www.4mark.net Open in urlscan Pro
5.175.5.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://4mark.net/
Effective URL:
http://www.4mark.net/
Submission: On February 24 via manual (February 24th 2021, 4:33:51 pm UTC) from US

Summary HTTP 104 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 25 domains to perform 104 HTTP transactions. The main IP is 5.175.5.64, located in Strasbourg, France and belongs to GODADDY, DE. The main domain is www.4mark.net.

This is the only time www.4mark.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	5.175.5.64 5.175.5.64	20773 (GODADDY) (GODADDY)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:a200:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.0.235.51 162.0.235.51	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	192.96.215.41 192.96.215.41	12129 (123NET) (123NET)
1	2a01:4f8:d0a:... 2a01:4f8:d0a:10c3::2	24940 (HETZNER-AS) (HETZNER-AS)
1 2	54.164.22.162 54.164.22.162	14618 (AMAZON-AES) (AMAZON-AES)
1	44.239.154.121 44.239.154.121	16509 (AMAZON-02) (AMAZON-02)
1	46.166.142.243 46.166.142.243	43350 (NFORCE) (NFORCE)
1	104.207.246.243 104.207.246.243	36444 (NEXCESS-NET) (NEXCESS-NET)
1	193.219.76.6 193.219.76.6	2847 (LITNET) (LITNET)
1	216.83.138.146 216.83.138.146	5048 (FIBER) (FIBER)
1	5.175.3.206 5.175.3.206	20773 (GODADDY) (GODADDY)
2 3	35.209.91.240 35.209.91.240	15169 (GOOGLE) (GOOGLE)
1	148.66.136.151 148.66.136.151	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2606:4700:303... 2606:4700:3035::ac43:af3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
10	2600:9000:20e... 2600:9000:20eb:a600:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:800:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	52.58.221.124 52.58.221.124	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
104	33

22 5.175.5.64 (Strasbourg, France) 1 redirects

ASN20773 (GODADDY, DE)
PTR: vs235095.vs.hosteurope.de

4mark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.4mark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:a200:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.235.51 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business81-1.web-hosting.com

bestsleepshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.96.215.41 (United States)

ASN12129 (123NET, US)

prsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:d0a:10c3::2 (Germany)

ASN24940 (HETZNER-AS, DE)

onlinecprtrainingusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.164.22.162 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-22-162.compute-1.amazonaws.com

public.sitejot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.154.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-154-121.us-west-2.compute.amazonaws.com

www.databridgemarketresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.166.142.243 (Netherlands)

ASN43350 (NFORCE, NL)

sendvid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.207.246.243 (United States)

ASN36444 (NEXCESS-NET, US)
PTR: savvysearchmarketing.com

spautopia.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.219.76.6 (Kaunas, Lithuania)

ASN2847 (LITNET, LT)
PTR: www.ku.lt

www.ku.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.83.138.146 (Orem, United States)

ASN5048 (FIBER, US)
PTR: host-146.pl1071614-1-srv.fiber.net

www.wagslandscape.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.175.3.206 (Strasbourg, France)

ASN20773 (GODADDY, DE)
PTR: vs226095.vs.hosteurope.de

www.posts123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.209.91.240 (Council Bluffs, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 240.91.209.35.bc.googleusercontent.com

www.mariettaroofcontractors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mariettaroofcontractors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.66.136.151 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

www.kellytechno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:af3d (United States)

ASN13335 (CLOUDFLARENET, US)

wolftopchoiceappliancerepair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:20eb:a600:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:800:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.221.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	4mark.net 1 redirects 4mark.net www.4mark.net	696 KB
17	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	257 KB
13	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	44 KB
13	google.com 1 redirects cse.google.com www.google.com clients1.google.com adservice.google.com	172 KB
13	sharethis.com w.sharethis.com ws.sharethis.com l.sharethis.com	92 KB
6	gstatic.com fonts.gstatic.com	47 KB
3	google.de www.google.de adservice.google.de	2 KB
3	mariettaroofcontractors.com 2 redirects www.mariettaroofcontractors.com mariettaroofcontractors.com	502 B
2	googletagservices.com www.googletagservices.com	60 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	sitejot.com 1 redirects public.sitejot.com	248 B
1	googleadservices.com partner.googleadservices.com	638 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	wolftopchoiceappliancerepair.com wolftopchoiceappliancerepair.com	2 KB
1	kellytechno.com www.kellytechno.com	16 KB
1	posts123.com www.posts123.com	2 KB
1	wagslandscape.com www.wagslandscape.com	9 KB
1	ku.lt www.ku.lt	16 KB
1	spautopia.ca spautopia.ca	19 KB
1	sendvid.com sendvid.com
1	databridgemarketresearch.com www.databridgemarketresearch.com	21 KB
1	onlinecprtrainingusa.com onlinecprtrainingusa.com	113 KB
1	prsync.com prsync.com	2 KB
1	bestsleepshop.com bestsleepshop.com	31 KB
1	googleapis.com fonts.googleapis.com	1 KB
104	25

	Domain	Requested by
21	www.4mark.net	www.4mark.net
10	tpc.googlesyndication.com	www.4mark.net googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.4mark.net googleads.g.doubleclick.net
10	ws.sharethis.com	w.sharethis.com ws.sharethis.com www.4mark.net
8	www.google.com	1 redirects cse.google.com www.4mark.net www.google.com googleads.g.doubleclick.net
7	pagead2.googlesyndication.com	www.4mark.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	l.sharethis.com	w.sharethis.com www.4mark.net
2	www.google-analytics.com	www.4mark.net www.google-analytics.com
2	cse.google.com	www.4mark.net www.google.com
2	www.mariettaroofcontractors.com	2 redirects
2	public.sitejot.com	1 redirects www.4mark.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com	www.4mark.net
1	www.google.de	www.4mark.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.sharethis.mgr.consensu.org	w.sharethis.com
1	wolftopchoiceappliancerepair.com	www.4mark.net
1	www.kellytechno.com	www.4mark.net
1	mariettaroofcontractors.com	www.4mark.net
1	www.posts123.com	www.4mark.net
1	www.wagslandscape.com	www.4mark.net
1	www.ku.lt	www.4mark.net
1	spautopia.ca	www.4mark.net
1	sendvid.com	www.4mark.net
1	www.databridgemarketresearch.com	www.4mark.net
1	onlinecprtrainingusa.com	www.4mark.net
1	prsync.com	www.4mark.net
1	bestsleepshop.com	www.4mark.net
1	w.sharethis.com	www.4mark.net
1	fonts.googleapis.com	www.4mark.net
1	4mark.net	1 redirects
104	36

This site contains links to these domains. Also see Links.

Domain
bestsleepshop.com
prsync.com
onlinecprtrainingusa.com
public.sitejot.com
www.databridgemarketresearch.com
www.beacon-bookmarks.win
sendvid.com
spautopia.ca
www.ku.lt
www.wagslandscape.com
www.posts123.com
www.mariettaroofcontractors.com
www.inter-bookmarks.win

Subject Issuer	Validity	Valid
bestsleepshop.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-24` - `2021-11-24`	a year	crt.sh
onlinecprtrainingusa.com R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
public.sitejot.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
databridgemarketresearch.com Amazon	`2020-06-07` - `2021-07-07`	a year	crt.sh
*.sendvid.com GoGetSSL RSA DV CA	`2020-11-13` - `2021-11-13`	a year	crt.sh
spautopia.ca Sectigo RSA Domain Validation Secure Server CA	`2020-07-03` - `2021-08-02`	a year	crt.sh
www.ku.lt GEANT OV RSA CA 4	`2020-10-20` - `2021-10-20`	a year	crt.sh
wagslandscape.com Starfield Secure Certificate Authority - G2	`2020-07-22` - `2021-09-20`	a year	crt.sh
www.posts123.com R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh
mariettaroofcontractors.com R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
kellytechno.com Go Daddy Secure Certificate Authority - G2	`2020-06-25` - `2022-08-25`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-23` - `2022-02-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://www.4mark.net/
Frame ID: 17715BC7FCFB56FC34493B18AF070A7D
Requests: 75 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 5A1957C22805FAC4506AC45770BC4EA0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210222/r20190131/zrt_lookup.html
Frame ID: 6424E58746292C2C5B206A172DBF3899
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1614184412&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.4mark.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614184412275&bpp=25&bdt=465&idt=98&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1411683334999&frm=20&pv=2&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=116
Frame ID: D832873C8FF21F501A8EEAAB6DA5A129
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=1776016447&pi=t.aa~a.3169347946~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=3&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rBI9IXtPjj&p=http%3A//www.4mark.net&dtd=29
Frame ID: 42CFFE53CCBF090540B42F3E53827010
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=2682617240&pi=t.aa~a.3169404929~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=2344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GhGUPlz7M1&p=http%3A//www.4mark.net&dtd=35
Frame ID: F73EEF994750335830C008A0E39F07B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
Frame ID: 57F3E65E3C9DAA9B3296FCAA47530F05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=2223202048&pi=t.aa~a.3169408088~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C263x600&nras=5&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=3778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=n89GgtmoXO&p=http%3A//www.4mark.net&dtd=42
Frame ID: CF7C8A0BC3911BB8B7A496BF6BD8ED8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=1830253184&pi=t.aa~a.2523598066~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=1&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C263x600%2C1140x280&nras=6&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=4078&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=6odLQW0iFi&p=http%3A//www.4mark.net&dtd=46
Frame ID: C4018802E4A6ACDAB7FB19223078A1DA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html
Frame ID: 8A12C898BED9BBC84003790BF3FC207A
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CNyjucT5gu8CFT7kuwgddpgCrA;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3722205002;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 46555455BB7582BF62BFB67DF87C2CCC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D0046C5FD9127384EEBCE23A5843D059
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 25148630E44DA5CE4ED6BF623D1581D2
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: D07C812A6D9A67D71B358B769C01950D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://4mark.net/ HTTP 301
http://www.4mark.net/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

104
Requests

68 %
HTTPS

53 %
IPv6

25
Domains

36
Subdomains

33
IPs

7
Countries

1621 kB
Transfer

3444 kB
Size

6
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://bestsleepshop.com/best-mattress-topper-for-side-sleepers/

Search URL Search Domain Scan URL

URL: http://prsync.com/virtue-skin-clinics/virtue-skin-clinic-presents-the-best-hair--skin-care-specialist-3373468/

Search URL Search Domain Scan URL

URL: https://onlinecprtrainingusa.com/courses/cpr-training/

Search URL Search Domain Scan URL

URL: http://public.sitejot.com/margoriep76.html

Search URL Search Domain Scan URL

URL: https://www.databridgemarketresearch.com/reports/global-plasma-feed-market

Search URL Search Domain Scan URL

URL: https://www.beacon-bookmarks.win/phuong-phap-de-nen-xem-ai-vao-facebook-cua-minh-nhieu-lua-chon-nhat

Search URL Search Domain Scan URL

URL: https://sendvid.com/zaskresr

Search URL Search Domain Scan URL

URL: https://spautopia.ca/contact-us/pan-pacific-vancouver/

Search URL Search Domain Scan URL

URL: https://www.databridgemarketresearch.com/reports/global-chicory-market

Search URL Search Domain Scan URL

URL: https://www.ku.lt/vipanetwork/index.php/community/profile/123movies-watch-online-2021/

Search URL Search Domain Scan URL

URL: https://www.wagslandscape.com/

Search URL Search Domain Scan URL

URL: https://www.posts123.com/post/1349654/koihiovaojiohger

Search URL Search Domain Scan URL

URL: http://www.mariettaroofcontractors.com/

Search URL Search Domain Scan URL

URL: https://www.inter-bookmarks.win/5-phan-mem-chuyen-pdf-sang-word-khong-loi-font-thap-nhat

Search URL Search Domain Scan URL

URL: https://www.databridgemarketresearch.com/reports/global-organic-fruits-and-vegetables-market

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://4mark.net/ HTTP 301
http://www.4mark.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://public.sitejot.com/margoriep76.html HTTP 301
https://public.sitejot.com/margoriep76.html

Request Chain 21

http://www.mariettaroofcontractors.com/ HTTP 301
https://www.mariettaroofcontractors.com/ HTTP 301
https://mariettaroofcontractors.com/

Request Chain 43

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 80

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3722205002;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CNyjucT5gu8CFT7kuwgddpgCrA;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3722205002;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

104 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.4mark.net/
Redirect Chain

http://4mark.net/
http://www.4mark.net/

73 KB
18 KB

166ms
149ms

Document
text/html

5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 95db4cb166cef400cd73d96929f823754ec79523c1722af589b60faeb58a7aff

Request headers

Host: www.4mark.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Length: 17831

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: http://www.4mark.net/
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Length: 144

GET
H/1.1 200
OK css
fonts.googleapis.com/ 10 KB
1 KB 22ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

142b082ce04daeef49f57c440e34629f45cfda8e3d20665fabc701075904b8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Feb 2021 16:33:31 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 24 Feb 2021 16:33:31 GMT

GET
H/1.1 200
OK bootstrap.css
www.4mark.net/css/ 118 KB
26 KB 31ms
29ms Stylesheet
text/css 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/bootstrap.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0e430441e9833f9e3b9219b4837068670afbb50171678365b95f45de9291b632

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "bb8f5bc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 26754

GET
H/1.1 200
OK normalize.min.css
www.4mark.net/css/ 2 KB
2 KB 54ms
38ms Stylesheet
text/css 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/normalize.min.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3822b897f1eb08ba5e7afa130a0866d2616b80db9de763b21bc555c4aec1d52d

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "98f25dc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1361

GET
H/1.1 200
OK font-awesome.min.css
www.4mark.net/css/ 165 KB
79 KB 62ms
46ms Stylesheet
text/css 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/font-awesome.min.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8c07db0f8c47b64b9ff91a2201556577db2737e2db7f0b0b4f1cbe5920a03a81

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "98f25dc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK animate.css
www.4mark.net/css/ 57 KB
8 KB 55ms
38ms Stylesheet
text/css 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/animate.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b7f115b1794b5c090c8632d5abe2a32bf54a0c4e0845eeb7b6e41ddd45bbced9

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "bb8f5bc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 8196

GET
H/1.1 200
OK templatemo-misc.css
www.4mark.net/css/ 2 KB
999 B 54ms
38ms Stylesheet
text/css 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/templatemo-misc.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 59433eae456916d07b9af106cd6e5a39e9ca36b2e23e3836c4557e33a8476a56

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "8e5460c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 676

GET
H/1.1 200
OK templatemo-style.css
www.4mark.net/css/ 19 KB
5 KB 54ms
38ms Stylesheet
text/css 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/templatemo-style.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3f2edf41a656bd4427e323267e8e4ffed4eb9005b2496152a2b38297bd9c3c99

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "8e5460c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 4858

GET
H/1.1 200
OK modernizr-2.6.2.min.js Show response
www.4mark.net/js/vendor/ 15 KB
8 KB 68ms
28ms Script
application/javascript 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/vendor/modernizr-2.6.2.min.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "88408bc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 7483

GET
H/1.1 200
OK buttons.js Show response
w.sharethis.com/button/ 59 KB
17 KB 17ms
10ms Script
application/javascript 2600:9000:20eb:a200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w.sharethis.com/button/buttons.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:a200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 23:10:10 GMT
Content-Encoding: gzip
Age: 149001
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16639
Server: nginx/1.16.1
ETag: W/"60256fd0-eabe"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
Cache-Control: max-age=259200
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: V6vfrR_EZEysNd8907sj2A83YaCHU8qlQnuAp86oZUEOgloTJYGNug==
Expires: Thu, 25 Feb 2021 23:10:10 GMT

GET
H/1.1 200
OK logo.gif
www.4mark.net/images/ 48 KB
48 KB 28ms
25ms Image
image/gif 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/logo.gif
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1e10af313c557dc0079253e5a343699e49106acfe441fe006c742c1b0ce51a0d

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2dcb75c8e4ed31:0"
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 48661

GET
H/1.1 200
OK banner.jpg
www.4mark.net/images/ 355 KB
355 KB 29ms
27ms Image
image/jpeg 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/banner.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 19497b38c6f7b622f3a476adb7df833ec65c8dbf078f6f5f787f5030dcc36189

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b0a36ec8e4ed31:0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 363692

GET
H2 200 best-mattress-topper-for-side-slepers.jpg
bestsleepshop.com/wp-content/uploads/2020/06/ 31 KB
31 KB 603ms
292ms Image
image/jpeg 162.0.235.51
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bestsleepshop.com/wp-content/uploads/2020/06/best-mattress-topper-for-side-slepers.jpg

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.235.51 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business81-1.web-hosting.com

Software

Apache /

Resource Hash

e6a422d517490c7e2fb0abd3afbe162f1f33b38323f7fa282ba1d1d0fb228ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:32 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Nov 2020 09:05:34 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=10368000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 31542
x-content-type-options: nosniff
expires: Thu, 24 Jun 2021 16:33:32 GMT

GET
H/1.1 200
OK logo.gif
prsync.com/images/v2/ 2 KB
2 KB 226ms
209ms Image
image/gif 192.96.215.41
123NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://prsync.com/images/v2/logo.gif
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 192.96.215.41 , United States, ASN12129 (123NET, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0c515d932e4a69f2802c6f256112f914e0571f398be0b67d3b164b10b7516c87

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Wed, 24 Feb 2021 16:33:32 GMT
Last-Modified: Tue, 13 Jun 2017 11:34:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "a54a841239e4d21:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 1812

GET
H2 200 ops.cpr1_-1024x768-1.jpg
onlinecprtrainingusa.com/wp-content/uploads/2020/02/ 112 KB
113 KB 28ms
3ms Image
image/jpeg 2a01:4f8:d0a:10c3::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinecprtrainingusa.com/wp-content/uploads/2020/02/ops.cpr1_-1024x768-1.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:10c3::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: f6fd3474bfcb18c1b28760105a59d1206fd0234ea9ed6eac5dce742ae91c9918

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:31 GMT
last-modified: Fri, 04 Dec 2020 22:58:07 GMT
server: Apache
accept-ranges: bytes
etag: "1c04f-5b5ab68e5d54c"
content-length: 114767
content-type: image/jpeg

GET
H/1.1

200
OK

margoriep76.html
public.sitejot.com/
Redirect Chain

http://public.sitejot.com/margoriep76.html
https://public.sitejot.com/margoriep76.html

0
0

414ms
191ms

Image
text/html

54.164.22.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.sitejot.com/margoriep76.html
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.22.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-22-162.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://public.sitejot.com/margoriep76.html
Date: Wed, 24 Feb 2021 16:33:32 GMT
Via: 1.1 vegur
Server: Apache
Connection: keep-alive
Content-Length: 251
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 logo.png
www.databridgemarketresearch.com/assets/images/ 21 KB
21 KB 688ms
329ms Image
image/png 44.239.154.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.databridgemarketresearch.com/assets/images/logo.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.154.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-154-121.us-west-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 1efd80054562eaeec7055e5a68e6fc1752a794c8350185f4871343263f11b529

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:32 GMT
last-modified: Fri, 23 Nov 2018 17:28:14 GMT
server: Kestrel
etag: "1d48351e9e09911"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21009

GET
H/1.1 200
OK zaskresr
sendvid.com/ 0
0 138ms
80ms Image
text/html 46.166.142.243
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendvid.com/zaskresr
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.166.142.243 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK spa-utopia-logo.jpg
spautopia.ca/wp-content/uploads/ 18 KB
19 KB 657ms
117ms Image
image/jpeg 104.207.246.243
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spautopia.ca/wp-content/uploads/spa-utopia-logo.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.207.246.243 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: savvysearchmarketing.com
Software: Apache /
Resource Hash: 7caa89a9846fa654f10eb726db480569b65d3e7489d5f1a7f6970abab0b26bf8

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:32 GMT
Last-Modified: Tue, 30 Apr 2019 21:48:48 GMT
Server: Apache
ETag: "4963-587c65da63000"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18787

GET
H/1.1 200
OK vipa_logo.png
www.ku.lt/vipanetwork/wp-content/themes/ku_vipa/media/images/ 15 KB
16 KB 217ms
59ms Image
image/png 193.219.76.6
LITNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ku.lt/vipanetwork/wp-content/themes/ku_vipa/media/images/vipa_logo.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.219.76.6 Kaunas, Lithuania, ASN2847 (LITNET, LT),
Reverse DNS: www.ku.lt
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/7.2.34 /
Resource Hash: 17e00fdfbf0ce57c677a5013e40948f057ee44c6166c1e337f784a879ecb0171

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:32 GMT
Last-Modified: Wed, 09 Jan 2019 12:00:41 GMT
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.0.2u-freebsd PHP/7.2.34
ETag: "3d58-57f0535ffba93"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15704

GET
H2 200 a36fd29f-59f9-4c86-bff7-ac56f651042e
www.wagslandscape.com/file/ 9 KB
9 KB 744ms
149ms Image
image/png 216.83.138.146
FIBER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wagslandscape.com/file/a36fd29f-59f9-4c86-bff7-ac56f651042e
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.83.138.146 Orem, United States, ASN5048 (FIBER, US),
Reverse DNS: host-146.pl1071614-1-srv.fiber.net
Software: /
Resource Hash: 83c375fbf8f78828954ceeba825f7775feab5afc7f792b1f8ef57fcd9b4e840e

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:33:32 GMT
x-titanium-version: 3.3B
content-type: image/png
cache-control: no-cache
content-disposition: inline;filename=logo.png
content-length: 8740
expires: -1

GET
H/1.1 200
OK no-photo.jpg
www.posts123.com/images/ 1 KB
2 KB 156ms
25ms Image
image/jpeg 5.175.3.206
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.posts123.com/images/no-photo.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 5.175.3.206 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 93eecd05275c8a2511850e68ee31978b955f9b3685124433e5a53c939d506c96

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:50 GMT
Last-Modified: Thu, 12 Mar 2020 17:40:44 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6377ab5b95f8d51:0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1494

GET
H2

200

/
mariettaroofcontractors.com/
Redirect Chain

http://www.mariettaroofcontractors.com/
https://www.mariettaroofcontractors.com/
https://mariettaroofcontractors.com/

0
0

694ms
569ms

Image
text/html

35.209.91.240
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mariettaroofcontractors.com/
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.91.240 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.91.209.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 24 Feb 2021 16:33:33 GMT
server: nginx
x-redirect-by: WordPress
x-proxy-cache-info: W NC:000000 UP:
content-type: text/html; charset=UTF-8
location: https://mariettaroofcontractors.com/
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS

GET
H2 200 kelly-new.png
www.kellytechno.com/wp-content/uploads/2018/06/ 16 KB
16 KB 565ms
183ms Image
image/png 148.66.136.151
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kellytechno.com/wp-content/uploads/2018/06/kelly-new.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.136.151 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 129cb779734c41d9337907b8e0759a00c631c9cee1b1a236556be7d6eba7ba2e

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:32 GMT
last-modified: Sun, 03 Feb 2019 01:44:16 GMT
server: Apache
accept-ranges: bytes
etag: "62e1a-4039-580f3838cbc00"
content-length: 16441
content-type: image/png

GET
H2 200 hand.png
wolftopchoiceappliancerepair.com/wp-content/uploads/2020/03/ 923 B
2 KB 46ms
16ms Image
image/png 2606:4700:3035::ac43:af3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wolftopchoiceappliancerepair.com/wp-content/uploads/2020/03/hand.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:af3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f558028d69e783c95ccc9174a032447fd0de7925a82145658be121f150c4b2

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 77
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 923
cf-request-id: 08767c8bca0000bec9613c5000000001
last-modified: Mon, 09 Mar 2020 20:44:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JArTLB%2F9lFSLwzb5k3DXTJssOw7Sr1927NGA0u4ynnIfYBGWgHcWpHregk5KKLDHqLb6v8OQw6Lb876%2FVYsibOAIXboLrBJ8SIzsNf5CXDNIt7nqnjeW9XgfwvMfW4hbPuBGCen8KklFBLZJVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 626a96bfa8ddbec9-FRA
expires: Thu, 24 Jun 2021 16:32:15 GMT

GET
H/1.1 200
OK starfull.png
www.4mark.net/images/ 581 B
858 B 26ms
26ms Image
image/png 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/starfull.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 27bcd193254a6bc6cec52c46a65dc786b1e8c34d7901a5c341f1ca8210d1be96

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "752e78c8e4ed31:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 581

GET
H/1.1 200
OK user.png
www.4mark.net/images/ 451 B
727 B 25ms
25ms Image
image/png 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/user.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: da82813d9af2ff755bfea41782d686a6b79c1c6ff486f9ae4433ae8d36de4a3f

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1907ac8e4ed31:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 451

GET
H/1.1 200
OK folder.png
www.4mark.net/images/ 451 B
727 B 26ms
25ms Image
image/png 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/folder.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6e0649cada13b56288ecd008638462d4749a546b2bd107fba07ce04638acdb54

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6a571c8e4ed31:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 451

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 61ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeec769c5ce874a4f0f37d7b3790ad205a78dc635701ecc968b0eb82d429aaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 49781
x-xss-protection: 0
server: cafe
etag: 3942574966862058441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Feb 2021 16:33:32 GMT

GET
H/1.1 200
OK cookies.js Show response
www.4mark.net/js/ 2 KB
2 KB 30ms
30ms Script
application/javascript 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/cookies.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9dc03012086ebf3cf2d0a97afe111b567678711ae1ab60e58bdedb16a4fbf143

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "5fe429ae6dd2d31:0"
Last-Modified: Thu, 12 Apr 2018 14:51:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1262

GET
H/1.1 200
OK jquery-1.10.1.min.js Show response
www.4mark.net/js/vendor/ 91 KB
41 KB 29ms
29ms Script
application/javascript 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/vendor/jquery-1.10.1.min.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "88dd88c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 41691

GET
H/1.1 200
OK jquery.easing-1.3.js Show response
www.4mark.net/js/ 8 KB
3 KB 25ms
25ms Script
application/javascript 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/jquery.easing-1.3.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "b97c86c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2541

GET
H/1.1 200
OK bootstrap.js Show response
www.4mark.net/js/ 54 KB
16 KB 30ms
27ms Script
application/javascript 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/bootstrap.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a9d250db6b377dcc698f55167295d617b6eee4d5936121ff91eca5e7e140c361

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "b97c86c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 15854

GET
H/1.1 200
OK plugins.js Show response
www.4mark.net/js/ 53 KB
12 KB 30ms
27ms Script
application/javascript 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/plugins.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c308c8fddf687a0c3d845d86333d3a596d62579f4551e41c6addccac8c73906c

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "88dd88c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 12331

GET
H/1.1 200
OK main.js Show response
www.4mark.net/js/ 470 B
729 B 29ms
26ms Script
application/javascript 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/main.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2a26cfdb9775a00de1ff890c8d1cc78036be9cafa7ef4a659182259edd4413f9

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Content-Encoding: gzip
ETag: "88dd88c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 392

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 12ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 07:52:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:28 GMT
Server: sffe
Age: 31250
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9132
X-XSS-Protection: 0
Expires: Thu, 24 Feb 2022 07:52:41 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 35ms
11ms Script
application/javascript 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 01:19:21 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 227651
etag: W/"60257011-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
content-length: 18815
x-amz-cf-id: pSOZB4I8cf_zSWukEhBtyfRC-s319sILOSAoiEEwevZKid9Wtesnuw==
expires: Thu, 25 Feb 2021 01:19:21 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.4mark.net/fonts/ 43 KB
44 KB 27ms
27ms Font
font/x-woff 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Origin: http://www.4mark.net
Referer: http://www.4mark.net/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "bc1a65c8e4ed31:0"
Content-Type: font/x-woff
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 44432

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 02:33:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:27 GMT
Server: sffe
Age: 568789
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9080
X-XSS-Protection: 0
Expires: Fri, 18 Feb 2022 02:33:42 GMT

GET
H/1.1 200
OK cse.js Show response
cse.google.com/ 10 KB
4 KB 66ms
56ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/cse.js?cx=012237398978964293444:e5dpqu5e2pu

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

3b75a7ad2da8ba1c690c49dfe44e0dd94e48febfe572b2b249390c60bcb7e1b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:32 GMT
Content-Encoding: gzip
Server: gws
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private
Content-Disposition: attachment; filename="f.txt"
Content-Length: 3687
X-XSS-Protection: 0
Expires: Wed, 24 Feb 2021 16:33:32 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 5A19 2 KB
1 KB 32ms
7ms Document
text/html 2600:9000:2156:800:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Wed, 24 Feb 2021 15:43:54 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dKK4ZfE_E4u6a6lvZgVcivFbQAbInEhRknG86SLSFB3a64-IL7Pvqg==
age: 2978

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 03:54:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:49 GMT
Server: sffe
Age: 477549
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9180
X-XSS-Protection: 0
Expires: Sat, 19 Feb 2022 03:54:23 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 7 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 06:30:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:28 GMT
Server: sffe
Age: 381766
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 7292
X-XSS-Protection: 0
Expires: Sun, 20 Feb 2022 06:30:46 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 7 KB
7 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 08:37:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:25 GMT
Server: sffe
Age: 460554
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 7208
X-XSS-Protection: 0
Expires: Sat, 19 Feb 2022 08:37:38 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
19 KB

25ms
6ms

Script
text/javascript

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2775
date: Wed, 24 Feb 2021 15:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 24 Feb 2021 17:47:17 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK link.png
www.4mark.net/images/ 25 KB
25 KB 26ms
25ms Image
image/png 5.175.5.64
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/link.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4b3e60fd6e52b6e4e0a3235609611b8bfa0d5c91c7c578ea1673857b94a45fdd

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:37 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2dcb75c8e4ed31:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 25735

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 4 KB
4 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c21c5b1826e4747f5acd01b837b53e61071a40e24ee7e6d5d00e2b76ef8e69ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Feb 2021 23:47:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:37 GMT
Server: sffe
Age: 578780
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 3768
X-XSS-Protection: 0
Expires: Thu, 17 Feb 2022 23:47:12 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
334 B 106ms
29ms XHR
text/plain 52.58.221.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1614184411966.40550&hostname=www.4mark.net&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=a0b77922-91c2-48a2-9e56-195a26ce8cfa&bsamesite=true&consent_cookie_duration=190&consent_duration=190&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.4mark.net%2F&title=4mark%20Social%20Bookmarking%20Tool&sop=false&description=4mark%20is%20a%20social%20bookmarking%20tool%20for%20saving%20your%20favorite%20links
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:32 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://www.4mark.net
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
126 B 15ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1255211159&t=pageview&_s=1&dl=http%3A%2F%2Fwww.4mark.net%2F&ul=en-us&de=UTF-8&dt=4mark%20Social%20Bookmarking%20Tool&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1219953908&gjid=1788357073&cid=2003114034.1614184412&tid=UA-12703824-20&_gid=1986705830.1614184412&_r=1&_slc=1&z=2043958735

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:33:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.4mark.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-12703824-20&cid=2003114034.1614184412&jid=1219953908&gjid=1788357073&_gid=1986705830.1614184412&_u=IEBAAEAAAAAAAC~&z=1650786944

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Feb 2021 16:33:32 GMT
content-type: text/plain
access-control-allow-origin: http://www.4mark.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 8ms
8ms Stylesheet
text/css 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 03:32:11 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
age: 46881
etag: W/"60257012-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: kBBEUzan1_j9uDOnxxjRNO27hhY_basvWqTn6zgOtKx4W45Vtyfg1A==

GET
H2 200 sharethis_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 8ms
5ms Image
image/png 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/sharethis_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 1113986
etag: "60256fcb-539"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1337
x-amz-cf-id: Lru0IBocyXbnfI9luHUr1P2ht4Pn7d5reHVwiI3O2EtzDolO2YWQFw==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 googleplus_32.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 8ms
6ms Image
image/png 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/googleplus_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 1113986
etag: "60256fcb-9a4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2468
x-amz-cf-id: c6caMkoQ7fqd22jchyzQ65VYJoBRsQHGBs0C1zMskUM5eJDtLkETbQ==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 facebook_32.png
ws.sharethis.com/images/2017/ 1 KB
1 KB 10ms
8ms Image
image/png 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 1113986
etag: "60256fcb-497"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1175
x-amz-cf-id: DhOgwwE_jv08HOeD7YKQ6DCm6xL6RB6NVJNFsOCx4uaER16I0oTPAQ==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 twitter_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 10ms
8ms Image
image/png 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 1113986
etag: "60256fcb-53a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1338
x-amz-cf-id: PcDg2cYS_lqg8M2qkYiEdN-c4xLO_a65QRXGLNvNkoEcBhJvUEDAqQ==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 pinterest_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 10ms
8ms Image
image/png 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/pinterest_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 1113986
etag: "60256fcb-59b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1435
x-amz-cf-id: BwFpZoLURnKMihIvfj50G-Vmu98RZFgDOY0b3lx2JMgsbC-ad4K6Pg==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 274 KB
90 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: http://cse.google.com/cse.js?cx=012237398978964293444:e5dpqu5e2pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 04:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 42176
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92213
x-xss-protection: 0
expires: Thu, 24 Feb 2022 04:50:36 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Requested by

Host: cse.google.com
URL: http://cse.google.com/cse.js?cx=012237398978964293444:e5dpqu5e2pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 103328
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Wed, 23 Feb 2022 11:51:24 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: http://cse.google.com/cse.js?cx=012237398978964293444:e5dpqu5e2pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 837
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Wed, 24 Feb 2021 17:09:35 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 39ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-12703824-20&cid=2003114034.1614184412&jid=1219953908&_u=IEBAAEAAAAAAAC~&z=1242026117

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:33:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 51ms
32ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-12703824-20&cid=2003114034.1614184412&jid=1219953908&_u=IEBAAEAAAAAAAC~&z=1242026117

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:33:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210222/r20190131/ 227 KB
86 KB 70ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210222/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2246361437356141&plah=www.4mark.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

917881e53bf39dde7006129469be1e83fd77b11f7ad65d519b085fab019fc40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87209
x-xss-protection: 0
server: cafe
etag: 2800222557707562905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Feb 2021 16:33:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210222/r20190131/ Frame 6424 10 KB
5 KB 24ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210222/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 23 Feb 2021 23:08:46 GMT
expires: Tue, 09 Mar 2021 23:08:46 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 62686
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 34ms
33ms Image
text/plain 52.58.221.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1614184411966.40550&hostname=www.4mark.net&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=a0b77922-91c2-48a2-9e56-195a26ce8cfa&bsamesite=true&consent_cookie_duration=190&consent_duration=190&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.4mark.net%2F&title=4mark%20Social%20Bookmarking%20Tool&sop=false&description=4mark%20is%20a%20social%20bookmarking%20tool%20for%20saving%20your%20favorite%20links&gdpr_domain=.consensu.org&gdpr_method=cookie&description=4mark%20is%20a%20social%20bookmarking%20tool%20for%20saving%20your%20favorite%20links&img_pview=true
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:32 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 180 KB
63 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b44d477894a6523d9dd706759b5967b07dc37b50e064cd37a17b23b7dd2110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "18070988905354517920"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Wed, 24 Feb 2021 16:33:32 GMT

GET
H3-Q050 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 34ms
20ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 12:56:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 531406
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Fri, 18 Feb 2022 12:56:46 GMT

GET
H3-Q050 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
2 KB 30ms
20ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 507125
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:27 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 11ms
5ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 16:33:32 GMT
Content-Length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
638 B 113ms
57ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.4mark.net&callback=_gfp_s_&client=ca-pub-2246361437356141

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210222/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2246361437356141&plah=www.4mark.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

424a3cba7ef899d8dd957ed344438bd3f6a84ae481f7b50ef21c56520d3dda4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 47ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.4mark.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
799 B 49ms
30ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.4mark.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D832 10 KB
1 KB 57ms
56ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1614184412&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.4mark.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614184412275&bpp=25&bdt=465&idt=98&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1411683334999&frm=20&pv=2&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=116

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3822184108e10c7af33d032e5bf717d1832e72df399b29482c44d27f776e9cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1614184412&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.4mark.net%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614184412275&bpp=25&bdt=465&idt=98&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1411683334999&frm=20&pv=2&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Feb 2021 16:33:32 GMT
server: cafe
content-length: 842
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 24-Feb-2021 16:48:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 16:33:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997197137185"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28345
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:33:32 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
679 B 28ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.4mark.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 28ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.4mark.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 16:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 42CF 405 B
411 B 508ms
508ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=1776016447&pi=t.aa~a.3169347946~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=3&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rBI9IXtPjj&p=http%3A//www.4mark.net&dtd=29

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38f40e5ed20b4df49eb7f91afbbf555851d7d67e93bb9b793af3a9b2498da587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=1776016447&pi=t.aa~a.3169347946~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=3&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rBI9IXtPjj&p=http%3A//www.4mark.net&dtd=29
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Feb 2021 16:33:33 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUls1kib-7fhw8FGMuepqI_8n63WYjpMXWaMaQzj4EdwNi_w1jgvfltrkqcc7yk; expires=Mon, 21-Mar-2022 16:33:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 16:33:33 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F73E 405 B
366 B 266ms
266ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=2682617240&pi=t.aa~a.3169404929~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=2344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GhGUPlz7M1&p=http%3A//www.4mark.net&dtd=35

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

431437027cedb2e4ea5e549f6fb98edb69c3ef2b26bfa329a3536af19a355b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=2682617240&pi=t.aa~a.3169404929~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=2344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=GhGUPlz7M1&p=http%3A//www.4mark.net&dtd=35
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Feb 2021 16:33:32 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUn_FwL4Der4f_aZqQFtfclloITYxDwN4CjijRv4WvWQsCO0mvlsPygvR7tShus; expires=Mon, 21-Mar-2022 16:33:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 16:33:32 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 57F3 106 KB
35 KB 385ms
385ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a273a69cf812eda11315daf6a6d6505feddf7ca55c842ed33e4869785e3b1783

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6PjcT5gu8CFZ5bFQgdjv4K7g&gqi=3H82YJz2IdmCwuIPhd-3iA8&layout=/sadbundle/%24csp%253Der3%24/15360962201801046162/300x600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6PjcT5gu8CFZ5bFQgdjv4K7g&gqi=3H82YJz2IdmCwuIPhd-3iA8&layout=/sadbundle/%24csp%253Der3%24/15360962201801046162/300x600/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Feb 2021 16:33:32 GMT
server: cafe
content-length: 34659
x-xss-protection: 0
set-cookie: IDE=AHWqTUnwaWIzMc-UQuHDtnQJ_xaKbKcHrKdO-GCymGyqNONYX9EjXriEk0oiX_jpOsM; expires=Mon, 21-Mar-2022 16:33:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 16:33:32 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF7C 405 B
457 B 216ms
215ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=2223202048&pi=t.aa~a.3169408088~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C263x600&nras=5&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=3778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=n89GgtmoXO&p=http%3A//www.4mark.net&dtd=42

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7749da0af2a1813271e4c38b3c1de7a94ae5340778753dd99e45c9fad096289e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=280&adk=2263437690&adf=2223202048&pi=t.aa~a.3169408088~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=1140x280&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C263x600&nras=5&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=3778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=n89GgtmoXO&p=http%3A//www.4mark.net&dtd=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Feb 2021 16:33:32 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUkGtCnbpDo_Kx5Rbr1PJUhpxZrsp8JJwGOAjhziijLvdxuyLNIiPObTrZNXVuM; expires=Mon, 21-Mar-2022 16:33:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 16:33:32 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C401 405 B
367 B 345ms
345ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=1830253184&pi=t.aa~a.2523598066~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=1&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C263x600%2C1140x280&nras=6&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=4078&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=6odLQW0iFi&p=http%3A//www.4mark.net&dtd=46

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

201b8f51ed3d4f8c7e1bf04a1772d825800560c8df7159b94e297d326fc18d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=1830253184&pi=t.aa~a.2523598066~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=1&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C263x600%2C1140x280&nras=6&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=4078&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=6odLQW0iFi&p=http%3A//www.4mark.net&dtd=46
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Feb 2021 16:33:32 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUldaVG71R9xzS5uwr5I9kflOfy6BdNJ8AjgZYctVIZw5KzBkZ8U1ozZNWWe1Qo; expires=Mon, 21-Mar-2022 16:33:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 16:33:32 GMT
cache-control: private

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/ Frame 8A12 2 KB
2 KB 31ms
10ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55dc2914fd50d5b9f175631c27d961fd30cde8fd56a6550bcdc37f4626a73ead

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 870
date: Fri, 19 Feb 2021 06:38:14 GMT
expires: Sat, 19 Feb 2022 06:38:14 GMT
last-modified: Thu, 18 Feb 2021 08:51:08 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 467719
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

B25368779.296294406;dc_pre=CNyjucT5gu8CFT7kuwgddpgCrA;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3722205002;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 4655
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3722205002;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CNyjucT5gu8CFT7kuwgddpgCrA;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3722205002;dc_lat=;dc_rdid=;tag...

42 B
99 B

45ms
45ms

Fetch
image/gif

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CNyjucT5gu8CFT7kuwgddpgCrA;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3722205002;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:33:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:33:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=CNyjucT5gu8CFT7kuwgddpgCrA;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3722205002;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4655 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMgxf3H82YI6xIp631fAPjv2r8A65s7jBYZfmtsTmDdrZHhABINnyghdglQKgAfS4v8UDyAEJqAMByANIqgTKAU_QyTH7FjMwDPL8LfIkFZ6PsAkVTW_hduzSkMHJ_h1j-_IVHhWWKbU1AJEiu5bAwnFC1V2YA6ZCHuRHi4vRcf0a5CRMiarR_Q7oeVlvBCvhP8Urh6jif7mwMuXHnupRBCNcYchKT5EvOs-dmzwpeFsNhiTCs6qEwjFKhCAPQ9te8x_V7SmMzlAo24aqOjnkeifwEiyR-fa04WWNJU5kexh0CI5poETd2zypBxXkcZRKe0qcwfOrceb5bE4-_ZhQ87mI1ZU6qfO5DljABN-xhrO0A5IFBAgEGAGSBQQIBRgEoAYugAfsoaimAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxC6ZtIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0yMjQ2MzYxNDM3MzU2MTQx&sigh=RH86exdA1fU&template_id=419&tpd=AGWhJmvFS9nOM-Qor3vIQgf9w2TTmiJh9Sh7D2HqCnBuo7CCqA

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 16:33:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/ Frame 4655 18 KB
7 KB 29ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

326b9524fd6295565871de3f0cbd08993794c17160f1b41183cd329e5a90f021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 17098042556881059079
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Mar 2021 16:31:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame 4655 3 KB
2 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Mar 2021 16:32:43 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4655 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997191106504"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:33:33 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame 4655 14 KB
6 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Mar 2021 16:32:40 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 4655 0
0 16ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5Qe3F-cPVqWxPZUaMsjmqa5u12UOK-PQ-mGFzUWElQmyxusmsq9iNQ_GBAHqdwG4L_KgZ-KlScOwLITK01QbWXUfEgw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D004 143 B
216 B 14ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUls1kib-7fhw8FGMuepqI_8n63WYjpMXWaMaQzj4EdwNi_w1jgvfltrkqcc7yk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 24 Feb 2021 15:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3129
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4655 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f77ffe2001fddb0e1c706548084cb0803ac01da1fdc5ee91931f997cd640f6c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 4655 0
679 B 77ms
42ms Other
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6PjcT5gu8CFZ5bFQgdjv4K7g&gqi=3H82YJz2IdmCwuIPhd-3iA8&layout=/sadbundle/%24csp%253Der3%24/15360962201801046162/300x600/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2246361437356141&output=html&h=600&adk=3579329306&adf=2060190920&pi=t.aa~a.2523656361~rp.1&w=263&fwrn=4&fwrnh=100&lmt=1614184412&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=263x600&url=http%3A%2F%2Fwww.4mark.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1614184412502&bpp=1&bdt=692&idt=-M&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1411683334999&frm=20&pv=1&ga_vid=2003114034.1614184412&ga_sid=1614184412&ga_hid=1255211159&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=2644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44735932%2C21068496%2C21068769%2C21068893&oid=3&pvsid=2486517895751349&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ZOSLRFBBA3&p=http%3A//www.4mark.net&dtd=38
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:33:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8A12 9 KB
4 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 25 Feb 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8A12 22 KB
9 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 25 Feb 2021 13:07:30 GMT

GET
H3-Q050 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/ Frame 8A12 140 KB
40 KB 37ms
23ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 467719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40127
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 08:51:08 GMT
server: sffe
date: Fri, 19 Feb 2021 06:38:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 06:38:14 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D004
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
273 B

46ms
45ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUls1kib-7fhw8FGMuepqI_8n63WYjpMXWaMaQzj4EdwNi_w1jgvfltrkqcc7yk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Feb 2021 16:33:33 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 24-Feb-2021 17:33:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 16:33:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Feb 2021 16:33:33 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/ Frame 8A12 182 KB
21 KB 44ms
21ms XHR
application/json 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15360962201801046162/300x600/lottie_light.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40964e79d54951af5b73f4d2cd080bb2b50623f127f1be0e8819f3ebd4b2a13d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 467719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19810
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 08:51:08 GMT
server: sffe
date: Fri, 19 Feb 2021 06:38:14 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 06:38:14 GMT

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A12 14 KB
6 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 8542
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Thu, 24 Feb 2022 14:11:11 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 32ms
31ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210222&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8072d6f1cffaa35f7a592ebceffd3c12c053b4da044eda7a27ee9a14c9dfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 16:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6488
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 16:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 24 Feb 2021 16:33:34 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 2514 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 24 Feb 2021 15:04:57 GMT
expires: Thu, 24 Feb 2022 15:04:57 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5317
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2514 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 8543
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Thu, 24 Feb 2022 14:11:11 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
205 B 46ms
40ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210222&jk=2486517895751349&bg=!3N-l35zNAAXB_3NtwTsAKQB2-Dxawc7Wi1FV34MoZcMaID6uNC1gmBo26KA3O9M_6vDrjiMTgIZyAgAAAKpSAAAADmgBBwoBrGdIcj2t0twICVXYsw8CTS00RXtl33uj5DIIFnX4vAItb4tqG2FL8Tk5P9q6ZKVkEgZ0QwZzmn9ritljGWq41h16e4N-5PKHhiGwfQ8EilbZfny4HYZE-OpO8HJTT1ROJcszeiRbX2tdIFc5PTzusmEAJ_lI4KT91aSpFaMw2TMXIOdG_g674rq3pEka9j0zzS8hjGxyZq78ZMu5tAMGN-38HKYDTk8EOoiK30MBbCX17bZ1tU5ryWPo8e7NpbO_ZXU8wmp7o1xLGQFRndUj_hwZRz_IEpjMEIYUGZtfUQqQ2dF-C2mmVa6gYIyLx0PtHp1WaNb6vRsNIrDfPtJJNZ6kwsx7EmWf2iao-EP81tThwOaIz6qOeMIjy8A-NCeH_flhHJurE0nmzcbB3sXbeG7lFJ7xCOX1JiGYz3j1_Mse5zXjKj4bccxV9RJGDC_k8-D9ZlfJo_kKloaKoZSAD4WoEZdKM5KI438tQNRF6yWG_RLnWyAVywVcWVLqV-Au826H6RWNxcDpYWiI4ICxHfZQeHqGvZweVAi8h9fVKGqISUC3uX0eAB-7kprPmQHG9eUfpGZL0IaFcC1esbJUOXjtcEaF-1sbjlBQHJ8v120kbHuVTYDjR1kdbQ0mB84H1V2yOetR8WZB2v1ZjkaTnmuQlBBjJUkse3kRyo8MhKVkLtsS-kIM8anzCKJ3NEGJNifBR-nRHGtRJRHEKpqb-8IEcFh326LX4bXtQHSfM_D1mym603yzIQf-MqTORa_K9NhdtQ64auCuM-3UpGthhow0HAaUyz9IXgxi8amfpvdCw_bbQ4E3F5UawPl9RnkXTlv8ufZva75hMuRlEqfrjo8S2_VCd5S-8PQPsfUH1zo_uiniIzyFNOnyJ6yTIOYEsW7XBGWSgB_7CkqnwwN1WVCxdRGia4UhStDDZIdLNKVDjV4oVm1YWm-3Vkl7wVzhmrkTvot_cyZFYek2JXtSgjbuXebHAwUazKhQTDEyiXvqjWdAnh_AaJPSZcZocEdqpuBx9IEoaS9h0j4N1eVI7RyaXCIwhN7yjLKWQ2DZp3GLmMNFqOxi89yscUzhP-hPp4GNIZX96I12o1ZLGSCsccL4On6htWVtd-XYabpgT04iL_k8LhXBKlSv_s-ieC_YcJv7Dc4jWDuwRcOIVmC2A2Bt6-3zlA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 16:33:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame D07C 14 KB
4 KB 8ms
7ms Document
text/html 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure5x/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.4mark.net/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
date: Wed, 24 Feb 2021 01:12:32 GMT
etag: W/"60257012-390f"
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ubrhNK-1shkp3TSe3vItes5Ld6oezBw1dMWccwWRqHxc9DErHVueeQ==
age: 55263

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame D07C 16 KB
6 KB 11ms
10ms Script
application/javascript 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:05 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 1113990
etag: W/"60257012-40f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
content-length: 5630
x-amz-cf-id: w0kkQ_fvTd1wWm2_On0H0RgpRJNjjhwC-wnkGUvbVm6A1fNXqdUIkQ==
expires: Fri, 11 Feb 2022 19:07:05 GMT

GET
H2 200 st.5583d3f0facb4d4a55d1a93224fb446d.js Show response
ws.sharethis.com/secure5x/js/ Frame D07C 132 KB
32 KB 10ms
10ms Script
application/javascript 2600:9000:20eb:a600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/st.5583d3f0facb4d4a55d1a93224fb446d.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:05 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 1113990
etag: W/"60257012-20eab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: obiuLB0WV5gb8Nu_kTc-e1h8Hds69Hy01jlDY1zGhhQvF4rmZo5AHg==
expires: Fri, 11 Feb 2022 19:07:05 GMT

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:23:08	Name: DSID Value: NO_DATA
.4mark.net/	1970-01-19 16:23:04	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 01:44:40	Name: IDE Value: AHWqTUls1kib-7fhw8FGMuepqI_8n63WYjpMXWaMaQzj4EdwNi_w1jgvfltrkqcc7yk
.4mark.net/	1970-01-20 01:44:40	Name: __gads Value: ID=344b9ebc26a14372-223ca35494ba00bb:T=1614184412:RT=1614184412:S=ALNI_MbrfRBSpGS37ct7gdsHCVh9iwOxYA
.4mark.net/	1970-01-19 16:24:30	Name: _gid Value: GA1.2.1986705830.1614184412
.4mark.net/	1970-01-20 09:54:16	Name: _ga Value: GA1.2.2003114034.1614184412

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4mark.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
bestsleepshop.com
c.sharethis.mgr.consensu.org
clients1.google.com
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
mariettaroofcontractors.com
onlinecprtrainingusa.com
pagead2.googlesyndication.com
partner.googleadservices.com
prsync.com
public.sitejot.com
sendvid.com
spautopia.ca
stats.g.doubleclick.net
tpc.googlesyndication.com
w.sharethis.com
wolftopchoiceappliancerepair.com
ws.sharethis.com
www.4mark.net
www.databridgemarketresearch.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.kellytechno.com
www.ku.lt
www.mariettaroofcontractors.com
www.posts123.com
www.wagslandscape.com
104.207.246.243
142.250.185.162
148.66.136.151
162.0.235.51
192.96.215.41
193.219.76.6
216.58.212.166
216.83.138.146
2600:9000:20eb:a200:3:c04e:c780:93a1
2600:9000:20eb:a600:3:c04e:c780:93a1
2600:9000:2156:800:c:a9b7:ddc0:93a1
2606:4700:3035::ac43:af3d
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9c
2a01:4f8:d0a:10c3::2
35.209.91.240
44.239.154.121
46.166.142.243
5.175.3.206
5.175.5.64
52.58.221.124
54.164.22.162
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
0c515d932e4a69f2802c6f256112f914e0571f398be0b67d3b164b10b7516c87
0e430441e9833f9e3b9219b4837068670afbb50171678365b95f45de9291b632
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
129cb779734c41d9337907b8e0759a00c631c9cee1b1a236556be7d6eba7ba2e
142b082ce04daeef49f57c440e34629f45cfda8e3d20665fabc701075904b8f9
17e00fdfbf0ce57c677a5013e40948f057ee44c6166c1e337f784a879ecb0171
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19497b38c6f7b622f3a476adb7df833ec65c8dbf078f6f5f787f5030dcc36189
1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb
1e10af313c557dc0079253e5a343699e49106acfe441fe006c742c1b0ce51a0d
1efd80054562eaeec7055e5a68e6fc1752a794c8350185f4871343263f11b529
201b8f51ed3d4f8c7e1bf04a1772d825800560c8df7159b94e297d326fc18d76
20f558028d69e783c95ccc9174a032447fd0de7925a82145658be121f150c4b2
27bcd193254a6bc6cec52c46a65dc786b1e8c34d7901a5c341f1ca8210d1be96
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2a26cfdb9775a00de1ff890c8d1cc78036be9cafa7ef4a659182259edd4413f9
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
326b9524fd6295565871de3f0cbd08993794c17160f1b41183cd329e5a90f021
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
3822184108e10c7af33d032e5bf717d1832e72df399b29482c44d27f776e9cf8
3822b897f1eb08ba5e7afa130a0866d2616b80db9de763b21bc555c4aec1d52d
38f40e5ed20b4df49eb7f91afbbf555851d7d67e93bb9b793af3a9b2498da587
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
3b75a7ad2da8ba1c690c49dfe44e0dd94e48febfe572b2b249390c60bcb7e1b1
3f2edf41a656bd4427e323267e8e4ffed4eb9005b2496152a2b38297bd9c3c99
40964e79d54951af5b73f4d2cd080bb2b50623f127f1be0e8819f3ebd4b2a13d
424a3cba7ef899d8dd957ed344438bd3f6a84ae481f7b50ef21c56520d3dda4f
431437027cedb2e4ea5e549f6fb98edb69c3ef2b26bfa329a3536af19a355b8d
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b3e60fd6e52b6e4e0a3235609611b8bfa0d5c91c7c578ea1673857b94a45fdd
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55dc2914fd50d5b9f175631c27d961fd30cde8fd56a6550bcdc37f4626a73ead
58b44d477894a6523d9dd706759b5967b07dc37b50e064cd37a17b23b7dd2110
59433eae456916d07b9af106cd6e5a39e9ca36b2e23e3836c4557e33a8476a56
5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
6e0649cada13b56288ecd008638462d4749a546b2bd107fba07ce04638acdb54
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
7749da0af2a1813271e4c38b3c1de7a94ae5340778753dd99e45c9fad096289e
7caa89a9846fa654f10eb726db480569b65d3e7489d5f1a7f6970abab0b26bf8
83c375fbf8f78828954ceeba825f7775feab5afc7f792b1f8ef57fcd9b4e840e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5
8c07db0f8c47b64b9ff91a2201556577db2737e2db7f0b0b4f1cbe5920a03a81
917881e53bf39dde7006129469be1e83fd77b11f7ad65d519b085fab019fc40f
93eecd05275c8a2511850e68ee31978b955f9b3685124433e5a53c939d506c96
95db4cb166cef400cd73d96929f823754ec79523c1722af589b60faeb58a7aff
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9dc03012086ebf3cf2d0a97afe111b567678711ae1ab60e58bdedb16a4fbf143
a273a69cf812eda11315daf6a6d6505feddf7ca55c842ed33e4869785e3b1783
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9d250db6b377dcc698f55167295d617b6eee4d5936121ff91eca5e7e140c361
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6
b7f115b1794b5c090c8632d5abe2a32bf54a0c4e0845eeb7b6e41ddd45bbced9
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c21c5b1826e4747f5acd01b837b53e61071a40e24ee7e6d5d00e2b76ef8e69ff
c308c8fddf687a0c3d845d86333d3a596d62579f4551e41c6addccac8c73906c
c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b
ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd
d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da82813d9af2ff755bfea41782d686a6b79c1c6ff486f9ae4433ae8d36de4a3f
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e6a422d517490c7e2fb0abd3afbe162f1f33b38323f7fa282ba1d1d0fb228ca8
eb8072d6f1cffaa35f7a592ebceffd3c12c053b4da044eda7a27ee9a14c9dfce
eeec769c5ce874a4f0f37d7b3790ad205a78dc635701ecc968b0eb82d429aaf6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
f6fd3474bfcb18c1b28760105a59d1206fd0234ea9ed6eac5dce742ae91c9918
f77ffe2001fddb0e1c706548084cb0803ac01da1fdc5ee91931f997cd640f6c3

www.4mark.net Open in urlscan Pro 5.175.5.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

68 %HTTPS

53 %IPv6

25 Domains

36 Subdomains

33 IPs

7 Countries

1621 kBTransfer

3444 kBSize

6 Cookies

15 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.4mark.net Open in urlscan Pro
5.175.5.64 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

68 %
HTTPS

53 %
IPv6

25
Domains

36
Subdomains

33
IPs

7
Countries

1621 kB
Transfer

3444 kB
Size

6
Cookies

104 HTTP transactions
1 data transactions