG5bLiBKOaPvf7UXW6DjoMMLYxACn6GJrjTEGnFlSEyMWBxppUpW28xEIh8MqKvzpvyJw4p3syolAqL_m71oGkpiNu65uVxd1QyiMKv0jGlyDZzCwBFx4LvwaoNt-4FeuzZBxrkLyktc2mTS-j1IGQZk3PAZEPZ3BSDbJDmPi9VR1AnpN84Ng5p7um5luNh-YK1HIA-2PSSWjDgiY6xP0IMKO3H7BTe3otmJ5SK_JilLx5X2f5yM_lXQJazHUcLivj_aW3lfyAlY2QrhdAkgUjrLuSXMr85oI2pNGbZMq3iiIbhcgVl6lf3SZ8XpnGCTypxYyXS-m5w0ewbko6_OFMBuGLYn6gya6u6wZ0hyc9jBJS0EqNciasC98xSWY2ZLoHzE6M4zlIyXBGNfEe73Ge6M94k-DnoLmPmBsQOy5YKgftopybw9Qfg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 13:50:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GetTemplateSchema Show response
www.darkoperator.com/api/template/ 7 KB
2 KB 121ms
120ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkoperator.com/api/template/GetTemplateSchema?crumb=BQqJyL6R5FSoZTBmNWYwNmQxNjBjZTI3YzM2MDA3OTM5YTAyYmVh&type=16

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-fce1ecd97ff38813b9cf9-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

d45ee6c14a1bf11b94b54903e9defa0d607e080a33004604367eaf49ecf20e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding, User-Agent
content-type: application/json;charset=utf-8
x-contextid: mI68xncf/LBMuC2rX
strict-transport-security: max-age=0
content-length: 1926

GET
H2 200 GetComments Show response
www.darkoperator.com/api/comment/ 3 KB
1 KB 143ms
143ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkoperator.com/api/comment/GetComments?crumb=BQqJyL6R5FSoZTBmNWYwNmQxNjBjZTI3YzM2MDA3OTM5YTAyYmVh&targetId=59e26dbdbce176ff8ed2baa2&targetType=1&since=&page=1&sortBy=2

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-fce1ecd97ff38813b9cf9-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

394dbe265aae81c5517aa90fb01c41dae70b71ad0f913eb21afdd6cdcc6bdb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Thu, 18 Feb 2021 13:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
etag: W/"112c39bca98d763b2498088fcee6af79--gzip"
vary: Accept-Encoding, User-Agent
content-type: application/json;charset=utf-8
x-contextid: mI68xncf/teliUEXh
access-control-allow-credentials: true
strict-transport-security: max-age=0
content-length: 945
expires: 0

GET
H2 200 icon_flag_12_light.png
assets.squarespace.com/universal/images-v6/comments/ 179 B
418 B 30ms
29ms Image
image/png 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.squarespace.com/universal/images-v6/comments/icon_flag_12_light.png
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/styles-compressed/comments-f794dccd3bb871fc0cbc0bb7ad024168-min.en-US.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 617d7bc0f624780d8af08c523469d449d41b220b5fb8bf59f01ed1363c7f358d

Request headers

Referer: https://assets.squarespace.com/universal/styles-compressed/comments-f794dccd3bb871fc0cbc0bb7ad024168-min.en-US.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 5439063
x-cache: HIT, HIT
x-cache-hits: 3, 65
content-length: 179
x-served-by: cache-bwi5138-BWI, cache-fra19183-FRA
last-modified: Wed, 17 Apr 2019 22:27:58 GMT
server: UploadServer
x-timer: S1613656217.281714,VS0,VE0
etag: W/"264651ab5484b986688fde0c617e175b"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
warning: 214 UploadServer gunzipped
accept-ranges: bytes
expires: Fri, 17 Dec 2021 14:59:13 GMT

GET
H2 200 icon_like_12_light.png
assets.squarespace.com/universal/images-v6/comments/ 222 B
488 B 31ms
31ms Image
image/png 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.squarespace.com/universal/images-v6/comments/icon_like_12_light.png
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/styles-compressed/comments-f794dccd3bb871fc0cbc0bb7ad024168-min.en-US.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2097d521b95079dd6731215b191eae655833658f5e26a30ea2e21ccbdf0b1cef

Request headers

Referer: https://assets.squarespace.com/universal/styles-compressed/comments-f794dccd3bb871fc0cbc0bb7ad024168-min.en-US.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 5339696
x-cache: HIT, HIT
x-cache-hits: 3, 140
content-length: 222
x-served-by: cache-bwi5149-BWI, cache-fra19183-FRA
last-modified: Wed, 17 Apr 2019 22:27:59 GMT
server: UploadServer
x-timer: S1613656217.281779,VS0,VE0
etag: W/"4e9b728718d41645eb8532ba43b9fb53"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
warning: 214 UploadServer gunzipped
accept-ranges: bytes
expires: Sat, 18 Dec 2021 18:35:21 GMT

GET
H2 200 icon_reply_12_light.png
assets.squarespace.com/universal/images-v6/comments/ 244 B
413 B 31ms
30ms Image
image/png 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.squarespace.com/universal/images-v6/comments/icon_reply_12_light.png
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/styles-compressed/comments-f794dccd3bb871fc0cbc0bb7ad024168-min.en-US.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b3094f984afb687fe50957957c401e34cdcbf7355bdcb85282d9559ed3bbed1a

Request headers

Referer: https://assets.squarespace.com/universal/styles-compressed/comments-f794dccd3bb871fc0cbc0bb7ad024168-min.en-US.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 2067186
x-cache: HIT, HIT
x-cache-hits: 1, 25
content-length: 244
x-served-by: cache-bwi5129-BWI, cache-fra19183-FRA
last-modified: Wed, 17 Apr 2019 22:28:02 GMT
server: UploadServer
x-timer: S1613656217.281699,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 15:37:10 GMT

GET
H2 200 GetLikesFlags Show response
www.darkoperator.com/api/comment/ 27 B
90 B 125ms
124ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkoperator.com/api/comment/GetLikesFlags?crumb=BQqJyL6R5FSoZTBmNWYwNmQxNjBjZTI3YzM2MDA3OTM5YTAyYmVh&ids=5ef3c2c194f41f6fccfcaaf7&ids=5c84f7f24785d32088c38e56&ids=5c88e026fa0d606a8024aa02

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-fce1ecd97ff38813b9cf9-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

b0d84092cc83ebe580a80d98883bf845f873c4e80d32c6abea7e0daf06e26780

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 18 Feb 2021 13:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding, User-Agent
content-type: application/json;charset=utf-8
x-contextid: mI68xncf/bpW6Mu9g
access-control-allow-credentials: true
strict-transport-security: max-age=0
content-length: 41

GET
H2 200 default-avatar.png
assets.squarespace.com/universal/images-v6/ 3 KB
4 KB 30ms
30ms Image
image/png 151.101.12.237
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.squarespace.com/universal/images-v6/default-avatar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.12.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 24e48c1ac60e01d2b5d599eb94b8dec532860faac6597b4521a1571c695676a9

Request headers

Referer: https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 13:50:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 1839156
x-cache: HIT, HIT
x-cache-hits: 1, 24
content-length: 3481
x-served-by: cache-bwi5147-BWI, cache-fra19183-FRA
last-modified: Wed, 17 Apr 2019 22:28:01 GMT
server: UploadServer
x-timer: S1613656217.282201,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 06:57:41 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.darkoperator.com/	1970-01-19 16:14:18	Name: ss_cvisit Value: 1613656215883
www.darkoperator.com/	1970-01-20 09:45:28	Name: ss_cid Value: 31c9415f-5432-47ea-9148-39183da5402d
.doubleclick.net/	1970-01-19 16:14:17	Name: test_cookie Value: CheckForPermission
.darkoperator.com/	1970-01-19 16:14:16	Name: _gat Value: 1
www.darkoperator.com/	1970-01-20 09:45:28	Name: ss_cvr Value: 688d47f4-c221-456b-8197-78237fa51b39\|1613656215797\|1613656215797\|1613656215797\|1
.darkoperator.com/	1970-01-19 16:15:42	Name: _gid Value: GA1.2.2063482801.1613656216
www.darkoperator.com/	1970-01-20 09:45:28	Name: ss_cpvisit Value: 1613656215883
.darkoperator.com/	1970-01-20 09:45:28	Name: _ga Value: GA1.2.861942735.1613656216
www.darkoperator.com/	1970-01-19 16:14:18	Name: ss_cvt Value: 1613656215797
.darkoperator.com/	1970-01-20 01:35:52	Name: __gads Value: ID=f6d402d67f52045b-22880788cda600da:T=1613656216:RT=1613656216:S=ALNI_MaDuNpFufQm3kWRbc_4Y8DsGg_X2A
www.darkoperator.com/	1969-12-31 23:59:59	Name: crumb Value: BQqJyL6R5FSoZTBmNWYwNmQxNjBjZTI3YzM2MDA3OTM5YTAyYmVh

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-cldr_resource_pack
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-common_vendors
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-performance
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-7fc90c832f0c9e9591975-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-management

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
assets.squarespace.com
carlos-perez-3jaw.squarespace.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.squarespace-cdn.com
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
static1.squarespace.com
tpc.googlesyndication.com
use.typekit.net
www.darkoperator.com
www.google-analytics.com
www.googletagservices.com
142.250.186.34
151.101.112.238
151.101.12.237
151.101.12.238
198.185.159.177
198.49.23.144
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2003
2a02:26f0:6c00::210:ba2a
2a02:26f0:7100:295::19fd
02d7123d215b023c34334a2682bcaf0e88aa139faa4cd77a76f1b08755f6bc0c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
080f4a8eb9b448d7f6ce9a3a9d655bfa77cde5e91bbbdbf7ccf9a94db5ffad20
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
1760c2d4906672c83e6791f920c78c2ba0fae22b1075e80c60f9022338ecde49
2097d521b95079dd6731215b191eae655833658f5e26a30ea2e21ccbdf0b1cef
24e48c1ac60e01d2b5d599eb94b8dec532860faac6597b4521a1571c695676a9
25568e4665a2e6e9114c843a7c1667f1984e75439d80169bc649dd405b443c50
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2e7155833c6617404acf8abb8e48f76bc1bff361860773a9e415df10434225c9
3943cf6dd5586e5b0a45f26c05e41514ed4eb747b131ad544471192ba0f58de3
394dbe265aae81c5517aa90fb01c41dae70b71ad0f913eb21afdd6cdcc6bdb22
42fcf1489dac2bdf4dfa316b50c2f6e6d133185d80477b2e883001a1b5757456
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
49ea35b561bc45155317a97c2baa519a0ad2c18c1e5eec0175d641097288b167
4a2c81d61546843a787489a4133b7c4cdd2b43883370024696c81c7022da7a0b
4a54eb26c7ebba01507bd1d00e02d5e15bf033dfb6589976b1c8a558cd7eb9c9
4bd01181f7a12d57835448722bd207d01bf15484e9c676e186269edca3200422
4c2536979555e40b739d742d722d84ac0f2fc5c0911ab833773008b781411d54
4c36350f6c982d33d95c10d63caa9495fd0579f6131abbf068254a3247649b72
4f88e7b4b4a8c06706e780238a38e2273b8f9057c81bdee122d52b0f0e76dc9b
514d717d621979be6b46d50995c893167011283636cfb49c82beefd822d23eee
5467a516ced46db914dbdbf050c149a3009f072c924ef2628c76f23188629703
557c7eff7e290be0c9ba43c9992a9a53511608560c9e1c23efc05851e186a2a7
56fde094ef7ea6ece05cbd9f1745e7ceeef3f49db1de5762dffff8394b9f9116
57802df57e29d3eff2f13893b3bdf23d763a9df895e1c151c93819b97e495efe
5c76c1194cff752f3d0fa5236f005277b36c5401e456dddd546b23e11806be66
5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52
617d7bc0f624780d8af08c523469d449d41b220b5fb8bf59f01ed1363c7f358d
6cb874827be78055acc59ae47f7c51144c81c7d158de9ad1d1915f993e0c6166
70b8cef61d1557e2e1d63aed207d20fce65b0e1fbafe4c1cdedc1b5e08572b99
75e06239c1162d898e73e1e16c68b953016562a57173d2896397d4a4dc1cc470
76ae7074d6b734cbe6fafe10f49edaf3fe52bff24d5dbb51a0b62c3ae2ebd37c
86b2ae6da11df465dbe98bd663b06201235a574c36740b08fa56deef8ad4281a
8c72933a702139bd7420fb907086aa954a8bf730b62092b27cd71dae849d87ac
8fbd1ca34d18e1bac26d30ddc716d06af1c273f983bc955521dde5ad8be43054
991016e1d94f059c34830797e4a19ee6e3a6f3afd59c059238f29ca60baeebc3
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d584e93431d504916b367221ef2e4b83e8742383d9f1f70359fe82a4c483e5c
9efd130319b18a518e3634e65f98ec578ee9e8138dd14ca0567bbd3d7d4fe174
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
aaf25cbe0ca496b38d5c47ff68015b0b607f1ea7802964116004850956f5dad7
b0d84092cc83ebe580a80d98883bf845f873c4e80d32c6abea7e0daf06e26780
b3094f984afb687fe50957957c401e34cdcbf7355bdcb85282d9559ed3bbed1a
b4d0dc33c8e0869dd139e1644e4411ae2552b74d623fce2fa75229a6387cbd9f
b6748eaaa4c5bfb43a9591d6cf2dde21ef1896830cdf632ce6eb8f403326099b
b980267ac2254ef534bfe32055489ed677d461077b37f2ee62bf7b5fc4f7362f
c105e92e6d74d51c6452e1a43eebcfc303d88f98aed8c41c8c63b26f5793adca
d028eb23e7ed206cf214fdc884ccc677f296948a5499b3a8f6e28895cff70294
d45ee6c14a1bf11b94b54903e9defa0d607e080a33004604367eaf49ecf20e04
d62e7c276b48ff7d89a1bb0ae5781d4875fcc1368c8817217a18a6473654cf1a
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daafcf5b1d4b5b3bd4f0c6df3045dcca98a5b4776ee7567e803dbb48bb656b1f
dfab1ca3e1d422591eded5496cdbdb618f87290065e038bb932f8767d2221312
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f28dd61b09a81f60bf0ad313a27e13c2aabc0fe74d6abbac9cb3c3565c5d9f1f
f75bf53416d2f37a4c7c4385760525531c89a8db70942fd8219d95c42ff4894d
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
fc217c5cf4c02c4635ff26750684b6cd99f611a5aa87648798a40ba674f08096
ffc5e3a95c6fc9a870b726347a1a74e0edf7761902913590e53ed496e3e31e92

www.darkoperator.com Open in urlscan Pro 198.49.23.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

60 %IPv6

13 Domains

17 Subdomains

15 IPs

2 Countries

2571 kBTransfer

7206 kBSize

11 Cookies

4 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.darkoperator.com Open in urlscan Pro
198.49.23.144 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

60 %
IPv6

13
Domains

17
Subdomains

15
IPs

2
Countries

2571 kB
Transfer

7206 kB
Size

11
Cookies

66 HTTP transactions
0 data transactions