www.wdir1.com Open in urlscan Pro
5.175.3.206 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.wdir1.com/link/1080851/movieshd915
Submission Tags: falconsandbox
Submission: On September 16 via api (September 16th 2021, 1:03:19 pm UTC) from US — Scanned from DE

Summary HTTP 342 Redirects Links 103 Behaviour Indicators

Summary

This website contacted 66 IPs in 8 countries across 47 domains to perform 342 HTTP transactions. The main IP is 5.175.3.206, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is www.wdir1.com.

This is the only time www.wdir1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.175.3.206 5.175.3.206	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 17	104.84.56.126 104.84.56.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
30	2600:9000:21f... 2600:9000:21f3:b600:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
4	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	148.72.244.233 148.72.244.233	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
38	195.167.159.38 195.167.159.38	15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.)
1 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:7e00:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2620:46:2000:... 2620:46:2000:16::68	13535 (NING) (NING)
2	2600:9000:21f... 2600:9000:21f3:c400:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
7	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
6	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
4	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
49	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
9	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 5	195.177.216.95 195.177.216.95	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
2	2606:4700::68... 2606:4700::6810:a20d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	13.225.78.28 13.225.78.28	16509 (AMAZON-02) (AMAZON-02)
8	89.25.223.83 89.25.223.83	31242 (TKPSA-AS) (TKPSA-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
1	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	13.224.193.38 13.224.193.38	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	2.16.186.113 2.16.186.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.193.116 13.224.193.116	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b120:5b38:df27:617f:9396	14618 (AMAZON-AES) (AMAZON-AES)
1	54.146.217.90 54.146.217.90	14618 (AMAZON-AES) (AMAZON-AES)
1 8	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	89.25.223.88 89.25.223.88	31242 (TKPSA-AS) (TKPSA-AS)
2	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.225.78.15 13.225.78.15	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
7 13	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 6	13.225.78.77 13.225.78.77	16509 (AMAZON-02) (AMAZON-02)
2 2	54.76.227.154 54.76.227.154	16509 (AMAZON-02) (AMAZON-02)
1 5	52.17.47.34 52.17.47.34	16509 (AMAZON-02) (AMAZON-02)
4 4	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2 2	91.216.195.18 91.216.195.18	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
2 2	52.49.107.116 52.49.107.116	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
342	66

16 5.175.3.206 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: vs226095.vs.hosteurope.de

www.wdir1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.easymarks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.84.56.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

wdir1.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
easymarks.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:21f3:b600:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.72.244.233 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-148-72-244-233.ip.secureserver.net

funcallgirl.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 195.167.159.38 (Warsaw, Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: bankier.pl

www.bankier.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7e00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:46:2000:16::68 (United States)

ASN13535 (NING, US)

beterhbo.ning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:c400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 195.177.216.95 (Poland) 1 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-195-177-216-95.dataspace.pl

gapl.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a20d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.28 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 89.25.223.83 (Katowice, Poland)

ASN31242 (TKPSA-AS, PL)
PTR: host-89.25.223.83.static.3s.pl

bbp.salesmanago.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tagmanager.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-116.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:5b38:df27:617f:9396 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.217.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-217-90.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.86.139.58 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

www3.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.25.223.88 (Katowice, Poland)

ASN31242 (TKPSA-AS, PL)
PTR: host-89.25.223.88.static.3s.pl

www.salesmanago.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

itx4.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-15.fra2.r.cloudfront.net

www.statsforads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.244.174.68 (Kansas City, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.77 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-77.fra2.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.227.154 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-227-154.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.17.47.34 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-47-34.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.223.178 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.0.160.129 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.216.195.18 (France) 2 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-01-vip.weborama.fr

wam.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.107.116 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-107-116.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	taboola.com cdn.taboola.com trc.taboola.com images.taboola.com 15.taboola.com vidstat.taboola.com pips.taboola.com cds.taboola.com	630 KB
38	bankier.pl www.bankier.pl	484 KB
34	disquscdn.com c.disquscdn.com a.disquscdn.com	1 MB
23	disqus.com wdir1.disqus.com disqus.com easymarks.disqus.com tempest.services.disqus.com referrer.disqus.com links.services.disqus.com glitter.services.disqus.com	137 KB
18	google.com translate.google.com adservice.google.com www.google.com apis.google.com accounts.google.com	93 KB
16	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	349 KB
15	addthis.com 1 redirects s7.addthis.com m.addthis.com api-public.addthis.com	435 KB
13	rlcdn.com 7 redirects ejp.rlcdn.com idsync.rlcdn.com	4 KB
12	smartadserver.com 1 redirects tagmanager.smartadserver.com www3.smartadserver.com itx4.smartadserver.com	216 KB
9	salesmanago.pl bbp.salesmanago.pl www.salesmanago.pl	33 KB
9	facebook.net connect.facebook.net	322 KB
9	googleapis.com translate.googleapis.com fonts.googleapis.com	199 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	150 KB
8	easymarks.org www.easymarks.org	249 KB
8	wdir1.com www.wdir1.com	343 KB
6	rezync.com 4 redirects live.rezync.com	5 KB
6	criteo.com 3 redirects gum.criteo.com mug.criteo.com	2 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
6	gemius.pl 1 redirects gapl.hit.gemius.pl ls.hit.gemius.pl	15 KB
6	gstatic.com www.gstatic.com ssl.gstatic.com	86 KB
5	narrative.io 1 redirects io.narrative.io	2 KB
5	google-analytics.com www.google-analytics.com	96 KB
4	rfihub.com 4 redirects p.rfihub.com	4 KB
4	adnxs.com 4 redirects ib.adnxs.com	4 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	facebook.com www.facebook.com	561 B
4	google.de adservice.google.de www.google.de	2 KB
4	pinterest.com widgets.pinterest.com	777 B
3	adform.net 1 redirects s1.adform.net adx.adform.net	26 KB
3	sascdn.com ced.sascdn.com ced-ns.sascdn.com	50 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
3	optad360.io cmp.optad360.io get.optad360.io	303 KB
3	googletagmanager.com www.googletagmanager.com	147 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	weborama.fr 2 redirects wam.solution.weborama.fr	1 KB
2	imrworldwide.com 2 redirects obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	279 B
2	statsforads.com www.statsforads.com	149 KB
2	liadm.com 1 redirects rp.liadm.com rp4.liadm.com	1 KB
2	jsdelivr.net cdn.jsdelivr.net	2 KB
2	viglink.com cdn.viglink.com	1 KB
2	googletagservices.com www.googletagservices.com	55 KB
2	googleadservices.com partner.googleadservices.com www.googleadservices.com	15 KB
2	addthisedge.com v1.addthisedge.com	2 KB
2	moatads.com z.moatads.com	2 KB
1	bluekai.com 1 redirects tags.bluekai.com	792 B
1	ning.com beterhbo.ning.com	829 B
1	funcallgirl.in funcallgirl.in
342	47

	Domain	Requested by
38	www.bankier.pl	www.easymarks.org www.bankier.pl
30	c.disquscdn.com	wdir1.disqus.com disqus.com c.disquscdn.com easymarks.disqus.com
25	images.taboola.com	www.easymarks.org cdn.taboola.com
18	cdn.taboola.com	www.wdir1.com cdn.taboola.com
12	pagead2.googlesyndication.com	www.wdir1.com www.easymarks.org pagead2.googlesyndication.com tpc.googlesyndication.com
10	idsync.rlcdn.com	4 redirects c.disquscdn.com live.rezync.com
9	connect.facebook.net	c.disquscdn.com www.bankier.pl connect.facebook.net www.wdir1.com
8	www3.smartadserver.com	1 redirects www.easymarks.org ced.sascdn.com
8	bbp.salesmanago.pl	www.bankier.pl bbp.salesmanago.pl www.googletagmanager.com
8	disqus.com	wdir1.disqus.com c.disquscdn.com easymarks.disqus.com
8	translate.googleapis.com	translate.google.com translate.googleapis.com
8	www.easymarks.org	www.wdir1.com www.easymarks.org
8	www.wdir1.com	www.wdir1.com
7	s7.addthis.com	1 redirects www.wdir1.com s7.addthis.com www.easymarks.org
6	live.rezync.com	4 redirects c.disquscdn.com
6	sb.scorecardresearch.com	2 redirects cdn.taboola.com www.easymarks.org
6	referrer.disqus.com	www.easymarks.org www.wdir1.com
6	www.google.com	www.wdir1.com translate.googleapis.com www.bankier.pl tpc.googlesyndication.com
6	api-public.addthis.com	s7.addthis.com
5	io.narrative.io	1 redirects www.wdir1.com
5	trc.taboola.com	cdn.taboola.com www.easymarks.org
5	gapl.hit.gemius.pl	1 redirects www.bankier.pl gapl.hit.gemius.pl
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	p.rfihub.com	4 redirects
4	ib.adnxs.com	4 redirects
4	gum.criteo.com	3 redirects
4	accounts.google.com	apis.google.com ssl.gstatic.com
4	www.facebook.com	www.bankier.pl c.disquscdn.com www.easymarks.org
4	apis.google.com	c.disquscdn.com apis.google.com
4	a.disquscdn.com	www.wdir1.com c.disquscdn.com
4	www.gstatic.com	translate.googleapis.com www.wdir1.com
4	widgets.pinterest.com	www.wdir1.com www.easymarks.org
3	ejp.rlcdn.com	3 redirects
3	links.services.disqus.com	c.disquscdn.com www.wdir1.com
3	www.googletagmanager.com	www.wdir1.com www.easymarks.org www.bankier.pl
2	cds.taboola.com	cdn.taboola.com
2	pips.taboola.com	cdn.taboola.com
2	dpm.demdex.net	2 redirects
2	wam.solution.weborama.fr	2 redirects
2	obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	2 redirects
2	adx.adform.net	1 redirects www.easymarks.org
2	glitter.services.disqus.com	c.disquscdn.com
2	www.statsforads.com	www.wdir1.com
2	eus.rubiconproject.com	www3.smartadserver.com eus.rubiconproject.com
2	itx4.smartadserver.com	www.easymarks.org
2	ssl.gstatic.com	accounts.google.com
2	mug.criteo.com	www.easymarks.org
2	ced-ns.sascdn.com	tagmanager.smartadserver.com www3.smartadserver.com
2	www.google.de	www.bankier.pl
2	tagmanager.smartadserver.com	www.bankier.pl tagmanager.smartadserver.com
2	cdn.jsdelivr.net	get.optad360.io tagmanager.smartadserver.com
2	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	cdn.viglink.com	www.wdir1.com
2	tempest.services.disqus.com	www.easymarks.org
2	get.optad360.io	www.bankier.pl get.optad360.io
2	www.googletagservices.com	pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	m.addthis.com	s7.addthis.com
2	v1.addthisedge.com	s7.addthis.com
2	z.moatads.com	s7.addthis.com
2	translate.google.com	www.wdir1.com www.easymarks.org
1	tags.bluekai.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	s1.adform.net	ced-ns.sascdn.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.salesmanago.pl	bbp.salesmanago.pl
1	rp4.liadm.com	www.easymarks.org
1	rp.liadm.com	1 redirects
1	vidstat.taboola.com	cdn.taboola.com
1	vars.hotjar.com	static.hotjar.com
1	15.taboola.com	cdn.taboola.com
1	ced.sascdn.com	www.bankier.pl
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gapl.hit.gemius.pl
1	fonts.googleapis.com	www.bankier.pl
1	beterhbo.ning.com	www.easymarks.org
1	cmp.optad360.io	www.bankier.pl
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	easymarks.disqus.com	www.easymarks.org
1	funcallgirl.in	www.wdir1.com
1	wdir1.disqus.com	www.wdir1.com
342	87

This site contains links to these domains. Also see Links.

Domain
groups.google.com
www.bankier.pl
www.easymarks.org
ide.geeksforgeeks.org
www.addthis.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
funcallgirl.funcallgirls.in cPanel, Inc. Certification Authority	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.bankier.pl Certum Domain Validation CA SHA2	`2020-11-27` - `2021-11-27`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-06-26` - `2021-09-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.salesmanago.pl DigiCert TLS RSA SHA256 2020 CA1	`2021-08-17` - `2022-08-19`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.smartadserver.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.statsforads.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.narrative.io Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 36 frames:

Primary Page: http://www.wdir1.com/link/1080851/movieshd915
Frame ID: EDDCFAD443BC1659A996F541381CB3D6
Requests: 51 HTTP requests in this frame

Frame: http://www.easymarks.org/link/1080849/movieshd915
Frame ID: 3A47B84A8A2C4ECC8AC131B499DC46D6
Requests: 49 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4278848B6D48668D2BACB1C0D661AAFB
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 80FAA2FEE6D7AEB233541E32A0D22B43
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
Frame ID: AD82AC1E9BD9203D0537E86562E33E91
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/zrt_lookup.html
Frame ID: D81A38B9A612207C2FD9B69FD6A2CF1C
Requests: 1 HTTP requests in this frame

Frame: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Frame ID: 75E84C991E9F644D753847F6D385E699
Requests: 95 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CB986B35DD6B92B9282792E73BECAA47
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 74566D6A78B5D899D1D470329F2F104C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1631797392&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&ea=0&flash=0&pra=5&wgl=1&dt=1631797392404&bpp=4&bdt=487&idt=323&shv=r20210914&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8030751941580&frm=20&pv=2&ga_vid=2049292007.1631797393&ga_sid=1631797393&ga_hid=479264872&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062491&oid=3&pvsid=4015384356713501&pem=111&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=341
Frame ID: 46285B7A6E9BB033253314C0683C8A5F
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 127022AC78290727D9A287298933D4D4
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: AE9E3AA8D8198A6F58426165F7393902
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3279755397&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wdir1.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1631797392575&bpp=1&bdt=254&idt=331&shv=r20210914&mjsv=m202109140101&ptt=9&saldr=aa&nras=1&correlator=3401429419456&frm=24&ife=1&pv=2&ga_vid=742725286.1631797393&ga_sid=1631797393&ga_hid=784973128&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=818&ish=640&ifk=2712465668&scr_x=-12245933&scr_y=-12245933&eid=31062093&oid=3&pvsid=482796688493081&pem=640&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C818%2C640&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.5hknn6iesb8o&fsb=1&dtd=345
Frame ID: D8250E609CD152266EED5A6F7A3A22E3
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
Frame ID: 798A9BB05B2EB32997160487A59ADC4E
Requests: 23 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1B5E40F6E4B9B7D81A8EFB7A0F913A2D
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 8BC3B23C72994A8E719C75450B7D7EC3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Frame ID: 8FDC09500FC6DEE8DC96BD7B248144EF
Requests: 27 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: A4DBC2818B996156EBDD5EE28BA9A274
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 564F1C32641805E59F45E1C2EBCA0266
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Frame ID: 5166E441DC43093DE39CD554C3E8E0DA
Requests: 31 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: A77E3C502A532D2C768FEED4811888D4
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 5534ECA7F9A3814A3D277BC3F49AC759
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 00052AE854CDF0F955F50C96DBDDE08B
Requests: 3 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: F0DB96458932DCD97B835F84CFA267B2
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 904DA2525D216B871A84005BCC68AA04
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: FBDF82B5B79AB013248972803316E972
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: B31DDFFD9CB875333B79338056432641
Requests: 3 HTTP requests in this frame

Frame: https://s1.adform.net/banners/scripts/adx.js
Frame ID: E1533B4F42746B62BAA2363A64BF2DD4
Requests: 2 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDmpAUaojLOQaD92ZD3zIvc&google_cver=1
Frame ID: 3D1CFD5F6616B16F452889598911FF29
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915
Frame ID: CE6F3A46DB37D30CE26E653C3CA09F6C
Requests: 3 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7888194857022319267
Frame ID: 377C4483F3BBCCA2D415C423C5FB94FB
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915
Frame ID: 60D6E47664156674C62CA9FBCA09F1C7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 860812E4356D6C71F35775C6FD1DBD98
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 366A4A78F135710E4C10F6F93D049CB5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 935A7328E9EBB38527E5B8AB482A9A36
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC4293470BCA72629ED1E9AC4114533F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

movieshd915FacebookWhatsAppTwitterPinterestAddThisFacebookWhatsAppTwitterPinterestAddThisFacebookWhatsAppTwitterPinterestAddThis

Detected technologies

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jquery[.-]([\d.]*\d)[^/]*\.js

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

342
Requests

92 %
HTTPS

39 %
IPv6

47
Domains

87
Subdomains

66
IPs

8
Countries

5928 kB
Transfer

15391 kB
Size

32
Cookies

103 Outgoing links

These are links going to different origins than the main page.

URL: https://groups.google.com/g/watch-online-fre-movie/c/Yt2mhSvzcko
Title: https://groups.google.com/g/watch-online-fre-movie/c/Yt2mhSvzcko

Search URL Search Domain Scan URL

URL: https://www.bankier.pl/forum/temat_regarder-le-film
Title: https://www.bankier.pl/forum/temat_regarder-le-film

Search URL Search Domain Scan URL

URL: http://www.easymarks.org/link/1080849/movieshd915
Title: http://www.easymarks.org/link/1080849/movieshd915

Search URL Search Domain Scan URL

URL: https://ide.geeksforgeeks.org/Cit8APK3W9
Title: https://ide.geeksforgeeks.org/Cit8APK3W9

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/0sEjrC5FFFQ
Title: https://groups.google.com/g/watch-online-fre-movie/c/0sEjrC5FFFQ

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/-_HdpFeINUg
Title: https://groups.google.com/g/watch-online-fre-movie/c/-_HdpFeINUg

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/oUMlmnb08j8
Title: https://groups.google.com/g/watch-online-fre-movie/c/oUMlmnb08j8

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/WE-EVXErluU
Title: https://groups.google.com/g/watch-online-fre-movie/c/WE-EVXErluU

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/s4WL5s3FM_I
Title: https://groups.google.com/g/watch-online-fre-movie/c/s4WL5s3FM_I

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/LLY6krmYAcY
Title: https://groups.google.com/g/watch-online-fre-movie/c/LLY6krmYAcY

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/Gqdkj4_y0QM
Title: https://groups.google.com/g/watch-online-fre-movie/c/Gqdkj4_y0QM

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/NT3pIiknsAw
Title: https://groups.google.com/g/watch-online-fre-movie/c/NT3pIiknsAw

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/ba-0VnIh9X4
Title: https://groups.google.com/g/watch-online-fre-movie/c/ba-0VnIh9X4

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/t_-D-gLAObM
Title: https://groups.google.com/g/watch-online-fre-movie/c/t_-D-gLAObM

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/C6LoQy3-t_A
Title: https://groups.google.com/g/watch-online-fre-movie/c/C6LoQy3-t_A

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/iCurx3NDvnY
Title: https://groups.google.com/g/watch-online-fre-movie/c/iCurx3NDvnY

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/llSg7gzOJI8
Title: https://groups.google.com/g/watch-online-fre-movie/c/llSg7gzOJI8

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/bYMKHU4NGCQ
Title: https://groups.google.com/g/watch-online-fre-movie/c/bYMKHU4NGCQ

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/wQ0PvU4MJYI
Title: https://groups.google.com/g/watch-online-fre-movie/c/wQ0PvU4MJYI

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/CcbygZuacnU
Title: https://groups.google.com/g/watch-online-fre-movie/c/CcbygZuacnU

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/l6WcchoQphg
Title: https://groups.google.com/g/watch-online-fre-movie/c/l6WcchoQphg

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/NVDEW09K5g4
Title: https://groups.google.com/g/watch-online-fre-movie/c/NVDEW09K5g4

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/6WLWDmcsgbw
Title: https://groups.google.com/g/watch-online-fre-movie/c/6WLWDmcsgbw

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/MNXSawJ6M2o
Title: https://groups.google.com/g/watch-online-fre-movie/c/MNXSawJ6M2o

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/alZ5EtTso5k
Title: https://groups.google.com/g/watch-online-fre-movie/c/alZ5EtTso5k

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/3VixAsKJ_SQ
Title: https://groups.google.com/g/watch-online-fre-movie/c/3VixAsKJ_SQ

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/1RVV039NtRg
Title: https://groups.google.com/g/watch-online-fre-movie/c/1RVV039NtRg

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/BAUoEgqmelU
Title: https://groups.google.com/g/watch-online-fre-movie/c/BAUoEgqmelU

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/uhzWBQ0JHG8
Title: https://groups.google.com/g/watch-online-fre-movie/c/uhzWBQ0JHG8

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/TE5u4gPSbyw
Title: https://groups.google.com/g/watch-online-fre-movie/c/TE5u4gPSbyw

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/0zD-ifwo0mc
Title: https://groups.google.com/g/watch-online-fre-movie/c/0zD-ifwo0mc

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/cbtmBhctOuc
Title: https://groups.google.com/g/watch-online-fre-movie/c/cbtmBhctOuc

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/DqylbC-w-Fc
Title: https://groups.google.com/g/watch-online-fre-movie/c/DqylbC-w-Fc

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/w0z0YNPgGMY
Title: https://groups.google.com/g/watch-online-fre-movie/c/w0z0YNPgGMY

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/9y7boooBzo0
Title: https://groups.google.com/g/watch-online-fre-movie/c/9y7boooBzo0

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/V0lBdLa-gAw
Title: https://groups.google.com/g/watch-online-fre-movie/c/V0lBdLa-gAw

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/BedzV8YSsbs
Title: https://groups.google.com/g/watch-online-fre-movie/c/BedzV8YSsbs

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/Gqj0Eka1ArQ
Title: https://groups.google.com/g/watch-online-fre-movie/c/Gqj0Eka1ArQ

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/6GJ5wPZzlBU
Title: https://groups.google.com/g/watch-online-fre-movie/c/6GJ5wPZzlBU

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/HWFYxB90N_0
Title: https://groups.google.com/g/watch-online-fre-movie/c/HWFYxB90N_0

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/dElAh_jh6NE
Title: https://groups.google.com/g/watch-online-fre-movie/c/dElAh_jh6NE

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/lMOXtHmTanU
Title: https://groups.google.com/g/watch-online-fre-movie/c/lMOXtHmTanU

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/R7_amllDkRI
Title: https://groups.google.com/g/watch-online-fre-movie/c/R7_amllDkRI

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/225ZGCfSBIA
Title: https://groups.google.com/g/watch-online-fre-movie/c/225ZGCfSBIA

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/45Uep1t8DiU
Title: https://groups.google.com/g/watch-online-fre-movie/c/45Uep1t8DiU

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/RlKZd8iKVNE
Title: https://groups.google.com/g/watch-online-fre-movie/c/RlKZd8iKVNE

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/v5rBlmD769o
Title: https://groups.google.com/g/watch-online-fre-movie/c/v5rBlmD769o

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/bTxV1P7xzcQ
Title: https://groups.google.com/g/watch-online-fre-movie/c/bTxV1P7xzcQ

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/O69RZncPTi4
Title: https://groups.google.com/g/watch-online-fre-movie/c/O69RZncPTi4

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/rkTf0NDxpRQ
Title: https://groups.google.com/g/watch-online-fre-movie/c/rkTf0NDxpRQ

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/X0RxdQ0Chuk
Title: https://groups.google.com/g/watch-online-fre-movie/c/X0RxdQ0Chuk

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/XH8FpqcZcK8
Title: https://groups.google.com/g/watch-online-fre-movie/c/XH8FpqcZcK8

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/TyY0WCNEVrs
Title: https://groups.google.com/g/watch-online-fre-movie/c/TyY0WCNEVrs

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/Tr5FKqaByZ8
Title: https://groups.google.com/g/watch-online-fre-movie/c/Tr5FKqaByZ8

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/dcpBws3lmLI
Title: https://groups.google.com/g/watch-online-fre-movie/c/dcpBws3lmLI

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/-hAaf88L5_o
Title: https://groups.google.com/g/watch-online-fre-movie/c/-hAaf88L5_o

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/WcvxXOl2d1c
Title: https://groups.google.com/g/watch-online-fre-movie/c/WcvxXOl2d1c

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/aAJ9Nt16ACk
Title: https://groups.google.com/g/watch-online-fre-movie/c/aAJ9Nt16ACk

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/0Q91qHQPUZA
Title: https://groups.google.com/g/watch-online-fre-movie/c/0Q91qHQPUZA

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/YPNbaLzRjIY
Title: https://groups.google.com/g/watch-online-fre-movie/c/YPNbaLzRjIY

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/l39jcdpDT1A
Title: https://groups.google.com/g/watch-online-fre-movie/c/l39jcdpDT1A

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/Q1iIwXlNEJ0
Title: https://groups.google.com/g/watch-online-fre-movie/c/Q1iIwXlNEJ0

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/7-UWoNA0ypI
Title: https://groups.google.com/g/watch-online-fre-movie/c/7-UWoNA0ypI

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/EbU6Oo_Nii8
Title: https://groups.google.com/g/watch-online-fre-movie/c/EbU6Oo_Nii8

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/sAfLDJnOZkM
Title: https://groups.google.com/g/watch-online-fre-movie/c/sAfLDJnOZkM

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/k7StnO9gixY
Title: https://groups.google.com/g/watch-online-fre-movie/c/k7StnO9gixY

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/InaZU5s02rQ
Title: https://groups.google.com/g/watch-online-fre-movie/c/InaZU5s02rQ

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/FtKeM8nZI2E
Title: https://groups.google.com/g/watch-online-fre-movie/c/FtKeM8nZI2E

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/tdZ4o0EOGMo
Title: https://groups.google.com/g/watch-online-fre-movie/c/tdZ4o0EOGMo

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/KLM2IJCHFzE
Title: https://groups.google.com/g/watch-online-fre-movie/c/KLM2IJCHFzE

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/HpP06zRvTgI
Title: https://groups.google.com/g/watch-online-fre-movie/c/HpP06zRvTgI

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/dQlB_lGd9CE
Title: https://groups.google.com/g/watch-online-fre-movie/c/dQlB_lGd9CE

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/2q94HdMG3Vs
Title: https://groups.google.com/g/watch-online-fre-movie/c/2q94HdMG3Vs

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/Xi-J4f1dGDc
Title: https://groups.google.com/g/watch-online-fre-movie/c/Xi-J4f1dGDc

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/HEBiVVfVjmU
Title: https://groups.google.com/g/watch-online-fre-movie/c/HEBiVVfVjmU

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/zbxvR85U-W0
Title: https://groups.google.com/g/watch-online-fre-movie/c/zbxvR85U-W0

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/lKrV3DhKOqo
Title: https://groups.google.com/g/watch-online-fre-movie/c/lKrV3DhKOqo

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/WjNtieV7Ef0
Title: https://groups.google.com/g/watch-online-fre-movie/c/WjNtieV7Ef0

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/_0L3P7uFm4w
Title: https://groups.google.com/g/watch-online-fre-movie/c/_0L3P7uFm4w

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/hLVYQQ0ZnJQ
Title: https://groups.google.com/g/watch-online-fre-movie/c/hLVYQQ0ZnJQ

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/AqUD5pP_8cA
Title: https://groups.google.com/g/watch-online-fre-movie/c/AqUD5pP_8cA

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/GEsRa5n2TcM
Title: https://groups.google.com/g/watch-online-fre-movie/c/GEsRa5n2TcM

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/Wlq6tzm7hNY
Title: https://groups.google.com/g/watch-online-fre-movie/c/Wlq6tzm7hNY

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/l2bPschvzlE
Title: https://groups.google.com/g/watch-online-fre-movie/c/l2bPschvzlE

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/uPoZt7IE-30
Title: https://groups.google.com/g/watch-online-fre-movie/c/uPoZt7IE-30

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/lnhnjSLbwv8
Title: https://groups.google.com/g/watch-online-fre-movie/c/lnhnjSLbwv8

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/LVJNFvjG3ZA
Title: https://groups.google.com/g/watch-online-fre-movie/c/LVJNFvjG3ZA

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/ZB7H8ewF070
Title: https://groups.google.com/g/watch-online-fre-movie/c/ZB7H8ewF070

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/mdhnZGxTbTE
Title: https://groups.google.com/g/watch-online-fre-movie/c/mdhnZGxTbTE

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/yTNqj_lIVbA
Title: https://groups.google.com/g/watch-online-fre-movie/c/yTNqj_lIVbA

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/zjOykifhqI8
Title: https://groups.google.com/g/watch-online-fre-movie/c/zjOykifhqI8

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/BTIxmkTw_Yg
Title: https://groups.google.com/g/watch-online-fre-movie/c/BTIxmkTw_Yg

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/kNlMe_sPRgc
Title: https://groups.google.com/g/watch-online-fre-movie/c/kNlMe_sPRgc

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/orMUvj9067U
Title: https://groups.google.com/g/watch-online-fre-movie/c/orMUvj9067U

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/PCIC42iqu9I
Title: https://groups.google.com/g/watch-online-fre-movie/c/PCIC42iqu9I

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/5sM4qkQkuNk
Title: https://groups.google.com/g/watch-online-fre-movie/c/5sM4qkQkuNk

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/TH8gsjqafKs
Title: https://groups.google.com/g/watch-online-fre-movie/c/TH8gsjqafKs

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/ztuNPQjc49A
Title: https://groups.google.com/g/watch-online-fre-movie/c/ztuNPQjc49A

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/fikqhkvqHFY
Title: https://groups.google.com/g/watch-online-fre-movie/c/fikqhkvqHFY

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/dohlDfLOOew
Title: https://groups.google.com/g/watch-online-fre-movie/c/dohlDfLOOew

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/nFmRgPNYIDY
Title: https://groups.google.com/g/watch-online-fre-movie/c/nFmRgPNYIDY

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/watch-online-fre-movie/c/BHIDeLCddas
Title: https://groups.google.com/g/watch-online-fre-movie/c/BHIDeLCddas

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 26

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_kavr0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_kavr0

Request Chain 29

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_fh7f0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_fh7f0

Request Chain 39

http://s7.addthis.com/js/300/addthis_widget.js HTTP 307
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 62

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_k2gq0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_k2gq0

Request Chain 65

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_i80u0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_i80u0

Request Chain 119

http://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&typeface=serif&disqus_version=caf3f20 HTTP 307
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&typeface=serif&disqus_version=caf3f20

Request Chain 120

http://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&typeface=serif&disqus_version=caf3f20 HTTP 307
https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&typeface=serif&disqus_version=caf3f20

Request Chain 172

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1631797393600&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easymarks.org%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631797393600&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easymarks.org%2F

Request Chain 173

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1631797393601&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easymarks.org%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631797393601&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easymarks.org%2F

Request Chain 242

https://gapl.hit.gemius.pl/_1631797394122/rexdot.js?l=100&id=0ihFZGtRodd4eRdnn7__KpYlrfEdg5rEoS8h.SiJc2v.R7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&screen=1600x1200r1000&col=24&window=550x640&ltime=420&lsdata=3rW8GaelKY7FdJtpxEIMOFURzGFFG83EXi7BAlj.mYv.h7H1MM_4_XwAj.V1F_wZzb4bohJNRz7aBCcvnH2zT.9PNOWq/xKTmUgr1UDo1N/&fpdata=-TURNEDOFF&vis=1 HTTP 301
https://gapl.hit.gemius.pl/__/_1631797394122/rexdot.js?l=100&id=0ihFZGtRodd4eRdnn7__KpYlrfEdg5rEoS8h.SiJc2v.R7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&screen=1600x1200r1000&col=24&window=550x640&ltime=420&lsdata=3rW8GaelKY7FdJtpxEIMOFURzGFFG83EXi7BAlj.mYv.h7H1MM_4_XwAj.V1F_wZzb4bohJNRz7aBCcvnH2zT.9PNOWq/xKTmUgr1UDo1N/&fpdata=-TURNEDOFF&vis=1

Request Chain 248

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP 307
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

Request Chain 273

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.wdir1.com%2F&domain=www.bankier.pl&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=e-v8L3x4eGVMTGtsTkdjamJYMTZpR2xIREtzVHpURmRWc2R6bTJ4N1pFK1dSTWgyMmF2a0xiREUvajk0Vm41aTZxWjU4em5nVGtUdm1lWjBuTXpYNEh0alFySEsrY2xSYWRzZ2czbnlmZitMWHhpWm1qODhJcVJUYlg2UGFQSW83WlVOTS81MlRYTlFQQVkyU0FaMlV1Skdpa1k3dDAzTWpVVXFjNDFGZTBJY0w2VlE0R0lmNngyRUZORlZrc2RzOVRDUytwa3BSTi95NXpmVXM5NFJCNDlnMEovOHFYeU9zd1VFNTFFdEkyWlhnbjZsM0hKaVplT0ZFcE1jckh5RHVOQWVOfA&cppv=2

Request Chain 274

https://rp.liadm.com/j?wpn=prebid&pu=http%3A%2F%2Fwww.wdir1.com&se=e30&dtstmp=1631797394371 HTTP 302
https://rp4.liadm.com/j?wpn=prebid&pu=http%3A%2F%2Fwww.wdir1.com&se=e30&dtstmp=1631797394371&i6=MmEwMTo0Zjg6YTE6MWExOjhhOjox&n3pc=true

Request Chain 275

https://www3.smartadserver.com/1947/call HTTP 307
https://www3.smartadserver.com/1947/call?cklb=1

Request Chain 289

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 304

https://adx.adform.net/adx/?rp=3&bWlkPTE3NjU1OSZybmQ9NTE4MjI1MjA4NA&url=http%3A%2F%2Fwww.wdir1.com&callback=_adform_cb_1631797394971_9337719071816468 HTTP 302
https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTE3NjU1OSZybmQ9NTE4MjI1MjA4NA&url=http%3A%2F%2Fwww.wdir1.com&callback=_adform_cb_1631797394971_9337719071816468

Request Chain 306

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCJOBjYoGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDmpAUaojLOQaD92ZD3zIvc&google_cver=1

Request Chain 308

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac1k4ba3125lju6k HTTP 302
https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c1k4ba3125lju6k

Request Chain 309

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac1k4ba3125lju6k&ret=img&ref=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915 HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=74597510-16ee-11ec-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac1k4ba3125lju6k&ret=img&ref=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915

Request Chain 314

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=7888194857022319267 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=3e86a4c8-40b6-4a41-af34-62fc1913550a%3A1631797395.2&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc1k4ba3125lju6k HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c1k4ba3125lju6k HTTP 307
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=75uZePM_GUNV-QS8zmYw9tmc8kxvj5qf

Request Chain 315

https://p.rfihub.com/cm?pub=39342&in=1&userid=3e86a4c8-40b6-4a41-af34-62fc1913550a%3A1631797395.2&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1870471598141181659 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c1k4ba3125lju6k HTTP 307
https://tags.bluekai.com/site/2035?phint=rluid=a55502d49c312841c49a03b7626aea981e4f7a14e9d65ecf10f93f2711ebd7ce2971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24BK_UUID_25515 HTTP 302
https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515

Request Chain 322

https://ejp.rlcdn.com/501709.html HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7888194857022319267

Request Chain 324

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac1k4ba3125lju6k HTTP 302
https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c1k4ba3125lju6k

Request Chain 327

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=7888194857022319267 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=3e86a4c8-40b6-4a41-af34-62fc1913550a%3A1631797395.2&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc1k4ba3125lju6k HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c1k4ba3125lju6k HTTP 307
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} HTTP 302
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=120273&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} HTTP 302
https://idsync.rlcdn.com/401726.gif?partner_uid=zUNTaB26M8j1n0QNnW1o/e

Request Chain 328

https://p.rfihub.com/cm?pub=39342&in=1&userid=3e86a4c8-40b6-4a41-af34-62fc1913550a%3A1631797395.2&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1870471598141181659 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c1k4ba3125lju6k HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=f7941ccc0b519ba9d6f1827d9f2846b023e32f262d5c74023551863d8c7d4275b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=f7941ccc0b519ba9d6f1827d9f2846b023e32f262d5c74023551863d8c7d4275b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://idsync.rlcdn.com/362248.gif?partner_uid=62002390156385497950962928998347681244

342 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request movieshd915 Show response
www.wdir1.com/link/1080851/ 51 KB
13 KB 456ms
431ms Document
text/html 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 114474004b8736fc8c4041c60815f27c70a3d4ac88b48f8b1a53b7ee2fbda10b

Request headers

Host: www.wdir1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 16 Sep 2021 13:03:25 GMT
Content-Length: 12985

GET
H/1.1 200
OK all.css
www.wdir1.com/fontawesome/css/ 69 KB
13 KB 10ms
10ms Stylesheet
text/css 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.wdir1.com/fontawesome/css/all.css
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 05b29e731ac5a3e11c7b0fcde0785296c564342bcd8831c9c9206ca967224d88

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.wdir1.com/link/1080851/movieshd915
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/link/1080851/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Content-Encoding: gzip
ETag: "06e22a3afdbd51:0"
Last-Modified: Tue, 04 Feb 2020 23:05:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 12885

GET
H/1.1 200
OK logo-small.png
www.wdir1.com/images/wdir1/ 2 KB
2 KB 28ms
23ms Image
image/png 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wdir1.com/images/wdir1/logo-small.png
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ca64f6e8126e8e8764a3341b5cb1e344e431c14295ee265dfea6a339a8070d58

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wdir1.com/link/1080851/movieshd915
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/link/1080851/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Wed, 24 Feb 2021 07:54:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8dedcb3b82ad71:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2267

GET
H/1.1 200
OK element.js Show response
translate.google.com/translate_a/ 10 KB
4 KB 185ms
168ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

af2c53d9541e1e8a6d2d677ee26cfc4988338f391e526f4da4ec5c607fc4e044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
Content-Language: de
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 3853
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
40 KB 268ms
102ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-12703824-60

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06ecf34762ec3ed948e0585694c979a2d6cf70ccb5e1bde264a96cba5d93749e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40338
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 13:03:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 276ms
112ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45a3c3e0a8fdafab3a7a75514d91dedffbe875648172933eb13c8a63ab3b7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48892
x-xss-protection: 0
server: cafe
etag: 5632201246159369654
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:03:12 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.wdir1.com/js/ 94 KB
33 KB 19ms
17ms Script
application/javascript 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.wdir1.com/js/jquery.min.js
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://www.wdir1.com/link/1080851/movieshd915
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/link/1080851/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Content-Encoding: gzip
ETag: "0466be499dd01:0"
Last-Modified: Tue, 02 Jun 2015 15:35:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 33470

GET
H/1.1 200
OK busy.gif
www.wdir1.com/images/ 55 KB
56 KB 26ms
23ms Image
image/gif 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wdir1.com/images/busy.gif
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2b1fc74e817aa58e6026dec5c17a14951a372c93d958551b4bb47a80fc17ab49

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wdir1.com/link/1080851/movieshd915
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/link/1080851/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Thu, 05 Mar 2020 17:45:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b563a5e915f3d51:0"
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 56582

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

27ms
9ms

Script
application/javascript

104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 16 Sep 2021 13:03:12 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK embed.js Show response
wdir1.disqus.com/ 74 KB
25 KB 226ms
158ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wdir1.disqus.com/embed.js

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

43bd93a02b96b4539c3357e74a102e7edb758784e1d96a7428c4e9aab0c61dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24674

GET
H/1.1 200
OK movieshd915 Show response
www.easymarks.org/link/1080849/ Frame 3A47 51 KB
13 KB 365ms
342ms Document
text/html 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.easymarks.org/link/1080849/movieshd915
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 42b4eda72d795567bc64781971a0480d2f191d2f1ed21b86ea5bcfa00f5ec7bf

Request headers

Host: www.easymarks.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.wdir1.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 16 Sep 2021 13:03:26 GMT
Content-Length: 13056

GET
H/1.1 200
OK bg.jpg
www.wdir1.com/images/wdir1/ 28 KB
28 KB 20ms
20ms Image
image/jpeg 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wdir1.com/images/wdir1/bg.jpg
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0c9b75f27cdb5b0530537bb82f6772c9cea50e44961d19aad496e62d1b979042

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wdir1.com/link/1080851/movieshd915
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/link/1080851/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Mon, 31 Aug 2020 18:17:16 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "966ccf4c27fd61:0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 28473

GET
H/1.1 200
OK fa-solid-900.woff2
www.wdir1.com/fontawesome/webfonts/ 74 KB
75 KB 21ms
18ms Font
font/woff2 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.wdir1.com/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/fontawesome/css/all.css
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Pragma: no-cache
Origin: http://www.wdir1.com
Accept-Encoding: gzip, deflate
Host: www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://www.wdir1.com/fontawesome/css/all.css
Connection: keep-alive
Referer: http://www.wdir1.com/fontawesome/css/all.css
Origin: http://www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Tue, 04 Feb 2020 23:05:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06e22a3afdbd51:0"
Content-Type: font/woff2
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 76120

GET
H/1.1 200
OK roboto.regular.ttf
www.wdir1.com/css/fonts/ 123 KB
123 KB 21ms
18ms Font
application/octet-stream 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.wdir1.com/css/fonts/roboto.regular.ttf
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bde8a188e37aa936b167aecc5e5a3da40262f6e51fd54c584f2cf2b6b99d96ca

Request headers

Pragma: no-cache
Origin: http://www.wdir1.com
Accept-Encoding: gzip, deflate
Host: www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://www.wdir1.com/link/1080851/movieshd915
Connection: keep-alive
Referer: http://www.wdir1.com/link/1080851/movieshd915
Origin: http://www.wdir1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Fri, 28 Apr 2017 07:44:13 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "721ae03af3bfd21:0"
Content-Type: application/octet-stream
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 126072

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 253ms
78ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Thu, 16 Sep 2021 13:16:59 GMT

GET
H2 200 main_de.js Show response
translate.googleapis.com/translate_static/js/element/ 7 KB
3 KB 252ms
77ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main_de.js

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2431
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Thu, 16 Sep 2021 13:16:59 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 60ms
8ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=49135
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5afc35d1b370355e/ 3 KB
905 B 92ms
91ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5afc35d1b370355e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b040c2d2208a2fd0132da80eda55500479e66e3d18ceccdc65ce16fc99609aa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
etag: -923115544--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 729

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 280ms
218ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6143409014177afc&bkl=0&bl=1&pdt=562&sid=6143409014177afc&pub=ra-5afc35d1b370355e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.wdir1.com&fp=link%2F1080851%2Fmovieshd915&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1631797392188&jsl=1&uvs=614340909f8b7d88000&skipb=1&callback=addthis.cbs.jsonp__6141988903805580
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5794cd2e3f5a51bd72a8621481643efa9f823eed9f90b87b8fac8bc9bc71ac7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:12 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4278 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 80FA 71 KB
26 KB 64ms
63ms Document
text/html 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wdir1.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 16 Sep 2021 13:03:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 76ms
10ms Other
text/css 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Requested by

Host: wdir1.disqus.com
URL: https://wdir1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1263718
x-cache: Hit from cloudfront
content-length: 26040
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 01 Sep 2021 21:40:36 GMT
server: nginx
etag: "612ff354-65b8"
content-type: text/css; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 01 Sep 2022 22:01:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: BX-UympmnppoTM_eUD3oXRM6d9_-JxlDMnuOcKiHPspqEpEXX52FlQ==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 0
93 KB 80ms
14ms Other
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: wdir1.disqus.com
URL: https://wdir1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5072159
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: dVt9O-azsRWgLAk5s8Htjre8FQPLJ9-85hQUY9KMZNHDhWVuiEc99Q==
x-cache-hits: 0

GET
H2 200 lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
c.disquscdn.com/next/embed/ 0
119 KB 86ms
20ms Other
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Requested by

Host: wdir1.disqus.com
URL: https://wdir1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1190836
x-cache: Hit from cloudfront
content-length: 120689
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-1d771"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 7HkmSzdfy8qAKox15s07NG8nE2z8yv0tZnN1ratjxX4IJZRsMiWbpA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 37ms
7ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: wdir1.disqus.com
URL: https://wdir1.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 16
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12058
X-XSS-Protection: 1; mode=block

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 13ms
12ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 16 Sep 2021 13:03:12 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame AD82 6 KB
4 KB 175ms
175ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Requested by

Host: wdir1.disqus.com
URL: https://wdir1.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

635ccfa88020a03bd465576dff57f3655a642da90a36b58ffe65a5b8185575f7

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.wdir1.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/

Response headers

Connection: keep-alive
Content-Length: 2689
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Thu, 16 Sep 2021 13:03:12 GMT
ETag: W/"lounge:view:8777224354.55027b90aeca6ff99ce970936bfdeb90.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 16 Sep 2021 13:03:12 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_kavr0
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_kavr0

92 B
319 B

165ms
101ms

Script
application/javascript

151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_kavr0

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c03671ab4306356cc772804de2ff0b074f788c81f06b52f03392f1e5f9aa7953

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1386815478085401
expires: Thu, 16 Sep 2021 13:18:12 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_kavr0
Non-Authoritative-Reason: HSTS

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
298 B 267ms
230ms Script
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=_ate.cbs.rcb_dzq60

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

92f7993ac9ed657a4c71c45f3ce4fb3b729326654b7accbb58f18f0d77a2acb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.wdir1.com/link/1080851/movieshd915
last-modified: Thu, 16 Sep 2021 13:03:12 GMT
server: nginx/1.15.8
date: Thu, 16 Sep 2021 13:03:12 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
269 B 218ms
181ms XHR
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.wdir1.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.wdir1.com/link/1080851/movieshd915
last-modified: Thu, 16 Sep 2021 13:00:00 GMT
server: nginx/1.15.8
date: Thu, 16 Sep 2021 13:03:12 GMT
content-type: application/json
access-control-allow-origin: http://www.wdir1.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_fh7f0
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_fh7f0

93 B
157 B

142ms
103ms

Script
application/javascript

151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_fh7f0

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

73e7562da4e7d9f7a6739e355716f8efc6e8897ac2f2d9dca0f88d8bc53f047e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 6006933317520125
expires: Thu, 16 Sep 2021 13:18:12 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=window._ate.cbs.rcb_fh7f0
Non-Authoritative-Reason: HSTS

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
298 B 475ms
438ms Script
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&callback=_ate.cbs.rcb_j8we0

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

081e073de297b2a8d18c2bc46318bfe6634d32abf79d833953460837ff161be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.wdir1.com/link/1080851/movieshd915
last-modified: Thu, 16 Sep 2021 13:03:12 GMT
server: nginx/1.15.8
date: Thu, 16 Sep 2021 13:03:12 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK all.css
www.easymarks.org/fontawesome/css/ Frame 3A47 69 KB
16 KB 14ms
14ms Stylesheet
text/css 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.easymarks.org/fontawesome/css/all.css
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 05b29e731ac5a3e11c7b0fcde0785296c564342bcd8831c9c9206ca967224d88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/link/1080849/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Content-Encoding: gzip
ETag: "06e22a3afdbd51:0"
Last-Modified: Tue, 04 Feb 2020 23:05:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 15975

GET
H/1.1 200
OK logo-small.png
www.easymarks.org/images/easymarks/ Frame 3A47 8 KB
8 KB 22ms
17ms Image
image/png 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.easymarks.org/images/easymarks/logo-small.png
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c1fc6751c31ac0ac718cebaf521a02dee07b0594d9c0aa7d77ba95db58badc21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/link/1080849/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Wed, 02 Sep 2020 09:13:17 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "289aa64b981d61:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 8261

GET
H/1.1 200
OK element.js Show response
translate.google.com/translate_a/ Frame 3A47 10 KB
4 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

af2c53d9541e1e8a6d2d677ee26cfc4988338f391e526f4da4ec5c607fc4e044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
Content-Language: de
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 3853
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3A47 99 KB
40 KB 104ms
103ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-12703824-27

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58013144a1ca085122ee381135d2c632556568896d08275535a543b5f195eabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40397
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 13:03:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3A47 136 KB
48 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45a3c3e0a8fdafab3a7a75514d91dedffbe875648172933eb13c8a63ab3b7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48892
x-xss-protection: 0
server: cafe
etag: 5632201246159369654
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:03:12 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.easymarks.org/js/ Frame 3A47 94 KB
42 KB 25ms
23ms Script
application/javascript 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.easymarks.org/js/jquery.min.js
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/link/1080849/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Content-Encoding: gzip
ETag: "0466be499dd01:0"
Last-Modified: Tue, 02 Jun 2015 15:35:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 42837

GET
H/1.1 200
OK busy.gif
www.easymarks.org/images/ Frame 3A47 55 KB
56 KB 21ms
17ms Image
image/gif 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.easymarks.org/images/busy.gif
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2b1fc74e817aa58e6026dec5c17a14951a372c93d958551b4bb47a80fc17ab49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/link/1080849/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Thu, 05 Mar 2020 17:45:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b563a5e915f3d51:0"
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 56582

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 3A47
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

23ms
23ms

Script
application/javascript

104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 16 Sep 2021 13:03:12 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Location: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-5afc35d1b370355e
Non-Authoritative-Reason: HSTS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 205ms
69ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12703824-60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 672
date: Thu, 16 Sep 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 16 Sep 2021 14:52:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/ 251 KB
93 KB 146ms
145ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2246361437356141&plah=www.wdir1.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7d5f7947a63650a572af7e956a61edc65b55909b6959fc712fa84f60d779267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94937
x-xss-protection: 0
server: cafe
etag: 17872103881916738157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:03:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/ Frame D81A 10 KB
5 KB 124ms
124ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210914/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wdir1.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 16 Sep 2021 01:17:18 GMT
expires: Thu, 30 Sep 2021 01:17:18 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 42354
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK favicon.ico
www.easymarks.org/ 17 KB
17 KB 17ms
17ms Image
image/x-icon 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.easymarks.org/favicon.ico
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7bf71100174b419bc5a1cb507435657f74e4f1b931df3e2c26b2a65adbbe84ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Sun, 30 Aug 2020 09:48:47 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d1ef88c1b27ed61:0"
Content-Type: image/x-icon
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 16958

GET
H2 404 favicon.ico
funcallgirl.in/ 0
0 1201ms
160ms Image
text/html 148.72.244.233
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funcallgirl.in/favicon.ico
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.244.233 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-148-72-244-233.ip.secureserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 252 KB
90 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main_de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 10:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91906
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 16 Sep 2022 10:16:59 GMT

GET
H/1.1 200
OK bg.jpg
www.easymarks.org/images/easymarks/ Frame 3A47 23 KB
23 KB 16ms
16ms Image
image/jpeg 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.easymarks.org/images/easymarks/bg.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a31747f76763ece618c3f378cbd57acb87c36a4f664a122924975a03153c1680

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/link/1080849/movieshd915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Wed, 02 Sep 2020 09:17:44 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7fb2cfea981d61:0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 23196

GET
H/1.1 200
OK fa-solid-900.woff2
www.easymarks.org/fontawesome/webfonts/ Frame 3A47 74 KB
75 KB 10ms
10ms Font
font/woff2 5.175.3.206
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.easymarks.org/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/fontawesome/css/all.css
Protocol: HTTP/1.1
Server: 5.175.3.206 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Referer: http://www.easymarks.org/fontawesome/css/all.css
Origin: http://www.easymarks.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:26 GMT
Last-Modified: Tue, 04 Feb 2020 23:05:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06e22a3afdbd51:0"
Content-Type: font/woff2
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 76120

GET
H/1.1 200
OK embed.js Show response
easymarks.disqus.com/ Frame 3A47 75 KB
25 KB 192ms
143ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://easymarks.disqus.com/embed.js

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

89d6faf8869d446cb855030d67c888c0169e7b817624dbc919d4194438ddd55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24738

GET
H/1.1 410
Gone temat_regarder-le-film,49558167.html Show response
www.bankier.pl/forum/ Frame 75E8 47 KB
26 KB 174ms
49ms Document
text/html 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS: bankier.pl
Software: /
Resource Hash: 9ee74b69bcf8d9034f07cc018c890139a23719ac34468f935f1d2b3a61b3ecf3

Request headers

Host: www.bankier.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.easymarks.org/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Backend: a3
Vary: Origin
Content-Encoding: gzip
X-Varnish: 2565423185 2565401355
Age: 28
Via: 1.1 varnish

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 3A47 18 KB
3 KB 222ms
221ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Thu, 16 Sep 2021 13:16:59 GMT

GET
H2 200 main_de.js Show response
translate.googleapis.com/translate_static/js/element/ Frame 3A47 7 KB
2 KB 229ms
228ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main_de.js

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2431
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Thu, 16 Sep 2021 13:16:59 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame 3A47 2 KB
1 KB 9ms
9ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=49135
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5afc35d1b370355e/ Frame 3A47 3 KB
905 B 23ms
22ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5afc35d1b370355e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b040c2d2208a2fd0132da80eda55500479e66e3d18ceccdc65ce16fc99609aa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
etag: -923115544--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 729

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ Frame 3A47 89 B
249 B 166ms
166ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61434090b4d1b9a4&bkl=0&bl=1&pdt=519&sid=61434090b4d1b9a4&pub=ra-5afc35d1b370355e&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.easymarks.org&dr=www.wdir1.com&fp=link%2F1080849%2Fmovieshd915&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1631797392542&jsl=1&skipb=1&callback=addthis.cbs.jsonp__45198368677816570
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0417e7b73d22ea2d8ef4e932d819833c4b1c13431b40a22227187919c27c6279

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:12 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CB98 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 7456 71 KB
26 KB 34ms
34ms Document
text/html 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.easymarks.org/
accept-encoding: gzip, deflate, br
cookie: uvc=1%7C37; loc=MDAwMDBFVURFTlcyMzE1MTg2OTAwMjAwMDBDSA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 16 Sep 2021 13:03:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 lounge.load.9bdb65de27b881f62b84ef54f46d1575.js Show response
c.disquscdn.com/next/embed/ Frame AD82 1 KB
1 KB 34ms
10ms Script
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1190836
x-cache: Hit from cloudfront
content-length: 533
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-215"
content-type: application/javascript; charset=utf-8
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: -VE4aDwMqvzIysYx1YG__ZXZasePcJ6E6Ew1bmrOIzxFlGm1nL5aNA==
x-cache-hits: 0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/ Frame 3A47 251 KB
93 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2246361437356141&plah=www.easymarks.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7d5f7947a63650a572af7e956a61edc65b55909b6959fc712fa84f60d779267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94937
x-xss-protection: 0
server: cafe
etag: 17872103881916738157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:03:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3A47 48 KB
19 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12703824-27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 672
date: Thu, 16 Sep 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 16 Sep 2021 14:52:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame 3A47 263 KB
76 KB 20ms
17ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 16 Sep 2021 13:03:12 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js Show response
c.disquscdn.com/next/embed/ Frame AD82 282 KB
93 KB 10ms
9ms Script
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5072159
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: huZKJtd0il0_M71mHgk8lxClVGsjWp1qIRcBSfE4tJyojjsiPmMPXw==
x-cache-hits: 0

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/ Frame 3A47
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_k2gq0
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_k2gq0

96 B
144 B

107ms
106ms

Script
application/javascript

151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_k2gq0

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8f593e0233681ad36a58e14c0e041cd1b3cd903b9ea2f1db5cb4ada9628ccfbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 6436398676850067
expires: Thu, 16 Sep 2021 13:18:12 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_k2gq0
Non-Authoritative-Reason: HSTS

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ Frame 3A47 33 B
301 B 200ms
198ms Script
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=_ate.cbs.rcb_cr880

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

37d0c5a3182ca8a80f82435ad1b1773b2bb3b460c43c8b056c2faa88b2d3a23f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.easymarks.org/link/1080849/movieshd915
last-modified: Thu, 16 Sep 2021 13:03:12 GMT
server: nginx/1.15.8
date: Thu, 16 Sep 2021 13:03:12 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ Frame 3A47 2 B
275 B 195ms
192ms XHR
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.easymarks.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.easymarks.org/link/1080849/movieshd915
last-modified: Thu, 16 Sep 2021 13:00:00 GMT
server: nginx/1.15.8
date: Thu, 16 Sep 2021 13:03:12 GMT
content-type: application/json
access-control-allow-origin: http://www.easymarks.org
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/ Frame 3A47
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_i80u0
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_i80u0

97 B
157 B

101ms
101ms

Script
application/javascript

151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_i80u0

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

958f279404b404969374ee81fc3983a836135baac26f7e24f10e83425e5734ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 9232312389475773
expires: Thu, 16 Sep 2021 13:18:12 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=window._ate.cbs.rcb_i80u0
Non-Authoritative-Reason: HSTS

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ Frame 3A47 33 B
301 B 202ms
199ms Script
application/json 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&callback=_ate.cbs.rcb_hdap0

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

5c569ce3a534fdf50bc132bf9dad2f0247fedc4db902626f7f312b7e5bb816d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.easymarks.org/link/1080849/movieshd915
last-modified: Thu, 16 Sep 2021 13:03:12 GMT
server: nginx/1.15.8
date: Thu, 16 Sep 2021 13:03:12 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ Frame 3A47 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ Frame AD82 163 KB
26 KB 10ms
9ms Stylesheet
text/css 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1263718
x-cache: Hit from cloudfront
content-length: 26040
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 01 Sep 2021 21:40:36 GMT
server: nginx
etag: "612ff354-65b8"
content-type: text/css; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 01 Sep 2022 22:01:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 2lc5nh7NyPAocUoSIwzgvLhA1X7lSW907ODbRI6YE3MRc3NMxenAvA==
x-cache-hits: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 369ms
60ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.wdir1.com&callback=_gfp_s_&client=ca-pub-2246361437356141

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2246361437356141&plah=www.wdir1.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b3c4df3ef0232a64563179bf95de31ec96bb44b231deebb11587f0d1ede7d6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 251ms
87ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wdir1.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 233ms
80ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wdir1.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4628 603 B
221 B 96ms
95ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1631797392&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&ea=0&flash=0&pra=5&wgl=1&dt=1631797392404&bpp=4&bdt=487&idt=323&shv=r20210914&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8030751941580&frm=20&pv=2&ga_vid=2049292007.1631797393&ga_sid=1631797393&ga_hid=479264872&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062491&oid=3&pvsid=4015384356713501&pem=111&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=341

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1631797392&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&ea=0&flash=0&pra=5&wgl=1&dt=1631797392404&bpp=4&bdt=487&idt=323&shv=r20210914&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8030751941580&frm=20&pv=2&ga_vid=2049292007.1631797393&ga_sid=1631797393&ga_hid=479264872&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062491&oid=3&pvsid=4015384356713501&pem=111&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=341
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wdir1.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 16 Sep 2021 13:03:12 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 16-Sep-2021 13:18:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 305ms
140ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631705383510867"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H2 200 lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js Show response
c.disquscdn.com/next/embed/ Frame AD82 468 KB
119 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1190836
x-cache: Hit from cloudfront
content-length: 120689
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-1d771"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: qtDTF26Bqc95kaVt38vxI-lmOzV5cEMYbPm9Ur2TXjvYIMfEpwy-dA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame AD82 12 KB
12 KB 13ms
12ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a2ac7d27583731c7b8390949ca3884a647f16f7e499fef291bc73881ac4400b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 17
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12058
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 80ms
80ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=479264872&t=pageview&_s=1&dl=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&ul=en-us&de=UTF-8&dt=movieshd915&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=986592879&gjid=1321246232&cid=2049292007.1631797393&tid=UA-12703824-60&_gid=1924616932.1631797393&_r=1&gtm=2ou9f0&z=1255470174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.wdir1.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.wdir1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 75f37f78-6a46-4da2-a550-0c9119d4e986.min.js Show response
cmp.optad360.io/items/ Frame 75E8 254 KB
72 KB 75ms
10ms Script
application/javascript 2600:9000:21f3:7e00:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/75f37f78-6a46-4da2-a550-0c9119d4e986.min.js
Requested by: Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7e00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5eef549a40a959226e79ba241e13203dc93f3bc076497bfe0846f8b640650e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:25:46 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 08:12:33 GMT
server: AmazonS3
age: 2247
etag: W/"8cc4badb64cdf9dc05b67388e6bef3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 7RWN9AEnXieKwmmqd8Wxhmp8DN9YGod9H7acHf7qOar0hbZLqZK6WA==

GET
H2 200 lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ Frame 3A47 0
26 KB 8ms
8ms Other
text/css 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Requested by

Host: easymarks.disqus.com
URL: https://easymarks.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1263718
x-cache: Hit from cloudfront
content-length: 26040
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 01 Sep 2021 21:40:36 GMT
server: nginx
etag: "612ff354-65b8"
content-type: text/css; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 01 Sep 2022 22:01:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: gH8lIx2eU8ykx_1bQk9dyAvE_KF_ljWgrxuQVKj_FKvoxOtHhQV04Q==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ Frame 3A47 0
93 KB 10ms
9ms Other
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: easymarks.disqus.com
URL: https://easymarks.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5072159
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 5YreUchdwFx3rITZ70eombr7eqBTOFoavpTgFJOJhCcfnoAuGSWL1Q==
x-cache-hits: 0

GET
H2 200 lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
c.disquscdn.com/next/embed/ Frame 3A47 0
119 KB 11ms
10ms Other
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Requested by

Host: easymarks.disqus.com
URL: https://easymarks.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1190836
x-cache: Hit from cloudfront
content-length: 120689
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-1d771"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: PuPFQDJKEX46P5pR9w7hd5zK9IcV2D4sMrUDfIjz_7TIJ-qq32DsDA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ Frame 3A47 0
12 KB 8ms
8ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: easymarks.disqus.com
URL: https://easymarks.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 17
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12058
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated Show response
/ Frame 1270 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: http://www.wdir1.com/

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 261ms
71ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:44:17 GMT
x-content-type-options: nosniff
age: 1136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Sep 2022 12:44:17 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame AE9E 18 KB
3 KB 80ms
79ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Thu, 16 Sep 2021 13:16:59 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
915 B 259ms
71ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:47:49 GMT
x-content-type-options: nosniff
age: 924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Sep 2022 12:47:49 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
619 B 274ms
84ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK favicon.ico
www.bankier.pl/ Frame 3A47 34 KB
3 KB 33ms
33ms Image
image/x-icon 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/favicon.ico

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

79a05a1845363997e213c7297ff3bdd7f2642446129aa2346a73f6bd2a4cb51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Backend: a3
Age: 979
Connection: keep-alive
Vary: Origin
Content-Length: 3029
magicmarker: 1
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
Strict-Transport-Security: max-age=31536000; preload
X-Varnish: 2565423412 2564725609
Via: 1.1 varnish
cache-control: max-age=3600
Accept-Ranges: bytes
Content-Type: image/x-icon

GET
H/1.1 200
OK favicon.ico
beterhbo.ning.com/ Frame 3A47 0
829 B 425ms
396ms Image
image/x-icon 2620:46:2000:16::68
NING

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://beterhbo.ning.com/favicon.ico

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

HTTP/1.1

Server

2620:46:2000:16::68 , United States, ASN13535 (NING, US),

Reverse DNS

Software

Unknown /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Vary: X-XN_APPLICATION
Server: Unknown
X-XN-Trace-Token: c26bccaf-b741-4bee-9d39-77a0817ad47a
X-Frame-Options: deny
P3P: CP="UNI STA LOC CURa OURa COR ALL IND"
Cache-Control: max-age=0, no-cache="Set-Cookie"
Content-Security-Policy: frame-ancestors 'self'
Connection: keep-alive
Content-Type: image/x-icon
Content-Length: 0
X-XN-XNHTML: false
X-Request-Id: d61865380fb89381136c8e63666e9491
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jquery-ui-1.10.0.custom.css
www.bankier.pl/static/css/ui-theme/ Frame 75E8 31 KB
6 KB 51ms
22ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/ui-theme/jquery-ui-1.10.0.custom.css

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

11d11733a9a475b22a94a81ad9b59b78be7c17c07887c6638d88eff88a087e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s1
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423446 2564725392
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 6019

GET
H/1.1 200
OK style.css
www.bankier.pl/static/css/ Frame 75E8 180 B
577 B 79ms
37ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/style.css

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

27e8c57a8c68686b2e95291bf48c73b362657a00bb0640e392491ecfa716e6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s1
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
cache-control: max-age=300
X-Varnish: 2565423477 2565366893
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 180

GET
H/1.1 200
OK autocomplete.css
www.bankier.pl/static/css/ Frame 75E8 2 KB
1 KB 79ms
36ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/autocomplete.css

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

ff7d449e8703e741e414a265aa3d5b1db409794f51aac80e939c109326d76288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:20 GMT
X-Backend: s4
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423471 2564725524
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 680

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
www.bankier.pl/static/js/ Frame 75E8 93 KB
33 KB 85ms
41ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/jquery-1.7.2.min.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423459 2564725844
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 33673

GET
H/1.1 200
OK jquery-ui-1.10.0.custom.min.js Show response
www.bankier.pl/static/js/ Frame 75E8 222 KB
59 KB 92ms
41ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/jquery-ui-1.10.0.custom.min.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

e3f789c74c35f401aee8be0195700d82ddf0a28ba772e19d6c10460e1b1b1485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s1
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423464 2564725845
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 60044

GET
H/1.1 200
OK jquery.autocomplete.js Show response
www.bankier.pl/static/js/ Frame 75E8 12 KB
4 KB 162ms
90ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/jquery.autocomplete.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

b38baab029c01df74c0015ff12754f556aabb6aee42eb03e41aa90cabfdb9b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s2
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423537 2564726470
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 3637

GET
H/1.1 200
OK search.js Show response
www.bankier.pl/static/js/ Frame 75E8 259 B
639 B 162ms
90ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/search.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

d3dd422f9137b4143255ff663cf07145156f9a627b2e3a99d19405742891631e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s3
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423538 2564726184
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 203

GET
H/1.1 200
OK cf.js Show response
www.bankier.pl/static/js/ Frame 75E8 12 KB
3 KB 115ms
35ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/cf.js?20170921

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

fd7d791d78f10d59b04151bc2e7057b5884e36426ad5a9b99f8ada07fe282f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423494 2564726037
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2485

GET
H/1.1 200
OK jquery.uniform.min.js Show response
www.bankier.pl/static/js/ Frame 75E8 8 KB
3 KB 116ms
36ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/jquery.uniform.min.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

dca0654c6ee40acb99776b0f765e0c23631907d180e22d6c9bc1feac4c4b1f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s2
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423503 2564726098
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2874

GET
H/1.1 200
OK forum.js Show response
www.bankier.pl/static/js/ Frame 75E8 6 KB
3 KB 115ms
30ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/forum.js?20160922

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

31e73b16d364bb1e713cb275175f034f6062b2eab59c8fdf644112c8823b4d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s1
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423505 2564726042
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2129

GET
H/1.1 200
OK jquery.multiselect.multiselect.filter.mod.min.js Show response
www.bankier.pl/static/js/ Frame 75E8 13 KB
5 KB 170ms
58ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/jquery.multiselect.multiselect.filter.mod.min.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

37e7b449e621dc146c80ad708fe44c15562f32393531c579a6c318908b451b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s2
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423551 2564726046
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 4342

GET
H/1.1 200
OK playerapi.js Show response
www.bankier.pl/static/js/ Frame 75E8 10 KB
3 KB 160ms
44ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/playerapi.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

c0d615e82eb58740595627b25046cb19d91dc61cbb65d61c4a2f877abdf147f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s3
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423525 2564726047
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2695

GET
H/1.1 200
OK forum-thread.js Show response
www.bankier.pl/static/js/ Frame 75E8 4 KB
1 KB 184ms
67ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/forum-thread.js?v=0112171709

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

ab2219b5ce702bc5b782f526f54c69f36a08bc6e12a738b450ae28b5a1f0369c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423563 2564726053
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 967

GET
H/1.1 200
OK uniform.default.css
www.bankier.pl/static/css/ Frame 75E8 12 KB
3 KB 64ms
23ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/uniform.default.css

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

e5e84752fa700dd08617003e4f2bfbc783a4ef077ecefe6d89333aac9440cf9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s2
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423457 2564725607
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2290

GET
H/1.1 200
OK jquery.multiselect.multiselect.filter.css
www.bankier.pl/static/css/ Frame 75E8 2 KB
1 KB 64ms
22ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/jquery.multiselect.multiselect.filter.css

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

39f35f672b324c617b0df8a7a199ea9de27a563ce0ed5923df6b83846cfef8f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s3
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423456 2564726002
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 661

GET
H/1.1 200
OK nb2.js Show response
www.bankier.pl/static/js/ Frame 75E8 54 KB
12 KB 158ms
44ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/nb2.js?2021031911

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

ba74e74e08f349966454ed6a6d0dbf5827dab49f0a8f8dfd64809c6e22ae5a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s3
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423527 2564725580
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 12257

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/e490bd92-6cf2-11e8-88d7-06048607e8f8/ Frame 75E8 330 KB
78 KB 85ms
10ms Script
application/javascript 2600:9000:21f3:c400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/e490bd92-6cf2-11e8-88d7-06048607e8f8/plugin.min.js
Requested by: Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f99d15ce30635e2873cac74d7c3ac90203e1deb66dadb85389d78e775ecb48b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:25:47 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 08:27:38 GMT
server: AmazonS3
age: 2247
etag: W/"c21ffab2467c2b157f2d57e8450b4bfa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 9ide4IMNKX2KcksEjC5FaPTzQzYbqkqXPzYb7U79t929liG-QunHjg==

GET
H/1.1 200
OK logo-smart.svg
www.bankier.pl/static/images/ Frame 75E8 6 KB
3 KB 39ms
38ms Image
image/svg+xml 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images/logo-smart.svg

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

cebd86b7201affe15d78722c7c362481c8d0c3c95b3feaf8d3c6af102cde0b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/svg+xml
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423909 2564725434
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2997

GET
H/1.1 200
OK bankier-logo.png
www.bankier.pl/static/images2/ Frame 75E8 4 KB
4 KB 39ms
38ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images2/bankier-logo.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

d735e34f28f281a4542a395edba8df131bfc80ed208dafc1d4d40aaa34027923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423910 2564725455
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 3843

GET
H/1.1 200
OK logo-smart-blue.svg
www.bankier.pl/smart/public/img/ Frame 75E8 6 KB
4 KB 32ms
31ms Image
image/svg+xml 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/smart/public/img/logo-smart-blue.svg

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

cebd86b7201affe15d78722c7c362481c8d0c3c95b3feaf8d3c6af102cde0b6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 786
Connection: keep-alive
Content-Length: 3147
Last-Modified: Mon, 13 Sep 2021 08:12:40 GMT
X-Frame-Options: DENY
ETag: "613f07f8-19fe"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; preload
X-Varnish: 71671322 86067628
Via: 1.1 varnish (Varnish/6.0)
Cache-Control: public, max-age=31536000
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes
Content-Type: image/svg+xml

GET
H/1.1 200
OK kichot.min.js Show response
www.bankier.pl/static/js/ Frame 75E8 2 KB
1 KB 22ms
22ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/kichot.min.js?v=1604961980

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

118d48945aae9fe2ed572cee841ee4a6bfa2b254c1573dbd73529714be9f953e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s4
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423815 2564725589
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 767

GET
H/1.1 200
OK screen.min.css
www.bankier.pl/static/css/ Frame 75E8 5 KB
2 KB 26ms
22ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/screen.min.css?v=3301

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

c23c2aabd9867c0f7543ca4a2bb08c1898e7322d63a370ccc4dabf3e480f8f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423859 2564725599
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 1442

GET
H/1.1 200
OK repeat-icon.png
www.bankier.pl/static/images/screen/ Frame 75E8 3 KB
3 KB 25ms
23ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images/screen/repeat-icon.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

d76c6754605938815efd79d08a444fb559debb69ead247cbc3131cdc041ac2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s4
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423895 2564725630
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2952

GET
H/1.1 200
OK utm-links.min.js Show response
www.bankier.pl/static/js/ Frame 75E8 3 KB
2 KB 25ms
24ms Script
application/javascript 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/js/utm-links.min.js?210611

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

e888cee596afe76b1eb6145afd788d8ca6c61bf9d0b0eff298c5938d3c809ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423898 2564725631
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 1441

GET
H2 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ Frame 3A47 252 KB
90 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main_de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 10:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91906
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Fri, 16 Sep 2022 10:16:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3A47 107 B
165 B 88ms
87ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.easymarks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3A47 107 B
165 B 80ms
80ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.easymarks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D825 603 B
341 B 106ms
105ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3279755397&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wdir1.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1631797392575&bpp=1&bdt=254&idt=331&shv=r20210914&mjsv=m202109140101&ptt=9&saldr=aa&nras=1&correlator=3401429419456&frm=24&ife=1&pv=2&ga_vid=742725286.1631797393&ga_sid=1631797393&ga_hid=784973128&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=818&ish=640&ifk=2712465668&scr_x=-12245933&scr_y=-12245933&eid=31062093&oid=3&pvsid=482796688493081&pem=640&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C818%2C640&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.5hknn6iesb8o&fsb=1&dtd=345

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3279755397&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wdir1.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1631797392575&bpp=1&bdt=254&idt=331&shv=r20210914&mjsv=m202109140101&ptt=9&saldr=aa&nras=1&correlator=3401429419456&frm=24&ife=1&pv=2&ga_vid=742725286.1631797393&ga_sid=1631797393&ga_hid=784973128&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=818&ish=640&ifk=2712465668&scr_x=-12245933&scr_y=-12245933&eid=31062093&oid=3&pvsid=482796688493081&pem=640&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C818%2C640&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.5hknn6iesb8o&fsb=1&dtd=345
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.easymarks.org/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 16 Sep 2021 13:03:13 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUknrBGij3i8aNrjU1Z4N9A6wae6ZJie02NojMUCcS3_tVPZOUVdTqUCvJ2qIGc; expires=Tue, 11-Oct-2022 13:03:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A47 72 KB
27 KB 224ms
224ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631705383510867"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 798A 6 KB
4 KB 99ms
98ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Requested by

Host: easymarks.disqus.com
URL: https://easymarks.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b4a32b198ba15f2df81a265ea3b0f5460e20ed29ea542e5288f21f2253b567e3

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.easymarks.org/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/

Response headers

Connection: keep-alive
Content-Length: 2613
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Thu, 16 Sep 2021 13:01:53 GMT
ETag: W/"lounge:view:8777221916.53fbc4e43949b19847bcdfb172f08571.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 16 Sep 2021 13:03:13 GMT
Age: 27
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1

200
OK

/ Show response
tempest.services.disqus.com/ads-iframe/taboola/ Frame 3A47
Redirect Chain

http://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&source...
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourc...

28 KB
9 KB

193ms
147ms

XHR
text/html

199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&typeface=serif&disqus_version=caf3f20
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: ecf1ebfac9d60aac2ad293c8079c75aff7a702424c15e19d43df2d6250cc5293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Connection: keep-alive
Content-Length: 9337

Redirect headers

Location: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&typeface=serif&disqus_version=caf3f20
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.easymarks.org

GET
H/1.1

200
OK

/ Show response
tempest.services.disqus.com/ads-iframe/taboola/ Frame 3A47
Redirect Chain

http://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sou...
https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&so...

28 KB
9 KB

170ms
125ms

XHR
text/html

199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&typeface=serif&disqus_version=caf3f20
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 2ba3adef1908921366b7670bd08b9dc31bf338420455169c25eda88e7968cb70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Connection: keep-alive
Content-Length: 9339

Redirect headers

Location: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=easymarks&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%2300a0dc&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&typeface=serif&disqus_version=caf3f20
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.easymarks.org

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 3A47 43 B
295 B 113ms
95ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1k4rccq3l9rood&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=easymarks&zone=thread&version=9bdb65de27b881f62b84ef54f46d1575&page_url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&page_referrer=http%3A%2F%2Fwww.wdir1.com%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=6347562

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 3A47 43 B
295 B 117ms
99ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1k4rccq3l9rood&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=easymarks&zone=thread&version=9bdb65de27b881f62b84ef54f46d1575&page_url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&page_referrer=http%3A%2F%2Fwww.wdir1.com%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=6347562

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK reset.css
www.bankier.pl/static/css/ Frame 75E8 1 KB
1 KB 68ms
22ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/reset.css?v=f57d1c577

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

c28198494529eabde1e029201371b611335a3834b274654ea858ea5ff1d47764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s3
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423570 2564725478
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 646

GET
H/1.1 200
OK nstyle.min.css
www.bankier.pl/static/css/ Frame 75E8 424 KB
58 KB 133ms
87ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

0e7d496bd4b125e7085e2e2d3c6b201c98aab4cacf6bdaa27761c1a539ef7888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s4
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423606 2564725502
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 59454

GET
H/1.1 200
OK ubuntu-font.css
www.bankier.pl/static/css/ Frame 75E8 200 KB
112 KB 134ms
88ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/ubuntu-font.css?v=f57d1c577

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

2ac1d22cd8ed930bf720b55fbb1ef95307c0fe8023825bce18badfd20c7c956f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s2
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423605 2564725755
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 113762

GET
H/1.1 200
OK flag.css
www.bankier.pl/static/css/ Frame 75E8 11 KB
3 KB 70ms
22ms Stylesheet
text/css 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bankier.pl/static/css/flag.css?v=f57d1c577

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

a2843fa252e5d000c060ddb3f535e4d7d5159cc83da4631d7247de6108c946c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: text/css
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423571 2564725767
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 2191

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame AD82 3 KB
3 KB 110ms
108ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=wdir1&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

56ceb69e4cc8f97d0542e0fe28adfb1c4dc73050e59c5c9d40ed9ccb6a16fea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3089
X-XSS-Protection: 1; mode=block

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ Frame 3A47 825 B
884 B 81ms
73ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:47:49 GMT
x-content-type-options: nosniff
age: 924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Sep 2022 12:47:49 GMT

GET
DATA 200
OK truncated Show response
/ Frame 1B5E 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: http://www.easymarks.org/

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 cleardot.gif
www.google.com/images/ Frame 3A47 43 B
110 B 86ms
84ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ Frame 3A47 2 KB
2 KB 75ms
74ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:44:17 GMT
x-content-type-options: nosniff
age: 1136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Sep 2022 12:44:17 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 8BC3 18 KB
3 KB 80ms
80ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="rosetta"
expires: Thu, 16 Sep 2021 13:16:59 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1631056800/images/ Frame AD82 2 KB
2 KB 41ms
7ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1631056800/images/noavatar92.png

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 667508
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
content-type: image/png
content-length: 1644
x-amz-cf-id: f_8SMH9WjQ8kgRHfLBJquK-WN8wEtSGrCYUt_p6G117516QKauY9dg==
expires: Fri, 08 Oct 2021 19:38:05 GMT

GET
DATA 200
OK truncated
/ Frame AD82 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame AD82 13 KB
13 KB 9ms
8ms Image
image/svg+xml 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12176732
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: dH2U8aWgDPdbUPPvOYyGRWgHOYPHnDTGk5L1azoncQDC-ZdZ3s-wVA==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame AD82 3 KB
3 KB 9ms
9ms Image
image/gif 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19469106
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5kYqCASu2d1MwBiTGMZZVMP1UqNyKGRogBiECNXNhSJnKcP7VSitIQ==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame AD82 2 KB
2 KB 10ms
9ms Image
image/png 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:47:19 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8388954
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 10 Jun 2021 21:33:44 GMT
server: nginx
etag: "60c28538-746"
content-type: image/png
access-control-allow-origin: *
expires: Sat, 11 Jun 2022 10:47:19 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: grZz-6I69XTCNrdr2T9f8d-tvTYmxZUVa9ey1tOgtI-UhUuA_vc-_g==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame AD82 8 KB
8 KB 10ms
9ms Font
application/octet-stream 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:36:59 GMT
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5678774
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Tue, 12 Jul 2022 19:36:59 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZmeXy8ks3O_LYPJRez8ozjM1C5YPbSglsXPNDYMJEHDlFOunqyzYWg==
x-cache-hits: 0

GET
H2 200 lounge.load.9bdb65de27b881f62b84ef54f46d1575.js Show response
c.disquscdn.com/next/embed/ Frame 798A 1 KB
1 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1190837
x-cache: Hit from cloudfront
content-length: 533
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-215"
content-type: application/javascript; charset=utf-8
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: wIvJfye4e97WQZRmzy04EKEwkGTrEg3h62K8Mx0r34uT5CCdj6VNFA==
x-cache-hits: 0

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: wdir1.disqus.com
URL: https://wdir1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11569063
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 80EQbJ-oklFXVnNC4elU90j-zmRVyoE3Plyefl0KOi_X8y9ejWHZSQ==
x-cache-hits: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame 8FDC 237 KB
39 KB 38ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 619a950b11865ed0b2809b1faa93c9733582cfd962e2269513e8813abf6d382d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 3hUmj1BLWCnysYe9H.GKum.sk.9hI0x1
content-encoding: gzip
etag: "ccb2abb8c6e869c6eb1e738092fe52a7"
age: 75
x-cache: HIT
content-length: 39203
x-amz-id-2: 2k6O2+ST2gYbB8PzmfR3Hhn8ty1bCjbFifNLDFvG/xTC5jGh3m127jeOiwDXx9h48JJ01gYWt1s=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 09:22:48 GMT
server: AmazonS3
x-timer: S1631797393.331936,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: EA21BK7BTWEM4YFR
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 2

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame A4DB 337 B
807 B 8ms
7ms Stylesheet
text/css 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: wdir1.disqus.com
URL: https://wdir1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11612979
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: F6czbUJF9v9FALs60cEZiW7LGx8WEvkj6q3p1V692x32WMBngLnNCw==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 564F 337 B
807 B 9ms
7ms Stylesheet
text/css 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: wdir1.disqus.com
URL: https://wdir1.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11612979
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: NLu93BVwzyT1PXfI-eEsgB4vhsbEiCU6UNrN0AnAEbJ781ui7zTNIA==
x-cache-hits: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame 5166 237 KB
38 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 619a950b11865ed0b2809b1faa93c9733582cfd962e2269513e8813abf6d382d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 3hUmj1BLWCnysYe9H.GKum.sk.9hI0x1
content-encoding: gzip
etag: "ccb2abb8c6e869c6eb1e738092fe52a7"
age: 75
x-cache: HIT
content-length: 39203
x-amz-id-2: 2k6O2+ST2gYbB8PzmfR3Hhn8ty1bCjbFifNLDFvG/xTC5jGh3m127jeOiwDXx9h48JJ01gYWt1s=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 09:22:48 GMT
server: AmazonS3
x-timer: S1631797393.371622,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: EA21BK7BTWEM4YFR
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 3

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame AD82 3 KB
2 KB 36ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85b5ab2d40dceff956a033c8e7704008997180b610f32a343a09994e775ba58e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: r6nMa/++b0dhHmfxnXzckQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: TApF80bp3LLUKpAlt3aWbxNd1Kpmu6eFmMZPCHP2spykB0PPwG9gSGPLxfvckath5Pn0n6hlqpSWsxe3eWUrEA==
x-fb-trip-id: 917726464
x-fb-content-md5: 4b08e63a264f12148da250b60664de13
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7050c7734168b68f1782bc24bd6f528b"
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:12:46 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame AD82 12 KB
6 KB 325ms
147ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gW4n3VB2oujsvDCy9kMeXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "6cf1a8085d365822968a50501ed9fdee"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-gW4n3VB2oujsvDCy9kMeXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame AD82 13 KB
13 KB 17ms
17ms Image
image/svg+xml 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12176732
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GXTujOtwLQ6n_aEXdTGCmBWc_9C8HDgSKn7Pv4MRmP8EFJbvYFmz4g==
x-cache-hits: 0

GET
H/1.1 200
OK px.gif
www.bankier.pl/static/ Frame 75E8 42 B
461 B 79ms
78ms Image
image/gif 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/px.gif?ch=1&rn=5.0746737803709685

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s3
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/gif
Via: 1.1 varnish
cache-control: max-age=3600
Transfer-Encoding: chunked
X-Varnish: 2565423930
Strict-Transport-Security: max-age=31536000; preload

GET
H/1.1 200
OK px.gif
www.bankier.pl/static/ Frame 75E8 42 B
461 B 38ms
38ms Image
image/gif 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/px.gif?ch=2&rn=5.0746737803709685

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s4
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/gif
Via: 1.1 varnish
cache-control: max-age=3600
Transfer-Encoding: chunked
X-Varnish: 2565423936
Strict-Transport-Security: max-age=31536000; preload

GET
H2 200 xgemius.js Show response
gapl.hit.gemius.pl/ Frame 75E8 40 KB
11 KB 115ms
32ms Script
application/x-javascript 195.177.216.95
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gapl.hit.gemius.pl/xgemius.js
Requested by: Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-216-95.dataspace.pl
Software: GHC /
Resource Hash: 7ec7c1d46987f1a7cc3c842b7d9d3da6b79a472fb2b744548f3ad739cfc61ca2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 10:02:32 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10841
expires: Fri, 17 Sep 2021 01:03:13 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ Frame 75E8 4 KB
3 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bddb6f81ac43ee693b6832c29d74396a18399420febfec7d088fdb4ddaafe467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IfWhMylYPrCRw0QBlIvt3A==
cross-origin-resource-policy: cross-origin
expires: Thu, 16 Sep 2021 13:17:26 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2168
x-fb-rlafr: 0
x-fb-debug: 2Jo8qCnfnFvS5YU/a+MyuKQT5bQqoAyKgRDAHSZWr3a2zo6CqNuKLQFU4eEMYXZYMzVblRPTrDC1K6jai2z60g==
x-fb-trip-id: 917726464
x-fb-content-md5: 51bb4d38426a2c4290008952cc0e27f0
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Sep 2021 13:03:13 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b6847ddbf78467d2c1282e4a65ba6c32"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 75E8 234 KB
67 KB 93ms
91ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WF3TSG

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb754ee9cdc4340cf3bb446dfe105473abff2ba8da2ae6ebbcf0096c0117f446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68586
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ Frame 75E8 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af5d5348c7415ac535ecc4e86f351817f9d576f07d79be6ff0b24878976dd868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DS5wTCKOkZjZoiaQDbCHww==
cross-origin-resource-policy: cross-origin
expires: Thu, 16 Sep 2021 13:22:31 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: VIUbhwSuDPL4W6HllSL3xqkXu+eYVfL/TnKG+yjf+el9i+rC8Hs7I8EvhNvadWzHUMqMxkvzI5LXjbIWgsqQ3A==
x-fb-trip-id: 917726464
x-fb-content-md5: 14dc6a3ba6c0b17d33fa532202551058
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Sep 2021 13:03:13 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cd35d95b04775b908c6f3b6a8422c978"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js Show response
c.disquscdn.com/next/embed/ Frame 798A 282 KB
93 KB 11ms
8ms Script
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5072160
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: VuAgIV7v7KiSguB4WLbJJQYPMEItu2vGoiCkfJwbQGjNZat-eQFaWg==
x-cache-hits: 0

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 29ms
23ms Image
image/gif 2606:4700::6810:a20d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.465041479403168
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 13
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68fa4b2d2a332b22-FRA
x-amz-request-id: Y038F305JZ7NV9TM
x-amz-id-2: vXF++UHWrOKr4G8Wq+c7AMnJNjDspF93BPPw9l2lKrq2YHGbWNyhvFRPX3AI54nBqM9ZfiX1OTk=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
552 B 24ms
19ms Image
image/gif 2606:4700::6810:a20d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.465041479403168
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
Age: 13
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Content-Length: 43
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68fa4b2d2a3b4ab6-FRA
x-amz-request-id: Y038F305JZ7NV9TM
x-amz-id-2: vXF++UHWrOKr4G8Wq+c7AMnJNjDspF93BPPw9l2lKrq2YHGbWNyhvFRPX3AI54nBqM9ZfiX1OTk=

GET
H/1.1 200
OK images.png
www.bankier.pl/static/images2/ Frame 75E8 10 KB
9 KB 31ms
23ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images2/images.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

9e806bbcf51a337153242a67e8525ecf8817890287c510ca1b5e4c0fce6750a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s3
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423921 2564725641
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 8478

GET
H/1.1 200
OK breadcrumb.png
www.bankier.pl/static/images2/ Frame 75E8 2 KB
2 KB 32ms
26ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images2/breadcrumb.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

d28323ec9d8534e2e6445f85e889e0dd7dbc9575c9b0a4a9a0dcb1f3c466c46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s4
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565423924 2564725645
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 1815

GET
DATA 200
OK truncated
/ Frame 75E8 150 KB
150 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cb5e850ad387bcd797fd93bdd1a01b3937b3b10696548360b8c40c7e9aa9afa

Request headers

Referer
Origin: https://www.bankier.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 impl.20210914-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 8FDC 527 KB
117 KB 10ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: eab04a6e65571903da729fd95957b197fafbe3baf4fdb7e39a3edabba4794f12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 9h8ONwvbCJp56eW5nRVLsBc7z5qb2w.c
content-encoding: br
etag: "eecc447cd9623bf6dfa64846b1979187"
age: 15789
x-cache: HIT
content-length: 119447
x-amz-id-2: PRj0W5hNDQYPr0bAH1nSDtrMeyEB+VoP6vA7BfziAQf4ncqOPJWyZgcYz7HXmLikWsqUtBkYQDY=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 08:31:16 GMT
server: AmazonS3-br
x-timer: S1631797393.476976,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: R9K4M7GZG0KAX3AD
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 51925

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 8FDC 1 KB
1 KB 53ms
9ms Script
application/javascript 13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 15 Sep 2021 13:51:58 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 83476
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: hNkZiEiqVfATdg5k6VlPkkNxrhFVo4_wtSYZhx8nTMzJuWcodXMspA==

GET
H2 200 impl.20210914-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 5166 527 KB
117 KB 9ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: eab04a6e65571903da729fd95957b197fafbe3baf4fdb7e39a3edabba4794f12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 9h8ONwvbCJp56eW5nRVLsBc7z5qb2w.c
content-encoding: br
etag: "eecc447cd9623bf6dfa64846b1979187"
age: 15789
x-cache: HIT
content-length: 119447
x-amz-id-2: PRj0W5hNDQYPr0bAH1nSDtrMeyEB+VoP6vA7BfziAQf4ncqOPJWyZgcYz7HXmLikWsqUtBkYQDY=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 08:31:16 GMT
server: AmazonS3-br
x-timer: S1631797394.501063,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: R9K4M7GZG0KAX3AD
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 51926

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 5166 1 KB
1 KB 28ms
10ms Script
application/javascript 13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 15 Sep 2021 13:51:58 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 83476
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fozXgDC1dxIkaZLz8pBAkVoec4mEnPXWtF6kKxFAtJkLyxwkUhRbrw==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame AD82 228 KB
67 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=68279582ab77b1745b3454b4bc66157b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee39adcb61477d08a0395dfd30c71f1bca978c443eddda80bed2091ef0216051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DvU2bJM+CbhY9Pm89pMxUg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68419
x-fb-rlafr: 0
x-fb-debug: tA5BgGDfGcvzoYoGV3UczFqKlp52mp94dA/+H+jUNiUzaJYsbygvzAoWX/CkH0RVXkkWXZ2emDHe5D6bU84Blw==
x-fb-trip-id: 917726464
x-fb-content-md5: 8e09bc49fff50094ef9cbdbd5f0d7663
x-frame-options: DENY
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "fa1723f61dd7700f411215377647a483"
timing-allow-origin: *
expires: Fri, 16 Sep 2022 12:25:43 GMT

GET
H/1.1 200
OK sm.js Show response
bbp.salesmanago.pl/static/ Frame 75E8 49 KB
18 KB 167ms
40ms Script
application/javascript 89.25.223.83
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bbp.salesmanago.pl/static/sm.js
Requested by: Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.83 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.83.static.3s.pl
Software: Apache /
Resource Hash: 490022e226373cf5eed2b09ef202c54099c6291ced4a70f1660aedac3394e3bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:10:19 GMT
server: Apache
etag: "c4b6-5c5811191276d-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 17818
expires: Thu, 16 Sep 2021 14:03:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 75E8 6 KB
1 KB 272ms
115ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin-ext

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/screen.min.css?v=3301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

accba2bc11e8b33566f2edccf4a1388b6b9ac4df2ecb2d563668f283fa1f427f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 12:46:17 GMT
server: ESF
date: Thu, 16 Sep 2021 13:03:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 75E8 44 B
313 B 34ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=743763269044006&ev=PixelInitialized&dl=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&rl=http%3A%2F%2Fwww.easymarks.org%2F&if=true&ts=1631797393537

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ Frame 75E8 223 KB
66 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js?hash=acc13b1d550a8605a22531bcd99ba2f4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a903ab241aed2158e0763f9150b009a2e267dd9c11bb9504045002645a80dd94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bankier.pl/
Origin: https://www.bankier.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ZNBMfQIfppWHLAH1X9gRNA==
cross-origin-resource-policy: cross-origin
expires: Fri, 16 Sep 2022 12:26:17 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66984
x-fb-rlafr: 0
x-fb-debug: 3YZO8fcYdk6o3BX8gmkIFElbPVg61mFlza1nSF1y1ijZT5uFowRb8Kh2lfuc2QmD1rP4tPt23IspO4EoRpfdVg==
x-fb-trip-id: 917726464
x-fb-content-md5: 25fbdf1d873928ab07934806316b1ac8
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Sep 2021 13:03:13 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c8829773eb79b5778c5864d4096bc423"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 json Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame 8FDC 13 KB
5 KB 266ms
245ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=13%3A03%3A13.573&lti=deflated&data=%7B%22id%22%3A332%2C%22ii%22%3A%22%2Flink%2F1080849%2Fmovieshd915%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1631611359332%2C%22vi%22%3A1631797393570%2C%22cv%22%3A%2220210914-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22http%3A%2F%2Fwww.easymarks.org%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A550%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A550%2C%22dh%22%3A27%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fwww.easymarks.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22easymarks%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fwww.easymarks.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22easymarks%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 326c5f3c3633b0145bdf7824a17a710cbb4939ed1249da916c1719fde16ca9c8

Request headers

Referer: http://www.easymarks.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 238
date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
server: nginx
x-timer: S1631797394.597398,VS0,VE238
x-served-by: cache-fra19140-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.easymarks.org
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ Frame 798A 163 KB
26 KB 9ms
8ms Stylesheet
text/css 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1263719
x-cache: Hit from cloudfront
content-length: 26040
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 01 Sep 2021 21:40:36 GMT
server: nginx
etag: "612ff354-65b8"
content-type: text/css; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 01 Sep 2022 22:01:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: uKEZVgtpDU7E3GqRuFoCm04pwdE4m9nHpDQ7Vlwt33ZHizFRYHpZJw==
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame 5166 15 KB
6 KB 349ms
349ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=13%3A03%3A13.599&lti=deflated&data=%7B%22id%22%3A266%2C%22ii%22%3A%22%2Flink%2F1080849%2Fmovieshd915%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1631611359332%2C%22vi%22%3A1631797393599%2C%22cv%22%3A%2220210914-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22http%3A%2F%2Fwww.easymarks.org%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A550%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A550%2C%22dh%22%3A27%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fwww.easymarks.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22easymarks%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fwww.easymarks.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22easymarks%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f4a9dc905c89b4797277b47cda212e5978366940c5fb5b5a94189ed2ff299ef

Request headers

Referer: http://www.easymarks.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 339
date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
server: nginx
x-timer: S1631797394.601828,VS0,VE339
x-served-by: cache-fra19140-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.easymarks.org
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 8FDC
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1631797393600&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easym...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631797393600&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easy...

64 B
330 B

12ms
11ms

Image
image/gif

13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631797393600&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easymarks.org%2F
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: fT_-VIlacHgyfBDRlm_N8IqmpNnOX0HJTXSExdZidMG04Cr7sLIB3w==

Redirect headers

date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631797393600&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easymarks.org%2F
content-length: 231
x-amz-cf-id: FHWvKDMgyW3myGdpSueUUeR-bk7zYnbWIkr8kE1Mrb-6iaGFlJcVlA==

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 5166
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1631797393601&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easym...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631797393601&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easy...

64 B
330 B

9ms
9ms

Image
image/gif

13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631797393601&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easymarks.org%2F
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: GaoEV7SnLJXlqBudWsZaC2LEF3wEo2ZAKz_RLyN6wLYo8_eBOuxIGQ==

Redirect headers

date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631797393601&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&c9=http%3A%2F%2Fwww.easymarks.org%2F
content-length: 231
x-amz-cf-id: EvoCg5y5Dnppfte9panJ3sq1ztNFRQuPibR8OhjY3Nhm3YTwy-5yQg==

GET
H2 200 lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js Show response
c.disquscdn.com/next/embed/ Frame 798A 468 KB
119 KB 9ms
8ms Script
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 18:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1190837
x-cache: Hit from cloudfront
content-length: 120689
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 02 Sep 2021 17:40:39 GMT
server: nginx
etag: "61310c97-1d771"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Fri, 02 Sep 2022 18:15:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: S4sczCTbAZYI8kRuz9RaOY5b_kMd5FpTNnQtc6ECHEh8KrGGfmJIlw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 798A 12 KB
12 KB 7ms
7ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a2ac7d27583731c7b8390949ca3884a647f16f7e499fef291bc73881ac4400b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 18
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12058
X-XSS-Protection: 1; mode=block

GET
H2 200 status
www.facebook.com/x/oauth/ Frame AD82 0
0 29ms
27ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=http%3A%2F%2Fwww.wdir1.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dwdir1%26t_u%3Dhttp%253A%252F%252Fwww.wdir1.com%252Flink%252F1080851%252Fmovieshd915%26t_d%3D%2520movieshd915%26t_t%3D%2520movieshd915%26s_o%3Ddefault%23version%3D9bdb65de27b881f62b84ef54f46d1575&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: gHdex1aYQLlPfrses5lANsgszu9EhTA/1/4Yrhwy/FuIVK2WXBG5gvwNJPIMG8M997s99y9WTVFzNYczcTXzew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Sep 2021 13:03:13 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gapl.hit.gemius.pl/ Frame 75E8 279 B
393 B 31ms
31ms Script
application/x-javascript 195.177.216.95
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gapl.hit.gemius.pl/fpdata.js?href=www.bankier.pl
Requested by: Host: gapl.hit.gemius.pl
URL: https://gapl.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-216-95.dataspace.pl
Software: GHC /
Resource Hash: 53cc451fb51a455175105d98e31d6c366f48229e3081b4c9fd1b4f3e57629404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 279
expires: Sat, 16 Oct 2021 13:03:13 GMT

GET
H/1.1 200
OK gb-logo3.png
www.bankier.pl/static/images2/ Frame 75E8 46 KB
46 KB 55ms
55ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images2/gb-logo3.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

669857f90d81800baa92d098d477fcc347f06009dfab909624c3ed8067d148af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s5
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565424116 2564725695
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 46201

GET
H/1.1 200
OK pb_logo.png
www.bankier.pl/static/images2/ Frame 75E8 4 KB
4 KB 23ms
22ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images2/pb_logo.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

7412c8909af30393a88a807ee30d55de4593d82079dcc7f49f0afa62ac2c5dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s2
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565424107 2564725698
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 4103

GET
H/1.1 200
OK gb-satellites.png
www.bankier.pl/static/images2/ Frame 75E8 56 KB
55 KB 41ms
41ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images2/gb-satellites.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

e427c9697145ba044b9009469b2e42b3b464db570a36e9208f3e08bba0fc0155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s1
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565424108 2564725699
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 56077

GET
H/1.1 200
OK arslege-grey-logo.png
www.bankier.pl/static/images2/ Frame 75E8 5 KB
5 KB 23ms
23ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images2/arslege-grey-logo.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

23b6a7c61a5e0bcdd32a4eb67c1d63ab5b20a64c1d57fca8218a4f86082bd3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/nstyle.min.css?v=f57d1c577
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s3
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565424109 2564725705
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 4748

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame A77E 5 KB
3 KB 100ms
25ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gapl.hit.gemius.pl
URL: https://gapl.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: b41c3fe6776ea6a1a73a39c4affecac544b742e6c1eb7ba027977eca8e08ed8b

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankier.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
expires: Sat, 16 Oct 2021 13:03:13 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2719
content-encoding: gzip

GET
H2 200 gsconf.js Show response
gapl.hit.gemius.pl/ Frame 75E8 67 B
135 B 72ms
71ms Script
application/x-javascript 195.177.216.95
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gapl.hit.gemius.pl/gsconf.js?gst=parent&href=www.bankier.pl&gsver=323&v=453340
Requested by: Host: gapl.hit.gemius.pl
URL: https://gapl.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-216-95.dataspace.pl
Software: GHC /
Resource Hash: e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
last-modified: Wed, 15 Sep 2021 10:02:32 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 67
expires: Thu, 16 Sep 2021 17:03:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 75E8 48 KB
19 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF3TSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 673
date: Thu, 16 Sep 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 16 Sep 2021 14:52:00 GMT

GET
H2 200 hotjar-574971.js Show response
static.hotjar.com/c/ Frame 75E8 18 KB
5 KB 42ms
9ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-574971.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF3TSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

b6538c6a71f350ef1c0e2e0a71881e29852995573425ac52de4c238e99ad8860

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 13
etag: W/6a95a259a14758d3892ea877d85205ff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: nEWLM2TQc58pYtm81DLlAwBFpt3otJ4gr3sA1H4jUc6a9tBRb8cvnw==
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 75E8 36 KB
14 KB 56ms
22ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF3TSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14042
x-xss-protection: 0
server: cafe
etag: 5157641309300231189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 75E8 71 KB
25 KB 51ms
24ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/e490bd92-6cf2-11e8-88d7-06048607e8f8/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

382695a2192225e5796cc161b3e4eeae8044e02bbb81856d398d9258a1953b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 120 of 1000 / last-modified: 1631790621"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25017
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H2 200 prebid4.39.0.js Show response
get.optad360.io/sf/ Frame 75E8 492 KB
153 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:c400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.39.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/e490bd92-6cf2-11e8-88d7-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 13:58:24 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 10:44:35 GMT
server: AmazonS3
age: 6995090
etag: W/"e020700f5effdce1f4be56434553da72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tXBQp3FZrTycP7Y6nLIjHJTJZeaa_naO67o2L75EhoVhmQ1qU8fyKA==

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame AD82 103 KB
35 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35070
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 14 Sep 2022 03:58:04 GMT

GET
H/1.1 200
OK sm_war.js Show response
bbp.salesmanago.pl/static/chunk/ Frame 75E8 5 KB
2 KB 39ms
39ms Script
application/javascript 89.25.223.83
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bbp.salesmanago.pl/static/chunk/sm_war.js
Requested by: Host: bbp.salesmanago.pl
URL: https://bbp.salesmanago.pl/static/sm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.83 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.83.static.3s.pl
Software: Apache /
Resource Hash: 952b2b839257d457cc0127a5c741d9c5b8cdf0ea3a541c933f0f3c56afe3403f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:10:19 GMT
server: Apache
etag: "140a-5c581118fcfae-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1993
expires: Thu, 16 Sep 2021 14:03:13 GMT

GET
H/1.1 200
OK vc.json Show response
bbp.salesmanago.pl/api/ Frame 75E8 1 KB
1007 B 110ms
48ms XHR
application/json 89.25.223.83
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bbp.salesmanago.pl/api/vc.json?s=en2eym7pqp9kfwsq
Requested by: Host: bbp.salesmanago.pl
URL: https://bbp.salesmanago.pl/static/sm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.83 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.83.static.3s.pl
Software: Apache /
Resource Hash: 664c2e1ec94a06bfca323af686247e6207c954454e80b0381bd8248a95c2aaa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
server: Apache
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=utf-8
access-control-allow-origin: *
transfer-encoding: chunked
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H/1.1 200
OK vs Show response
bbp.salesmanago.pl/api/ Frame 75E8 23 B
348 B 92ms
26ms XHR
application/json 89.25.223.83
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bbp.salesmanago.pl/api/vs?location=www.bankier.pl&referrer=http%3A%2F%2Fwww.easymarks.org%2F
Requested by: Host: bbp.salesmanago.pl
URL: https://bbp.salesmanago.pl/static/sm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.83 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.83.static.3s.pl
Software: Apache /
Resource Hash: 1f172c2353a938f4b33a940b3b64145baaeb6df69adaa513131fbac421ca2bd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
transfer-encoding: chunked
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H/1.1 200
OK custom.js Show response
bbp.salesmanago.pl/dynamic/en2eym7pqp9kfwsq/ Frame 75E8 0
391 B 54ms
35ms Script
application/javascript 89.25.223.83
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bbp.salesmanago.pl/dynamic/en2eym7pqp9kfwsq/custom.js?uri=%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&location=www.bankier.pl&uuid=17beeb43985-c66fd6ca62ef-155c9d64-8c5ec944-ee79f4c9-3847841c8d90&referrer=http%3A%2F%2Fwww.easymarks.org%2F&time=2021-09-16T13%3A03%3A13Z&title=regarder%20le%20film%20-%20Forum%20-%20Bankier.pl&banners=false
Requested by: Host: bbp.salesmanago.pl
URL: https://bbp.salesmanago.pl/static/sm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.83 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.83.static.3s.pl
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
server: Apache
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: x-requested-with, content-type, accept
content-length: 0
expires: Thu, 16 Sep 2021 14:03:13 GMT

GET
H/1.1 200
OK r.gif
bbp.salesmanago.pl/api/ Frame 75E8 43 B
445 B 99ms
45ms Image
image/gif 89.25.223.83
TKPSA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbp.salesmanago.pl/api/r.gif?uri=%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&location=www.bankier.pl&uuid=17beeb43985-c66fd6ca62ef-155c9d64-8c5ec944-ee79f4c9-3847841c8d90&referrer=http%3A%2F%2Fwww.easymarks.org%2F&smid=en2eym7pqp9kfwsq&time=2021-09-16T13%3A03%3A13Z&timestamp=1631797393803&session=1&title=regarder%20le%20film%20-%20Forum%20-%20Bankier.pl&cp=1631797393804&ns=true
Requested by: Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.83 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.83.static.3s.pl
Software: Apache /
Resource Hash: 71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
transfer-encoding: chunked
server: Apache
content-type: image/gif
vary: Accept-Encoding
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 798A 3 KB
3 KB 113ms
112ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=easymarks&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8187015bbe34b0327cb75e83f1c52487f08fdd31f2f3bc9b4f8cdd3d12d2936e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 2970
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK shadow.png
www.bankier.pl/static/images/ Frame 75E8 3 KB
920 B 22ms
22ms Image
image/png 195.167.159.38
ATMAN-ISP-AS ATM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bankier.pl/static/images/shadow.png

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/static/css/autocomplete.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.167.159.38 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),

Reverse DNS

bankier.pl

Software

Resource Hash

c5cef9e0049b04ddcfdbb0a0cc60dfc627218da8772a788ad8aa61e4ccb0b732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/static/css/autocomplete.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Sep 2021 10:57:21 GMT
X-Backend: s2
age: 0
Vary: Origin
Connection: keep-alive
Content-Type: image/png
Via: 1.1 varnish
cache-control: max-age=3600
X-Varnish: 2565424184 2564725564
Strict-Transport-Security: max-age=31536000; preload
Accept-Ranges: bytes
Content-Length: 497

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 8FDC 19 KB
6 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 25198
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1631797394.888002,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 205568

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 8FDC 2 KB
954 B 8ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: utbdQZ5v14OnoTUQd.81IxLPfHveDfBr
content-encoding: gzip
etag: "11f540e55c5b728ecc4eab8bb1cfa0d4"
age: 9873
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 707
x-amz-id-2: bbcONPwrszmqZ0Nts+/hjHrgPLgRx611BMaBAkwd5GFjgNePeWS/snxvVOYikGDoha0KY5peAW4=
x-served-by: cache-fra19140-FRA
last-modified: Mon, 13 Sep 2021 10:18:26 GMT
server: AmazonS3
x-timer: S1631797394.888253,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: AHT5G8JKMW3SYTCR
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 65
x-cache-hits: 46678

GET
H2 200 tfa-eid.20210914-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 8FDC 14 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210914-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bf16358577181bc2e62582d4b8dfc9cd6693d7c50a2389a05bab45ebf0679c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Pb6Olor5AtvlDyVt7JOFSt2N5GQbhr2F
content-encoding: gzip
etag: "59f41a5f32c11046a9099b82c6e4a3d0"
age: 104
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5062
x-amz-id-2: 45b8MDyFES8F8G6AE4O56xuQx533Ysfjipz9V+FLOUlrw1J9g1EiJWnbpHcPZWhQHPijSiHNvSU=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 08:54:43 GMT
server: AmazonS3
x-timer: S1631797394.888810,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: C72WTGC0EAYTPFTX
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 451

GET
H2 200 sha256.20210914-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 8FDC 6 KB
3 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210914-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20cef199764e090ab8fa631555722da5396595402250a8871c409120c9481a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: IkLgZCFM21pOZ3xUeQNuF9gQU9sVt81P
content-encoding: gzip
etag: "debbadf2bcb2578405c6011af191ee45"
age: 88
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: WwzDn17C6g3x6iCS6BQDCslRKZauwts/rFt3WUV5KWRpdMoiKdUfKYLWZb+BqAp79BeH3sN1l3c=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 08:54:56 GMT
server: AmazonS3
x-timer: S1631797394.889264,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: 7DC0E840TRBN0FWT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 374

GET
H2 200 userx.20210914-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 8FDC 17 KB
5 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210914-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fc85e88218b642faeb3e78264fe935fcbf5713436f92609f06120ab05208946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: W2l64_qYhzxH8ICEOJobZji7dknoYnrp
content-encoding: gzip
etag: "1a3fb8670ef1b960583df6966cc9427d"
age: 10
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5341
x-amz-id-2: /y51hvHj758oSaAkJf976zMj5LLgpa3i+yjKulEwC9SJZHhy4eIA3gCyVxLNyq2Q8Bo/y8A0j8c=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 08:53:57 GMT
server: AmazonS3
x-timer: S1631797394.903854,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: 466E32FXNTBGSQJT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 15

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 75E8 99 KB
26 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: mg9bs+rdEj3tufWb9GRBZNGotVpF+MuF8beVxq3jLNP2sjW/StL8jKXEx3j51ybp34RghZFo82fAsUn6dgIjQQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Sep 2021 13:03:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ Frame 75E8 221 KB
59 KB 28ms
10ms Script
application/javascript 13.224.193.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-574971.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-38.fra2.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 625687
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: lXVCDfB6tlElUqka_B-OD9I27Wd84G1Q6pfKB4U0Wexp8ZOOyFPLSA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 75E8 2 KB
1 KB 26ms
7ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210916

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60e642785893759e29dca69afd93ff0f6fea591067850fe30d5d7235b0431de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankier.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 34534
x-jsd-version: 1.0.1101
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 936
etag: W/"6a0-q87q6Z6a9/Iy8YRkFiPxS7SypnE"
x-served-by: cache-fra19165-FRA
x-jsd-version-type: version
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 f382193be302f73ac35f1ee3bcd98539.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8FDC 17 KB
17 KB 11ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f382193be302f73ac35f1ee3bcd98539.png
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a09c8623919a997d4955c308af2f11ee10a065314717aca406e562cab91c348

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 2179651
edge-cache-tag: 487360150067233601151201532197034102171,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 33
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f382193be302f73ac35f1ee3bcd98539.png
content-length: 17220
x-request-id: 0f77aab6c15140b64de72fd1de0247c7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sun, 01 Aug 2021 04:58:51 GMT
server: nginx
x-timer: S1631797394.952510,VS0,VE1
etag: "7c40a548aab913a2e1ff2ff25706d32b"
x-served-by: cache-wdc5567-WDC, cache-dca17756-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 9e757a938ef4fac650f68581fbf2a9a1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8FDC 13 KB
14 KB 10ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e757a938ef4fac650f68581fbf2a9a1.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14fee68228a6fb20bcf44baf0b907a57b76339da2d871a9fef286f3a952c4c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 1118129
edge-cache-tag: 357367926537573968437757921131548294013,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 381
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e757a938ef4fac650f68581fbf2a9a1.jpg
content-length: 13380
x-request-id: 6a33963c5f44fc386e07f03d43c9d1bb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 13 Aug 2021 19:26:33 GMT
server: nginx
x-timer: S1631797394.952386,VS0,VE1
etag: "f35fc8cab108b1eed43ba18f5815c1ea"
x-served-by: cache-wdc5535-WDC, cache-dca17743-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 5f5637a748fbef03cc794f99.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/ Frame 8FDC 6 KB
6 KB 8ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/5f5637a748fbef03cc794f99.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e9812cadd8681637592b07793d0bd95520f64a64a89021e7299b18e8933fe62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 2005506
edge-cache-tag: 307768200341463618799973921212628239046,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 28
expiration: expiry-date="Sat, 28 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/5f5637a748fbef03cc794f99.jpg
content-length: 5812
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Wed, 28 Jul 2021 03:42:13 GMT
server: nginx
x-timer: S1631797394.952176,VS0,VE0
etag: "8007556d3fbf70afb51899281b184d88"
x-served-by: cache-wdc5521-WDC, cache-dca12927-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 651

GET
H2 200 ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8FDC 6 KB
7 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 20683013180bd0fe19f52785e9b57691593c6c8553c67c0dbbcebc9c1348b44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 1255246
edge-cache-tag: 419233789214034334773542473550031474136,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 98
expiration: expiry-date="Sun, 12 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
content-length: 6324
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 12 Aug 2021 07:20:33 GMT
server: nginx
x-timer: S1631797394.952279,VS0,VE1
etag: "ae5a2f366ef4e7082771777d140a1176"
x-served-by: cache-wdc5572-WDC, cache-dca17759-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 c0b5e89342c84803.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//creator.skyneto.com/public/uploads/ Frame 8FDC 9 KB
10 KB 9ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//creator.skyneto.com/public/uploads/c0b5e89342c84803.png
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f53dcff71b60ef594dd29b1a27f99a550f083531afc536efd60bfbf3c832fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 1833055
edge-cache-tag: 532116933471780194259812605353038046441,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 29
expiration: expiry-date="Sun, 12 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//creator.skyneto.com/public/uploads/c0b5e89342c84803.png
content-length: 9680
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Thu, 12 Aug 2021 15:04:33 GMT
server: nginx
x-timer: S1631797394.952530,VS0,VE1
etag: "7b2d7e92bfb3b9afef0c803d69c39b21"
x-served-by: cache-wdc5576-WDC, cache-dca17749-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 11bc6fc68cfefd77e9ac41bc3f12eac7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8FDC 10 KB
10 KB 8ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11bc6fc68cfefd77e9ac41bc3f12eac7.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 086b8c77596d4f0402a62ac5e219e60b44a5ddd2cb182ddeeea6033c22f7322c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 535344
edge-cache-tag: 422646010008494819450286779515942165557,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 613
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11bc6fc68cfefd77e9ac41bc3f12eac7.jpg
content-length: 10194
x-request-id: 14a5ea00c4a3c413fa6756c66c425e5c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 09 Sep 2021 14:02:09 GMT
server: nginx
x-timer: S1631797394.952583,VS0,VE0
etag: "2ee24ad0083e260be1b51e7fcaba6581"
x-served-by: cache-wdc5525-WDC, cache-dca17738-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1038410486/ Frame 75E8 2 KB
1 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038410486/?random=1631797393954&cv=9&fst=1631797393954&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&tiba=regarder%20le%20film%20-%20Forum%20-%20Bankier.pl&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18178dad6e3ad8b47caedd39081e79094c7a56df82b29df34ffdb4c460cde2a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066401214/ Frame 75E8 2 KB
1 KB 104ms
100ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066401214/?random=1631797393957&cv=9&fst=1631797393957&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&tiba=regarder%20le%20film%20-%20Forum%20-%20Bankier.pl&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22e100907f4ba5b3f942109f32a7ea517b95f4a58d5dacec627199dd9448dd4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021091301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 75E8 334 KB
117 KB 16ms
16ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091301.js?31062581

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

84498695ecbb07321191e331c2aecadeec5e2ba73f44f3b4ed7442dbbf1c5c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119426
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 08:37:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 13:03:13 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1947/ Frame 75E8 72 KB
25 KB 90ms
10ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1947/smart.js
Requested by: Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9e109d33391b97d12cfe2fc608444f728bcf35311037bb7c97ae20b02975d271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 24871
Expires: Thu, 16 Sep 2021 13:18:14 GMT

GET
H/1.1 200
OK smart.prebid.js Show response
tagmanager.smartadserver.com/1947/105101/ Frame 75E8 20 KB
5 KB 116ms
9ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.smartadserver.com/1947/105101/smart.prebid.js
Requested by: Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1a182bb8d62d413bcd6a05262c9e3fd78f7b0065a2e525d0f00956aa7a281f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 16:29:57 GMT
Server: Apache/2.4.25 (Debian)
ETag: "5027-5ca78e0a6f99e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4907

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 3A47 43 B
295 B 99ms
99ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1k4rccq3l9rood&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=easymarks&zone=thread&version=9bdb65de27b881f62b84ef54f46d1575&page_url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&page_referrer=http%3A%2F%2Fwww.wdir1.com%2F&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=6347562

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.google-analytics.com/gtm/ Frame 75E8 95 KB
38 KB 85ms
85ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P5M5K3V&t=gtm8&cid=1152811251.1631797394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69cab1643ee32641f1493c30e56388c4e661e07e10356d5d74d9a800b0201e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38435
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 13:03:14 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 5166 19 KB
6 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 25199
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1631797394.988671,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 205570

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 5166 2 KB
947 B 8ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: utbdQZ5v14OnoTUQd.81IxLPfHveDfBr
content-encoding: gzip
etag: "11f540e55c5b728ecc4eab8bb1cfa0d4"
age: 9873
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 707
x-amz-id-2: bbcONPwrszmqZ0Nts+/hjHrgPLgRx611BMaBAkwd5GFjgNePeWS/snxvVOYikGDoha0KY5peAW4=
x-served-by: cache-fra19140-FRA
last-modified: Mon, 13 Sep 2021 10:18:26 GMT
server: AmazonS3
x-timer: S1631797394.988931,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: AHT5G8JKMW3SYTCR
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 65
x-cache-hits: 46680

GET
H2 200 tfa-eid.20210914-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 5166 14 KB
5 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210914-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bf16358577181bc2e62582d4b8dfc9cd6693d7c50a2389a05bab45ebf0679c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Pb6Olor5AtvlDyVt7JOFSt2N5GQbhr2F
content-encoding: gzip
etag: "59f41a5f32c11046a9099b82c6e4a3d0"
age: 104
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5062
x-amz-id-2: 45b8MDyFES8F8G6AE4O56xuQx533Ysfjipz9V+FLOUlrw1J9g1EiJWnbpHcPZWhQHPijSiHNvSU=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 08:54:43 GMT
server: AmazonS3
x-timer: S1631797394.989761,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: C72WTGC0EAYTPFTX
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 452

GET
H2 200 sha256.20210914-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 5166 6 KB
3 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210914-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20cef199764e090ab8fa631555722da5396595402250a8871c409120c9481a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: IkLgZCFM21pOZ3xUeQNuF9gQU9sVt81P
content-encoding: gzip
etag: "debbadf2bcb2578405c6011af191ee45"
age: 88
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: WwzDn17C6g3x6iCS6BQDCslRKZauwts/rFt3WUV5KWRpdMoiKdUfKYLWZb+BqAp79BeH3sN1l3c=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 08:54:56 GMT
server: AmazonS3
x-timer: S1631797394.991960,VS0,VE0
date: Thu, 16 Sep 2021 13:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: 7DC0E840TRBN0FWT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 375

GET
H/1.1 200
OK tb Show response
15.taboola.com/ Frame 5166 4 KB
4 KB 25ms
21ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://15.taboola.com/tb?oid=15&pubnm=disqus-widget-safetylevel20longtail09&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22http%3A%2F%2Fwww.easymarks.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22easymarks%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=http%3A%2F%2Fwww.easymarks.org%2F&cirf=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&encoded=1&uid=b77b7b15-4fa6-4243-8093-fb3932e551f2-tuct83cc611&variant=-100|478542&callback=TRC.videoTagCallbacks.videoCallback1&cb=1631797394002&tagid=&cntry=DE&platform=1&sesid=77dd899af9c3f92a375856a191a6bbe3&itemid=/link/1080849/movieshd915&viewid=1631797393599&geolat=&geoing=&deviceifa=&appid=&sd=v2_77dd899af9c3f92a375856a191a6bbe3_b77b7b15-4fa6-4243-8093-fb3932e551f2-tuct83cc611_1631797393_1631797393_CIi3jgYQktQ_GL_x0PW-LyABKAEwODib4wlAiIoQSMbb2ANQouwQWABgAGj9wYbU7pDul8cBcAA&ri=58fce6a79abda3bc227c54802dfc2bb6&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1042962&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NW&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b671cdcad3ff49c25b5841cae217518571faefc3942d73941dda54a8bd111fc3

Request headers

Referer: http://www.easymarks.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: http://www.easymarks.org
MachineId: 1417
Transfer-Encoding: chunked
X-Cache: MISS
xvid-debug: mrmr - :
Connection: keep-alive
X-Served-By: cache-fra19125-FRA
Pragma: no-cache
Server: nginx
X-Timer: S1631797394.012084,VS0,VE12
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Via: 1.1 varnish
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Link: <http://am-wf.taboola.com>; rel=preconnect
X-Cache-Hits: 0

GET
H2 200 userx.20210914-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 5166 17 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210914-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fc85e88218b642faeb3e78264fe935fcbf5713436f92609f06120ab05208946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: W2l64_qYhzxH8ICEOJobZji7dknoYnrp
content-encoding: gzip
etag: "1a3fb8670ef1b960583df6966cc9427d"
age: 10
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5341
x-amz-id-2: /y51hvHj758oSaAkJf976zMj5LLgpa3i+yjKulEwC9SJZHhy4eIA3gCyVxLNyq2Q8Bo/y8A0j8c=
x-served-by: cache-fra19140-FRA
last-modified: Tue, 14 Sep 2021 08:53:57 GMT
server: AmazonS3
x-timer: S1631797394.005477,VS0,VE0
date: Thu, 16 Sep 2021 13:03:14 GMT
vary: Accept-Encoding
x-amz-request-id: 466E32FXNTBGSQJT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 65
x-cache-hits: 16

GET
H2 204 fix-user-id
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 5166 0
251 B 16ms
16ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/fix-user-id?lti=deflated&ri=58fce6a79abda3bc227c54802dfc2bb6&sd=v2_77dd899af9c3f92a375856a191a6bbe3_b77b7b15-4fa6-4243-8093-fb3932e551f2-tuct83cc611_1631797393_1631797393_CIi3jgYQktQ_GL_x0PW-LyABKAEwODib4wlAiIoQSMbb2ANQouwQWABgAGj9wYbU7pDul8cBcAA&ui=b77b7b15-4fa6-4243-8093-fb3932e551f2-tuct83cc611&pi=/link/1080849/movieshd915&wi=-6953713085295330803&pt=text&vi=1631797393599&time=1631797393987&fromUser=64627463-844f-43f3-b031-1145b9107ba1-tuct83cc611&toUser=b77b7b15-4fa6-4243-8093-fb3932e551f2-tuct83cc611&fromSD=v2_13486e9c3cda8f2d4238c3211fd98bd9_64627463-844f-43f3-b031-1145b9107ba1-tuct83cc611_1631797393_1631797393_CIi3jgYQktQ_GKLx0PW-LyABKAEwODib4wlAiIoQSMbb2ANQouwQWABgAGj9wYbU7pDul8cBcAA&toSD=v2_77dd899af9c3f92a375856a191a6bbe3_b77b7b15-4fa6-4243-8093-fb3932e551f2-tuct83cc611_1631797393_1631797393_CIi3jgYQktQ_GL_x0PW-LyABKAEwODib4wlAiIoQSMbb2ANQouwQWABgAGj9wYbU7pDul8cBcAA&tim=13%3A03%3A13.987&id=8138&llvl=1&cv=20210914-3-RELEASE&
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1631797394.005996,VS0,VE9
x-served-by: cache-fra19140-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1631056800/images/ Frame 798A 2 KB
2 KB 7ms
7ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1631056800/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 667509
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
content-type: image/png
content-length: 1644
x-amz-cf-id: f_8SMH9WjQ8kgRHfLBJquK-WN8wEtSGrCYUt_p6G117516QKauY9dg==
expires: Fri, 08 Oct 2021 19:38:05 GMT

GET
DATA 200
OK truncated
/ Frame 798A 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 798A 13 KB
13 KB 12ms
11ms Image
image/svg+xml 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12176733
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: XRuvmFWsiM36V0sW2QqsrrVTQiwsySWCxe8ED-P_3u-vEWWGsoABUQ==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 798A 3 KB
3 KB 8ms
8ms Image
image/gif 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19469107
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JmNQXtHUrL0QB8Dfdz8dOCI2J3zjMeG992pYERGGFiY-GvOV73nv0Q==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 798A 2 KB
2 KB 9ms
8ms Image
image/png 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:47:19 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8388955
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 10 Jun 2021 21:33:44 GMT
server: nginx
etag: "60c28538-746"
content-type: image/png
access-control-allow-origin: *
expires: Sat, 11 Jun 2022 10:47:19 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1pDfqCqOkkmvb-r9dit_ls8kr2LeBnoL-xbrw6FFUhvRnhv3V2txYA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 798A 8 KB
8 KB 9ms
9ms Font
application/octet-stream 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:36:59 GMT
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5678775
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Tue, 12 Jul 2022 19:36:59 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SoVjhswXUJRr_2b7StT6aYgDFBMYLubrEKOWxyWkE7eu8uTc-yCsEw==
x-cache-hits: 0

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 317 B
935 B 58ms
39ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 508ea40340be2d4275ceb497b4c891b2dbf50da96f3e3157a184d6cef89cb828

Request headers

Referer: http://www.wdir1.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 13:03:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.wdir1.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 317
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 5534 2 KB
1 KB 26ms
7ms Document
text/html 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-574971.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bankier.pl/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: sZmkgOU7fsmDzADeYi7AxVvZg2HjQLJrBy4wuu2cmg-GgU9dZnqXEw==
age: 5011089

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 0005 513 B
925 B 265ms
85ms Document
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

126c9e5b46413d6efb7d8e7154e9c9582aaecace410e24d65ea003015dafdfbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+2YI8OWxDB1pkorLCZ9oEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
accept-encoding: gzip, deflate, br
cookie: NID=223=X9TrA-I4Okt9lwpQ1ii_nucWU0wv7A80LNmTafZ4jfwKjNdVuOI3S14Llcn1CJzswk-HO9CqWYYeWtgvUvxHrTne_-vkTCj6Z0xBXXmODBqt1I_wrI2X_qkmvkK4ii2yivRjY90UXnkbRkTQuhvwA61g3dHBgx6IA3NVSiLlK_0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Sep 2021 13:03:14 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-+2YI8OWxDB1pkorLCZ9oEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 9e757a938ef4fac650f68581fbf2a9a1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 13 KB
14 KB 8ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e757a938ef4fac650f68581fbf2a9a1.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14fee68228a6fb20bcf44baf0b907a57b76339da2d871a9fef286f3a952c4c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1118129
edge-cache-tag: 357367926537573968437757921131548294013,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 381
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e757a938ef4fac650f68581fbf2a9a1.jpg
content-length: 13380
x-request-id: 6a33963c5f44fc386e07f03d43c9d1bb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 13 Aug 2021 19:26:33 GMT
server: nginx
x-timer: S1631797394.119561,VS0,VE0
etag: "f35fc8cab108b1eed43ba18f5815c1ea"
x-served-by: cache-wdc5535-WDC, cache-dca17743-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 679373818a57873b7924b03bb2222016.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 8 KB
9 KB 9ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/679373818a57873b7924b03bb2222016.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 006ba17433992601603c3d182e42074a78ed5f0d5dfd2c1edcba48c7842ca1ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 478308
edge-cache-tag: 586846550367350031972262923874032961159,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 89
expiration: expiry-date="Wed, 22 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/679373818a57873b7924b03bb2222016.jpg
content-length: 8320
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sun, 22 Aug 2021 11:02:02 GMT
server: nginx
x-timer: S1631797394.119689,VS0,VE1
etag: "5e00ebede5df4030a9ac51d59da8c8e5"
x-served-by: cache-wdc5562-WDC, cache-dca17731-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 6 KB
7 KB 8ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 20683013180bd0fe19f52785e9b57691593c6c8553c67c0dbbcebc9c1348b44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1255246
edge-cache-tag: 419233789214034334773542473550031474136,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 98
expiration: expiry-date="Sun, 12 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
content-length: 6324
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 12 Aug 2021 07:20:33 GMT
server: nginx
x-timer: S1631797394.119865,VS0,VE0
etag: "ae5a2f366ef4e7082771777d140a1176"
x-served-by: cache-wdc5572-WDC, cache-dca17759-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 5f5637a748fbef03cc794f99.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/ Frame 5166 6 KB
6 KB 9ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/5f5637a748fbef03cc794f99.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e9812cadd8681637592b07793d0bd95520f64a64a89021e7299b18e8933fe62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2005506
edge-cache-tag: 307768200341463618799973921212628239046,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 28
expiration: expiry-date="Sat, 28 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/5f5637a748fbef03cc794f99.jpg
content-length: 5812
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Wed, 28 Jul 2021 03:42:13 GMT
server: nginx
x-timer: S1631797394.120154,VS0,VE0
etag: "8007556d3fbf70afb51899281b184d88"
x-served-by: cache-wdc5521-WDC, cache-dca12927-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 652

GET
H2 200 84840a15c64fdcaecc94d33e058d9a35.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 5 KB
5 KB 9ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84840a15c64fdcaecc94d33e058d9a35.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e59867a786084ba65ad1786c1013095c90a185e1409ca0c2088ee408b5d64c4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1235444
edge-cache-tag: 553558610319373150235272743012211865223,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 19
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84840a15c64fdcaecc94d33e058d9a35.jpg
content-length: 4940
x-request-id: 102cea2b8202708cd869317b020da83f
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Fri, 06 Aug 2021 21:12:32 GMT
server: nginx
x-timer: S1631797394.120424,VS0,VE1
etag: "640a61ae105bec7bb807c3e7eccc69c6"
x-served-by: cache-wdc5579-WDC, cache-dca17735-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ Frame 3A47 78 KB
27 KB 9ms
9ms Script
application/javascript 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: easymarks.disqus.com
URL: https://easymarks.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11569064
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: I182HHLMyHNx8AGVqbLoH0UeTfhSK3JjigbU-3Sj9Yo7zeUvCghZkg==
x-cache-hits: 0

GET
H2 200 2f8798ee9e4a5b287304958ab25a4848.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 5 KB
5 KB 10ms
10ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f8798ee9e4a5b287304958ab25a4848.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f9f05b7dc1cd43c1d7f507db807c3f2df32609c5c7562ea36b88dd9b401ea522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3647513
edge-cache-tag: 309595732086075306202022577696694377246,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 97
x-envoy-upstream-service-time: 29
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f8798ee9e4a5b287304958ab25a4848.jpg
content-length: 4686
x-request-id: f9c25d9490e430c2c86f0ae3cbe46860
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Wed, 04 Aug 2021 12:21:37 GMT
server: nginx
x-timer: S1631797394.122537,VS0,VE1
etag: "94a0984de6a3cd66784268c62bca6028"
x-served-by: cache-wdc5556-WDC, cache-dca17776-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 399d4c22f5cc939e61508b1fc4a1bb9b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 11 KB
12 KB 12ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/399d4c22f5cc939e61508b1fc4a1bb9b.png
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 127c89f1d120b6de22ca9d112d75892f7f1ca921a9ed6a5abf12ec815ccfafd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1171969
edge-cache-tag: 356626382551800574663632801374650943334,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 34
expiration: expiry-date="Sat, 04 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/399d4c22f5cc939e61508b1fc4a1bb9b.png
content-length: 11518
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 04 Aug 2021 01:59:54 GMT
server: nginx
x-timer: S1631797394.135849,VS0,VE1
etag: "c1a0c6cd6bf663f3747b10f5d7943445"
x-served-by: cache-wdc5553-WDC, cache-dca17731-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2

200

rexdot.js Show response
gapl.hit.gemius.pl/__/_1631797394122/ Frame 75E8
Redirect Chain

https://gapl.hit.gemius.pl/_1631797394122/rexdot.js?l=100&id=0ihFZGtRodd4eRdnn7__KpYlrfEdg5rEoS8h.SiJc2v.R7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2Fwww.bankier...
https://gapl.hit.gemius.pl/__/_1631797394122/rexdot.js?l=100&id=0ihFZGtRodd4eRdnn7__KpYlrfEdg5rEoS8h.SiJc2v.R7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2Fwww.bank...

167 B
423 B

31ms
31ms

Script
application/x-javascript

195.177.216.95
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gapl.hit.gemius.pl/__/_1631797394122/rexdot.js?l=100&id=0ihFZGtRodd4eRdnn7__KpYlrfEdg5rEoS8h.SiJc2v.R7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&screen=1600x1200r1000&col=24&window=550x640&ltime=420&lsdata=3rW8GaelKY7FdJtpxEIMOFURzGFFG83EXi7BAlj.mYv.h7H1MM_4_XwAj.V1F_wZzb4bohJNRz7aBCcvnH2zT.9PNOWq/xKTmUgr1UDo1N/&fpdata=-TURNEDOFF&vis=1
Requested by: Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-195-177-216-95.dataspace.pl
Software: GHC /
Resource Hash: ea3a51d361d7aad22666e0b6b9ae73e7329e69ad3d3e3aaa0b09ea2a9679ef1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 167
expires: Wed, 15 Sep 2021 13:03:14 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1631797394122/rexdot.js?l=100&id=0ihFZGtRodd4eRdnn7__KpYlrfEdg5rEoS8h.SiJc2v.R7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&screen=1600x1200r1000&col=24&window=550x640&ltime=420&lsdata=3rW8GaelKY7FdJtpxEIMOFURzGFFG83EXi7BAlj.mYv.h7H1MM_4_XwAj.V1F_wZzb4bohJNRz7aBCcvnH2zT.9PNOWq/xKTmUgr1UDo1N/&fpdata=-TURNEDOFF&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 15 Sep 2021 13:03:14 GMT

GET
H2 200 743763269044006 Show response
connect.facebook.net/signals/config/ Frame 75E8 306 KB
87 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/743763269044006?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01b3d21b898820c66984da63776e6cd05b8984e63c56548d2bec5c773f326328

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89232
x-xss-protection: 0
pragma: public
x-fb-debug: ozo5nYwRIcL7Nu0kidaXjFHkhEL+ctOpkNVjbcvVJ1s59Ph7LNbKhohUDW+1xEuWM14RDYyTvrABTvR2kPbIKg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 16 Sep 2021 13:03:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame F0DB 337 B
807 B 8ms
8ms Stylesheet
text/css 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: easymarks.disqus.com
URL: https://easymarks.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11612980
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: hgOvi6MqcQNpkzMMAYjl_2O7ydeKWpNn16kkdLjn7FD72LRJi96zQA==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 904D 337 B
807 B 8ms
7ms Stylesheet
text/css 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: easymarks.disqus.com
URL: https://easymarks.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11612980
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 334nLheGcq5kK9j7uuw2xxhvg1DCfrZ66m_82lhYvXXV5D6a0kk5Rg==
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 798A 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85b5ab2d40dceff956a033c8e7704008997180b610f32a343a09994e775ba58e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: r6nMa/++b0dhHmfxnXzckQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: TApF80bp3LLUKpAlt3aWbxNd1Kpmu6eFmMZPCHP2spykB0PPwG9gSGPLxfvckath5Pn0n6hlqpSWsxe3eWUrEA==
x-fb-trip-id: 917726464
x-fb-content-md5: 4b08e63a264f12148da250b60664de13
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Sep 2021 13:03:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7050c7734168b68f1782bc24bd6f528b"
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:12:46 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 798A 12 KB
5 KB 110ms
109ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YDW+H2K086puM/rGbQiATA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "6cf1a8085d365822968a50501ed9fdee"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-YDW+H2K086puM/rGbQiATA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:03:14 GMT

GET
H/1.1

200
OK

sync.gif
links.services.disqus.com/api/
Redirect Chain

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

43 B
563 B

47ms
32ms

Image
image/gif

199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 13:03:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/1.4.0/ Frame 5166 79 KB
24 KB 16ms
11ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
Via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront), 1.1 varnish
Age: 372815
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 23743
X-Served-By: cache-fra19121-FRA
Last-Modified: Tue, 31 Mar 2020 13:14:35 GMT
Server: AmazonS3
X-Timer: S1631797394.218173,VS0,VE0
ETag: "b683c290896a82c974838a04b4ea4aff"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: mMnmJ7s0t6-TZZw6udJyfub3BGJk9a38NWcLCQJzbry4BP8PMGrxow==
X-Cache-Hits: 455

GET
H2 200 /
www.google.com/pagead/1p-user-list/1066401214/ Frame 75E8 42 B
108 B 96ms
94ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1066401214/?random=1631797393957&cv=9&fst=1631797200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&frm=2&url=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&tiba=regarder%20le%20film%20-%20Forum%20-%20Bankier.pl&async=1&fmt=3&is_vtc=1&random=3924198689&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1066401214/ Frame 75E8 42 B
569 B 242ms
86ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1066401214/?random=1631797393957&cv=9&fst=1631797200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&frm=2&url=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&tiba=regarder%20le%20film%20-%20Forum%20-%20Bankier.pl&async=1&fmt=3&is_vtc=1&random=3924198689&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1038410486/ Frame 75E8 42 B
270 B 93ms
91ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1038410486/?random=1631797393954&cv=9&fst=1631797200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&frm=2&url=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&tiba=regarder%20le%20film%20-%20Forum%20-%20Bankier.pl&async=1&fmt=3&is_vtc=1&random=3432131946&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1038410486/ Frame 75E8 42 B
108 B 242ms
88ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1038410486/?random=1631797393954&cv=9&fst=1631797200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&frm=2&url=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&ref=http%3A%2F%2Fwww.easymarks.org%2F&tiba=regarder%20le%20film%20-%20Forum%20-%20Bankier.pl&async=1&fmt=3&is_vtc=1&random=3432131946&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f382193be302f73ac35f1ee3bcd98539.png
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a09c8623919a997d4955c308af2f11ee10a065314717aca406e562cab91c348

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2179651
edge-cache-tag: 487360150067233601151201532197034102171,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 33
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f382193be302f73ac35f1ee3bcd98539.png
content-length: 17220
x-request-id: 0f77aab6c15140b64de72fd1de0247c7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sun, 01 Aug 2021 04:58:51 GMT
server: nginx
x-timer: S1631797394.216919,VS0,VE0
etag: "7c40a548aab913a2e1ff2ff25706d32b"
x-served-by: cache-wdc5567-WDC, cache-dca17756-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e757a938ef4fac650f68581fbf2a9a1.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14fee68228a6fb20bcf44baf0b907a57b76339da2d871a9fef286f3a952c4c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1118129
edge-cache-tag: 357367926537573968437757921131548294013,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 381
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e757a938ef4fac650f68581fbf2a9a1.jpg
content-length: 13380
x-request-id: 6a33963c5f44fc386e07f03d43c9d1bb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 13 Aug 2021 19:26:33 GMT
server: nginx
x-timer: S1631797394.217836,VS0,VE0
etag: "f35fc8cab108b1eed43ba18f5815c1ea"
x-served-by: cache-wdc5535-WDC, cache-dca17743-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/5f5637a748fbef03cc794f99.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e9812cadd8681637592b07793d0bd95520f64a64a89021e7299b18e8933fe62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2005506
edge-cache-tag: 307768200341463618799973921212628239046,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 28
expiration: expiry-date="Sat, 28 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/5f5637a748fbef03cc794f99.jpg
content-length: 5812
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Wed, 28 Jul 2021 03:42:13 GMT
server: nginx
x-timer: S1631797394.217916,VS0,VE0
etag: "8007556d3fbf70afb51899281b184d88"
x-served-by: cache-wdc5521-WDC, cache-dca12927-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 653

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 20683013180bd0fe19f52785e9b57691593c6c8553c67c0dbbcebc9c1348b44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1255246
edge-cache-tag: 419233789214034334773542473550031474136,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 98
expiration: expiry-date="Sun, 12 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
content-length: 6324
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 12 Aug 2021 07:20:33 GMT
server: nginx
x-timer: S1631797394.218170,VS0,VE0
etag: "ae5a2f366ef4e7082771777d140a1176"
x-served-by: cache-wdc5572-WDC, cache-dca17759-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//creator.skyneto.com/public/uploads/c0b5e89342c84803.png
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f53dcff71b60ef594dd29b1a27f99a550f083531afc536efd60bfbf3c832fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1833055
edge-cache-tag: 532116933471780194259812605353038046441,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 29
expiration: expiry-date="Sun, 12 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//creator.skyneto.com/public/uploads/c0b5e89342c84803.png
content-length: 9680
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Thu, 12 Aug 2021 15:04:33 GMT
server: nginx
x-timer: S1631797394.218209,VS0,VE0
etag: "7b2d7e92bfb3b9afef0c803d69c39b21"
x-served-by: cache-wdc5576-WDC, cache-dca17749-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 11bc6fc68cfefd77e9ac41bc3f12eac7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 8FDC 10 KB
11 KB 10ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11bc6fc68cfefd77e9ac41bc3f12eac7.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 086b8c77596d4f0402a62ac5e219e60b44a5ddd2cb182ddeeea6033c22f7322c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 535344
edge-cache-tag: 422646010008494819450286779515942165557,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 613
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11bc6fc68cfefd77e9ac41bc3f12eac7.jpg
content-length: 10194
x-request-id: 14a5ea00c4a3c413fa6756c66c425e5c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 09 Sep 2021 14:02:09 GMT
server: nginx
x-timer: S1631797394.218377,VS0,VE0
etag: "2ee24ad0083e260be1b51e7fcaba6581"
x-served-by: cache-wdc5525-WDC, cache-dca17738-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 41 B
658 B 35ms
35ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3654e161cab68f4c5dd7a071e81a1afd80b82e0cbba038f137b7bbfa472000f2

Request headers

Referer: http://www.wdir1.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 13:03:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.wdir1.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK prebid.js Show response
tagmanager.smartadserver.com/latest/ Frame 75E8 640 KB
200 KB 10ms
8ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.smartadserver.com/latest/prebid.js
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/1947/105101/smart.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: c8d43b78caf6f8854903dd5d547b02f0fcd06dc4fc9fa844ccb7e529078de822

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Sep 2021 13:01:43 GMT
Server: Apache/2.4.25 (Debian)
ETag: "a001d-5cb02c8d181c3-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 204847

GET
H/1.1 200
OK base_host.js Show response
ced-ns.sascdn.com/safeframe/safeframe-api/ Frame 75E8 34 KB
15 KB 112ms
20ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/safeframe/safeframe-api/base_host.js
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/1947/105101/smart.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6f9c822d9971f13a4f5d45a151d39031eb38bb427a226ea9ca3b52cb945108d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 11:23:36 GMT
Server: AkamaiNetStorage
ETag: "bd2b4ea7cf5d410193ea4a540fb6bc71:1580383416"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15245

GET
H2 200 9e757a938ef4fac650f68581fbf2a9a1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 13 KB
14 KB 8ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e757a938ef4fac650f68581fbf2a9a1.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 14fee68228a6fb20bcf44baf0b907a57b76339da2d871a9fef286f3a952c4c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1118129
edge-cache-tag: 357367926537573968437757921131548294013,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 381
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e757a938ef4fac650f68581fbf2a9a1.jpg
content-length: 13380
x-request-id: 6a33963c5f44fc386e07f03d43c9d1bb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 13 Aug 2021 19:26:33 GMT
server: nginx
x-timer: S1631797394.270362,VS0,VE0
etag: "f35fc8cab108b1eed43ba18f5815c1ea"
x-served-by: cache-wdc5535-WDC, cache-dca17743-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/679373818a57873b7924b03bb2222016.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 006ba17433992601603c3d182e42074a78ed5f0d5dfd2c1edcba48c7842ca1ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 478308
edge-cache-tag: 586846550367350031972262923874032961159,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 89
expiration: expiry-date="Wed, 22 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/679373818a57873b7924b03bb2222016.jpg
content-length: 8320
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sun, 22 Aug 2021 11:02:02 GMT
server: nginx
x-timer: S1631797394.270683,VS0,VE0
etag: "5e00ebede5df4030a9ac51d59da8c8e5"
x-served-by: cache-wdc5562-WDC, cache-dca17731-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 6 KB
7 KB 13ms
12ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 20683013180bd0fe19f52785e9b57691593c6c8553c67c0dbbcebc9c1348b44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1255246
edge-cache-tag: 419233789214034334773542473550031474136,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 98
expiration: expiry-date="Sun, 12 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee629a2e8fb01cd09c15a8ac0aa095dd.jpg
content-length: 6324
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 12 Aug 2021 07:20:33 GMT
server: nginx
x-timer: S1631797394.270970,VS0,VE0
etag: "ae5a2f366ef4e7082771777d140a1176"
x-served-by: cache-wdc5572-WDC, cache-dca17759-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

GET
H2 200 5f5637a748fbef03cc794f99.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/ Frame 5166 6 KB
6 KB 13ms
13ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/5f5637a748fbef03cc794f99.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e9812cadd8681637592b07793d0bd95520f64a64a89021e7299b18e8933fe62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 2005506
edge-cache-tag: 307768200341463618799973921212628239046,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 28
expiration: expiry-date="Sat, 28 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdni.rt.com/deutsch/images/2020.09/article/5f5637a748fbef03cc794f99.jpg
content-length: 5812
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Wed, 28 Jul 2021 03:42:13 GMT
server: nginx
x-timer: S1631797394.271134,VS0,VE0
etag: "8007556d3fbf70afb51899281b184d88"
x-served-by: cache-wdc5521-WDC, cache-dca12927-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 654

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84840a15c64fdcaecc94d33e058d9a35.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e59867a786084ba65ad1786c1013095c90a185e1409ca0c2088ee408b5d64c4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1235444
edge-cache-tag: 553558610319373150235272743012211865223,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 19
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84840a15c64fdcaecc94d33e058d9a35.jpg
content-length: 4940
x-request-id: 102cea2b8202708cd869317b020da83f
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Fri, 06 Aug 2021 21:12:32 GMT
server: nginx
x-timer: S1631797394.271236,VS0,VE0
etag: "640a61ae105bec7bb807c3e7eccc69c6"
x-served-by: cache-wdc5579-WDC, cache-dca17735-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f8798ee9e4a5b287304958ab25a4848.jpg
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f9f05b7dc1cd43c1d7f507db807c3f2df32609c5c7562ea36b88dd9b401ea522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3647513
edge-cache-tag: 309595732086075306202022577696694377246,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 97
x-envoy-upstream-service-time: 29
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f8798ee9e4a5b287304958ab25a4848.jpg
content-length: 4686
x-request-id: f9c25d9490e430c2c86f0ae3cbe46860
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Wed, 04 Aug 2021 12:21:37 GMT
server: nginx
x-timer: S1631797394.271315,VS0,VE0
etag: "94a0984de6a3cd66784268c62bca6028"
x-served-by: cache-wdc5556-WDC, cache-dca17776-DCA, cache-fra19140-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 798A 228 KB
67 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=68279582ab77b1745b3454b4bc66157b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee39adcb61477d08a0395dfd30c71f1bca978c443eddda80bed2091ef0216051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DvU2bJM+CbhY9Pm89pMxUg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68419
x-fb-rlafr: 0
x-fb-debug: tA5BgGDfGcvzoYoGV3UczFqKlp52mp94dA/+H+jUNiUzaJYsbygvzAoWX/CkH0RVXkkWXZ2emDHe5D6bU84Blw==
x-fb-trip-id: 917726464
x-fb-content-md5: 8e09bc49fff50094ef9cbdbd5f0d7663
x-frame-options: DENY
date: Thu, 16 Sep 2021 13:03:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "fa1723f61dd7700f411215377647a483"
timing-allow-origin: *
expires: Fri, 16 Sep 2022 12:25:43 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 75E8 44 B
147 B 12ms
12ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=743763269044006&ev=PageView&dl=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&rl=http%3A%2F%2Fwww.easymarks.org%2F&if=true&ts=1631797394305&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&it=1631797394139&coo=false&exp=p0&rqm=GET

Requested by

Host: www.bankier.pl
URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Sep 2021 13:03:14 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 70ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.wdir1.com%2F&domain=www.bankier.pl&cw=1&lsw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.bankier.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.bankier.pl
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1570
date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 75E8 2 KB
1007 B 7ms
7ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210916

Requested by

Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/latest/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60e642785893759e29dca69afd93ff0f6fea591067850fe30d5d7235b0431de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankier.pl/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 34535
x-jsd-version: 1.0.1101
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 936
etag: W/"6a0-q87q6Z6a9/Iy8YRkFiPxS7SypnE"
x-served-by: cache-fra19165-FRA
x-jsd-version-type: version
date: Thu, 16 Sep 2021 13:03:14 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

sid Show response
mug.criteo.com/ Frame 75E8
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.wdir1.com%2F&domain=www.bankier.pl&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=e-v8L3x4eGVMTGtsTkdjamJYMTZpR2xIREtzVHpURmRWc2R6bTJ4N1pFK1dSTWgyMmF2a0xiREUvajk0Vm41aTZxWjU4em5nVGtUdm1lWjBuTXpYNEh0alFySEsrY2xSYWRzZ2czbnlmZitMWHhpWm1qODhJcVJUYlg2UG...

355 B
610 B

50ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=e-v8L3x4eGVMTGtsTkdjamJYMTZpR2xIREtzVHpURmRWc2R6bTJ4N1pFK1dSTWgyMmF2a0xiREUvajk0Vm41aTZxWjU4em5nVGtUdm1lWjBuTXpYNEh0alFySEsrY2xSYWRzZ2czbnlmZitMWHhpWm1qODhJcVJUYlg2UGFQSW83WlVOTS81MlRYTlFQQVkyU0FaMlV1Skdpa1k3dDAzTWpVVXFjNDFGZTBJY0w2VlE0R0lmNngyRUZORlZrc2RzOVRDUytwa3BSTi95NXpmVXM5NFJCNDlnMEovOHFYeU9zd1VFNTFFdEkyWlhnbjZsM0hKaVplT0ZFcE1jckh5RHVOQWVOfA&cppv=2

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

160c0386096f8dd71e60fa8016ed1dafa63045a837cc27b158810c060c9b9040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 16 Sep 2021 13:03:14 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2540
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 16 Sep 2021 13:03:14 GMT
location: https://mug.criteo.com/sid?cpp=e-v8L3x4eGVMTGtsTkdjamJYMTZpR2xIREtzVHpURmRWc2R6bTJ4N1pFK1dSTWgyMmF2a0xiREUvajk0Vm41aTZxWjU4em5nVGtUdm1lWjBuTXpYNEh0alFySEsrY2xSYWRzZ2czbnlmZitMWHhpWm1qODhJcVJUYlg2UGFQSW83WlVOTS81MlRYTlFQQVkyU0FaMlV1Skdpa1k3dDAzTWpVVXFjNDFGZTBJY0w2VlE0R0lmNngyRUZORlZrc2RzOVRDUytwa3BSTi95NXpmVXM5NFJCNDlnMEovOHFYeU9zd1VFNTFFdEkyWlhnbjZsM0hKaVplT0ZFcE1jckh5RHVOQWVOfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bankier.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1767
content-length: 509
expires: 0

GET
H2

200

j Show response
rp4.liadm.com/ Frame 75E8
Redirect Chain

https://rp.liadm.com/j?wpn=prebid&pu=http%3A%2F%2Fwww.wdir1.com&se=e30&dtstmp=1631797394371
https://rp4.liadm.com/j?wpn=prebid&pu=http%3A%2F%2Fwww.wdir1.com&se=e30&dtstmp=1631797394371&i6=MmEwMTo0Zjg6YTE6MWExOjhhOjox&n3pc=true

13 B
569 B

394ms
113ms

XHR
application/json

54.146.217.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?wpn=prebid&pu=http%3A%2F%2Fwww.wdir1.com&se=e30&dtstmp=1631797394371&i6=MmEwMTo0Zjg6YTE6MWExOjhhOjox&n3pc=true

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.146.217.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-217-90.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:15 GMT
x-pixel-event-id: 4cb813b7-f900-434b-ae93-51d03e2308cd
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 7
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 809edbe69dbd91c4

Redirect headers

date: Thu, 16 Sep 2021 13:03:14 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?wpn=prebid&pu=http%3A%2F%2Fwww.wdir1.com&se=e30&dtstmp=1631797394371&i6=MmEwMTo0Zjg6YTE6MWExOjhhOjox&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.bankier.pl
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 295cf7f3b9f5ae9f
request-time: 0
content-length: 0
x-content-type-options: nosniff

POST
H/1.1

200
OK

call Show response
www3.smartadserver.com/1947/ Frame 75E8
Redirect Chain

https://www3.smartadserver.com/1947/call
https://www3.smartadserver.com/1947/call?cklb=1

14 KB
2 KB

26ms
25ms

XHR
application/json

185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.smartadserver.com/1947/call?cklb=1
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 5fdcaa676a5fef822d161a440c1e6114192c1481a19c02592497528eaae09f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.bankier.pl
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:13 GMT
location: https://www3.smartadserver.com/1947/call?cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.bankier.pl
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

OPTIONS
H/1.1 204
No Content call
www3.smartadserver.com/1947/ Frame 0
0 136ms
16ms Preflight 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.smartadserver.com/1947/call
Protocol: HTTP/1.1
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,save-data
Origin: https://www.bankier.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 16 Sep 2021 13:03:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.bankier.pl

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame 798A 103 KB
34 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 03:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35070
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 14 Sep 2022 03:58:04 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 3A47 43 B
295 B 96ms
96ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=1k4rccq3l9rood&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=easymarks&zone=thread&version=9bdb65de27b881f62b84ef54f46d1575&page_url=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&page_referrer=http%3A%2F%2Fwww.wdir1.com%2F&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=6347562

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 1012384269-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 0005 116 KB
40 KB 232ms
74ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 11:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40580
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 16:34:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Fri, 16 Sep 2022 11:37:44 GMT

GET
H/1.1 200
OK popups.js Show response
bbp.salesmanago.pl/dynamic/en2eym7pqp9kfwsq/ Frame 75E8 12 KB
5 KB 38ms
36ms Script
application/javascript 89.25.223.83
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bbp.salesmanago.pl/dynamic/en2eym7pqp9kfwsq/popups.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF3TSG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.83 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.83.static.3s.pl
Software: Apache /
Resource Hash: b30a7ccba177c4e6c571eb4cc00ac405e6b23f628a8073637c4c64dfba9ca7c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type, accept
content-length: 4444
expires: Thu, 16 Sep 2021 14:03:14 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 89ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1085
date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame FBDF 513 B
546 B 386ms
84ms Document
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ad21d344112aa593a3ea567ba282838b3f8605d36f16647a9979a71620b0667

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wjf9gh+vG7/7vw38ZH0Eyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
accept-encoding: gzip, deflate, br
cookie: NID=223=X9TrA-I4Okt9lwpQ1ii_nucWU0wv7A80LNmTafZ4jfwKjNdVuOI3S14Llcn1CJzswk-HO9CqWYYeWtgvUvxHrTne_-vkTCj6Z0xBXXmODBqt1I_wrI2X_qkmvkK4ii2yivRjY90UXnkbRkTQuhvwA61g3dHBgx6IA3NVSiLlK_0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Sep 2021 13:03:14 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-wjf9gh+vG7/7vw38ZH0Eyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 204
No Content call
www3.smartadserver.com/1947/ Frame 0
0 17ms
17ms Preflight 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.smartadserver.com/1947/call?cklb=1
Protocol: HTTP/1.1
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,save-data
Origin: https://www.bankier.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.bankier.pl

GET
H/1.1 200
200 war.json Show response
www.salesmanago.pl/war/ Frame 75E8 45 B
406 B 150ms
71ms XHR
application/json 89.25.223.88
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salesmanago.pl/war/war.json?s=18en2eym7pqp9kfwsq&u=17beeb43985-c66fd6ca62ef-155c9d64-8c5ec944-ee79f4c9-3847841c8d90&d=www.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html
Requested by: Host: bbp.salesmanago.pl
URL: https://bbp.salesmanago.pl/static/sm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.88 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.88.static.3s.pl
Software: Apache /
Resource Hash: 79bd17216de8a5d3b4737da7908953a05b711abfa8a30d0bd1f0c5ce45df4fbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:15 GMT
content-encoding: gzip
server: Apache
vary: Origin, Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
transfer-encoding: chunked
expires: Thu, 16 Sep 2021 13:03:16 GMT

GET
H/1.1 200
OK nshow Show response
www3.smartadserver.com/h/ Frame 75E8 10 KB
4 KB 52ms
52ms Script
application/javascript 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.smartadserver.com/h/nshow?siteid=105101&pgid=665479&fmtid=42536&tag=sas_42536&tmstp=5182252084&visit=S&acd=1631797394598&opid=0255e83f-b60f-4653-be2c-7f570097832f&opdt=1631797394598&ckid=0&async=1&pubid=29&systgt=%24qc%3D1314162586%3B%24ql%3DUnknown%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0%3B%24b%3D16920%3B%24o%3D11100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=http%3A%2F%2Fwww.wdir1.com%2F&noadcbk=sas.noad&gdpr=1&hmfp=73.7&insid=5816392%2C5844803&capp=0%2C0&mcrdbt=0%2C0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1947/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: ded19b459683bf05ecef3e14c92708b6df9d6bb18f074868946e46b9ea0cb52a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:13 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 5844803
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
www3.smartadserver.com/h/ Frame 75E8 8 KB
3 KB 107ms
75ms Script
application/javascript 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.smartadserver.com/h/nshow?siteid=105101&pgid=665479&fmtid=42555&tag=sas_42555&tmstp=5182252084&visit=S&acd=1631797394598&opid=ed9ccfb3-0858-4e00-a19d-2af2154f79e5&opdt=1631797394598&ckid=0&async=1&pubid=29&systgt=%24qc%3D1314162586%3B%24ql%3DUnknown%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0%3B%24b%3D16920%3B%24o%3D11100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=http%3A%2F%2Fwww.wdir1.com%2F&noadcbk=sas.noad&gdpr=1&insid=5816490%2C5839556&capp=0%2C0&mcrdbt=0%2C0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1947/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: b925a5ac98354268b57b23e8849049931d86bc25c72bc7a915f7b14e30c6f68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:15 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 5839556
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK aip
itx4.smartadserver.com/h/ Frame 75E8 43 B
270 B 54ms
18ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx4.smartadserver.com/h/aip?uii=466229502906899713&tmstp=5182252084&ckid=0&pubid=29&systgt=%24qc%3d1314162586%3b%24ql%3dUnknown%3b%24qpc%3d90403%3b%24qt%3d25_176_65889t%3b%24dma%3d0%3b%24b%3d16920%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200&acd=1631797394598&envtype=0&opid=09bbf752-13bb-46f3-bc12-15a2f1221bb8&opdt=1631797394598&siteid=105101&tgt=%24dt%3d1t&gdpr=1&pgid=665479&fmtid=42550&statid=18&visit=s
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
itx4.smartadserver.com/h/ Frame 75E8 43 B
270 B 53ms
18ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx4.smartadserver.com/h/aip?uii=466229502906899719&tmstp=5182252084&ckid=0&pubid=29&systgt=%24qc%3d1314162586%3b%24ql%3dUnknown%3b%24qpc%3d90403%3b%24qt%3d25_176_65889t%3b%24dma%3d0%3b%24b%3d16920%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200&acd=1631797394598&envtype=0&opid=bc559341-6325-4b3a-8e54-fd1899332b24&opdt=1631797394598&siteid=105101&tgt=%24dt%3d1t&gdpr=1&pgid=665479&fmtid=42537&statid=18&visit=s
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B31D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

38ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: www3.smartadserver.com
URL: https://www3.smartadserver.com/h/nshow?siteid=105101&pgid=665479&fmtid=42536&tag=sas_42536&tmstp=5182252084&visit=S&acd=1631797394598&opid=0255e83f-b60f-4653-be2c-7f570097832f&opdt=1631797394598&ckid=0&async=1&pubid=29&systgt=%24qc%3D1314162586%3B%24ql%3DUnknown%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0%3B%24b%3D16920%3B%24o%3D11100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=http%3A%2F%2Fwww.wdir1.com%2F&noadcbk=sas.noad&gdpr=1&hmfp=73.7&insid=5816392%2C5844803&capp=0%2C0&mcrdbt=0%2C0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bankier.pl/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Sep 2021 13:03:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date: Thu, 16 Sep 2021 13:03:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 75E8 31 KB
11 KB 11ms
10ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: www3.smartadserver.com
URL: https://www3.smartadserver.com/h/nshow?siteid=105101&pgid=665479&fmtid=42536&tag=sas_42536&tmstp=5182252084&visit=S&acd=1631797394598&opid=0255e83f-b60f-4653-be2c-7f570097832f&opdt=1631797394598&ckid=0&async=1&pubid=29&systgt=%24qc%3D1314162586%3B%24ql%3DUnknown%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0%3B%24b%3D16920%3B%24o%3D11100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=http%3A%2F%2Fwww.wdir1.com%2F&noadcbk=sas.noad&gdpr=1&hmfp=73.7&insid=5816392%2C5844803&capp=0%2C0&mcrdbt=0%2C0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 96bf34be96152a1e9b30121f463904332e2ee264399170c25749b5ba8a562443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 13:05:57 GMT
Server: AkamaiNetStorage
ETag: "88d30f421fe92800cd38b52870556b28:1631106480.782098"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10406

GET
H2 200 299feec7-aa32-4eeb-a600-c2f12601534b.min.js Show response
www.statsforads.com/tag/ Frame 75E8 281 KB
74 KB 65ms
10ms Script
application/javascript 13.225.78.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statsforads.com/tag/299feec7-aa32-4eeb-a600-c2f12601534b.min.js
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41da802bdf58a996c6e3b7022190c1e1ebbf35b6dff6518b4e6b20197ec5394

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:48:16 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 08:28:59 GMT
server: AmazonS3
age: 899
etag: W/"70ec41f181a5b3356f222b08af927c4c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: yKJDiNv-kLlC3Mc_gVuV66Pfky9HHZkqgs6JSKQ_7uc5ntQFuDdqKg==

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame E153 58 KB
24 KB 117ms
18ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:56:10 GMT
server: nginx
etag: W/"612c9d2a-e958"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 200
OK web-push.js Show response
bbp.salesmanago.pl/static/chunk/ Frame 75E8 14 KB
6 KB 24ms
24ms Script
application/javascript 89.25.223.83
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bbp.salesmanago.pl/static/chunk/web-push.js
Requested by: Host: bbp.salesmanago.pl
URL: https://bbp.salesmanago.pl/static/sm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.25.223.83 Katowice, Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS: host-89.25.223.83.static.3s.pl
Software: Apache /
Resource Hash: 434de14a5a9690149172b217a0d3aed4cea780cf28c54d9d518f46a8ae0f531e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 11:10:19 GMT
server: Apache
etag: "37f0-5c581118fd396-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5375
expires: Thu, 16 Sep 2021 14:03:14 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B31D 31 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: cd5770e47b27ff7ed7bc81924472b8cd9658ce51a81c054fa893e8227007ea7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=57464
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Fri, 17 Sep 2021 05:00:58 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B31D 284 B
536 B 61ms
9ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 0005 14 B
172 B 84ms
84ms XHR
application/json 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 16 Sep 2021 14:03:14 GMT

GET
H/1.1 200
OK action
www3.smartadserver.com/track/ Frame 75E8 43 B
163 B 18ms
18ms Image
image/gif 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www3.smartadserver.com/track/action?sid=1631797394672&pid=665479&iid=5844803&cid=25642247&key=viewUndetermined&ts=1631797394672
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ Frame 75E8 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=743763269044006&ev=Microdata&dl=https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html&rl=http%3A%2F%2Fwww.easymarks.org%2F&if=true&ts=1631797394834&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22regarder%20le%20film%20-%20Forum%20-%20Bankier.pl%22%2C%22meta%3Adescription%22%3A%22Gor%C4%85ce%20dyskusje%20o%20sp%C3%B3%C5%82kach%20i%20wydarzeniach%20na%20parkiecie.%20Najwi%C4%99ksze%20forum%20gie%C5%82dowe%20w%20polskim%20internecie.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22regarder%20le%20film%20-%20Forum%20-%20Bankier.pl%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.bankier.pl%2Fforum%2Ftemat_regarder-le-film%2C49558167.html%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.bankier.pl%2Fstatic%2Fimages2%2Fbankier-logo_huge.png%22%2C%22og%3Adescription%22%3A%22Gor%C4%85ce%20dyskusje%20o%20sp%C3%B3%C5%82kach%20i%20wydarzeniach%20na%20parkiecie.%20Najwi%C4%99ksze%20forum%20gie%C5%82dowe%20w%20polskim%20internecie.%22%2C%22og%3Asite_name%22%3A%22Bankier.pl%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A975%7D%2C%22properties%22%3A%7B%22url%22%3A%22%2F%22%2C%22logo%22%3A%22%2Fstatic%2Fimages2%2Fbankier-logo.png%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&it=1631797394139&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Sep 2021 13:03:14 GMT

GET
H/1.1 200
OK action
www3.smartadserver.com/track/ Frame 75E8 43 B
163 B 18ms
17ms Image
image/gif 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www3.smartadserver.com/track/action?sid=1631797394726&pid=665479&iid=5839556&cid=21758655&key=viewUndetermined&ts=1631797394726
Requested by: Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 1012384269-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame FBDF 116 KB
40 KB 374ms
73ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 11:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40580
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 16:34:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Fri, 16 Sep 2022 11:37:44 GMT

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame AD82 661 B
838 B 130ms
106ms Script
application/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=wdir1&thread_id=8777224354&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.64 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

6970b5b61d8c95e52b01c4fe581f849b93e7c613b230005034e2506675067455

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 noavatar92.png
a.disquscdn.com/1631056800/images/ Frame AD82 2 KB
2 KB 8ms
8ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1631056800/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:14 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 667510
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
content-type: image/png
content-length: 1644
x-amz-cf-id: f_8SMH9WjQ8kgRHfLBJquK-WN8wEtSGrCYUt_p6G117516QKauY9dg==
expires: Fri, 08 Oct 2021 19:38:05 GMT

POST
H2 204 bulk Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 8FDC 0
316 B 28ms
28ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?tvi2=4948&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.easymarks.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 16 Sep 2021 13:03:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1631797395.949665,VS0,VE9
x-served-by: cache-fra19140-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.easymarks.org
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2

200

/ Show response
adx.adform.net/adx/ Frame E153
Redirect Chain

https://adx.adform.net/adx/?rp=3&bWlkPTE3NjU1OSZybmQ9NTE4MjI1MjA4NA&url=http%3A%2F%2Fwww.wdir1.com&callback=_adform_cb_1631797394971_9337719071816468
https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTE3NjU1OSZybmQ9NTE4MjI1MjA4NA&url=http%3A%2F%2Fwww.wdir1.com&callback=_adform_cb_1631797394971_9337719071816468

1 KB
1 KB

20ms
19ms

Script
text/javascript

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTE3NjU1OSZybmQ9NTE4MjI1MjA4NA&url=http%3A%2F%2Fwww.wdir1.com&callback=_adform_cb_1631797394971_9337719071816468

Requested by

Host: www.easymarks.org
URL: http://www.easymarks.org/link/1080849/movieshd915

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e1344c39aeba037623ab5aadf4827a6d52f816500b3b1d018246bca800262585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1038
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:15 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=3&bWlkPTE3NjU1OSZybmQ9NTE4MjI1MjA4NA&url=http%3A%2F%2Fwww.wdir1.com&callback=_adform_cb_1631797394971_9337719071816468
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame AD82 43 B
295 B 98ms
97ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=2187&event=init_embed&thread=8777224354&forum=wdir1&forum_id=6343476&imp=1k4b9sq2tcr37b&prev_imp&thread_slug=movieshd915_43&user_type=anon&referrer=http%3A%2F%2Fwww.wdir1.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2

200

362358.gif Show response
idsync.rlcdn.com/ Frame 3D1C
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCJOBjYoGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDmpAUaojLOQaD92ZD3zIvc&google_cver=1

42 B
318 B

42ms
15ms

Document
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDmpAUaojLOQaD92ZD3zIvc&google_cver=1
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: idsync.rlcdn.com
:scheme: https
:path: /362358.gif?google_gid=CAESEDmpAUaojLOQaD92ZD3zIvc&google_cver=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
accept-encoding: gzip, deflate, br
cookie: rlas3=x/xEPQC6/oIvq/AjJKg3yFa1wWbQq7mz38sJ3QnUMDk=; pxrc=CJOBjYoGEgUI6AcQABIGCLrqARAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=x/xEPQC6/oIvq/AjJKg3yFa1wWbQq7mz38sJ3QnUMDk=; Path=/; Domain=rlcdn.com; Expires=Fri, 16 Sep 2022 13:03:15 GMT; Secure; SameSite=None pxrc=CJOBjYoGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Mon, 15 Nov 2021 13:03:15 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:15 GMT
content-length: 42
via: 1.1 google
alt-svc: clear

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEDmpAUaojLOQaD92ZD3zIvc&google_cver=1
date: Thu, 16 Sep 2021 13:03:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame CE6F 506 B
1 KB 229ms
162ms Document
text/html 13.225.78.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-77.fra2.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: 9864c458929040774ea43798978b5b8acae7f67563a352864cf51a2616f4681d

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 506
date: Thu, 16 Sep 2021 13:03:15 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=3e86a4c8-40b6-4a41-af34-62fc1913550a:1631797395.2; Domain=rezync.com; Expires=Tue, 15-Mar-2022 06:03:15 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVyrsKgzAYQOFXKf_sEG8dBBdpOpQmIkSKk3gJNmrS1iRQInn32u0c-HZo33yTneLKQGY2ywMYVnGchmyHUeiPPQqGcEn6Lg6jdJ3teQEfgOZai5dqxfiXp_5QJKoTKjFq3GTopRBUINSw6nt_XCVxlaHzTTYOp4SRkLLiWc44Ig7HJRtcyWpLpjwH73-pPjFV.FCTSEw.cXubLk096fMX7JSyC5bAlMsAIms; Expires=Tue, 15-Mar-2022 13:03:15 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: KxcTi7qrc6WFGc7v-zt0hvUjJz3RqPeJXawG3z_JgWZFxMSUjNDEVw==

GET
H/1.1

204
No Content

/
io.narrative.io/ Frame AD82
Redirect Chain

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac1k4ba3125lju6k
https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c1k4ba3125lju6k

0
247 B

30ms
29ms

Image
text/plain

52.17.47.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c1k4ba3125lju6k
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.47.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-47-34.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:15 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive

Redirect headers

location: https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c1k4ba3125lju6k
date: Thu, 16 Sep 2021 13:03:15 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1

200
OK

/
io.narrative.io/ Frame AD82
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac1k4ba3125lju6k&ret=img&ref=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915
https://io.narrative.io/?io.narrative.guid.v2=74597510-16ee-11ec-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac1k4ba3125lju6k&ret=img&ref=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915

35 B
319 B

60ms
29ms

Image
image/gif

52.17.47.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=74597510-16ee-11ec-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac1k4ba3125lju6k&ret=img&ref=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.47.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-47-34.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=wdir1&t_u=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:15 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=74597510-16ee-11ec-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac1k4ba3125lju6k&ret=img&ref=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915
Date: Thu, 16 Sep 2021 13:03:15 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

POST
H2 204 bulk Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 5166 0
79 B 16ms
16ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.easymarks.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 16 Sep 2021 13:03:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1631797395.130547,VS0,VE9
x-served-by: cache-fra19140-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://www.easymarks.org
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 299feec7-aa32-4eeb-a600-c2f12601534b.min.js Show response
www.statsforads.com/tag/ Frame 75E8 281 KB
74 KB 8ms
8ms Script
application/javascript 13.225.78.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statsforads.com/tag/299feec7-aa32-4eeb-a600-c2f12601534b.min.js
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41da802bdf58a996c6e3b7022190c1e1ebbf35b6dff6518b4e6b20197ec5394

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bankier.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:48:16 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 08:28:59 GMT
server: AmazonS3
age: 900
etag: W/"70ec41f181a5b3356f222b08af927c4c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jmHaTthIMGwKuU3dtch5qfncBp7sUib-so0CcD5PkLzQRJ2xxwGK1A==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3A47 11 KB
9 KB 260ms
93ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210914&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5d0f53a60e1969d83f6a3f7cdb8af68e041bea2fc69014b36c6c5b5ee0fa56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8475
x-xss-protection: 0

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame FBDF 14 B
133 B 96ms
95ms XHR
application/json 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 16 Sep 2021 14:03:15 GMT

GET
H2

200

397676.gif
idsync.rlcdn.com/ Frame CE6F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=7888194857022319267
https://p.rfihub.com/cm?pub=39342&in=1&userid=3e86a4c8-40b6-4a41-af34-62fc1913550a%3A1631797395.2&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc1k4ba3125lju6k
https://idsync.rlcdn.com/501709.gif?partner_uid=c1k4ba3125lju6k
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=75uZePM_GUNV-QS8zmYw9tmc8kxvj5qf

42 B
316 B

16ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=75uZePM_GUNV-QS8zmYw9tmc8kxvj5qf
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:15 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=75uZePM_GUNV-QS8zmYw9tmc8kxvj5qf
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3560
date: Thu, 16 Sep 2021 13:03:15 GMT
content-length: 221
content-type: text/html; charset=utf-8

GET
H2

200

401696.gif
idsync.rlcdn.com/ Frame CE6F
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=3e86a4c8-40b6-4a41-af34-62fc1913550a%3A1631797395.2&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1870471598141181659
https://idsync.rlcdn.com/501709.gif?partner_uid=c1k4ba3125lju6k
https://tags.bluekai.com/site/2035?phint=rluid=a55502d49c312841c49a03b7626aea981e4f7a14e9d65ecf10f93f2711ebd7ce2971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24...
https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515

42 B
316 B

16ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:15 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Location: https://idsync.rlcdn.com/401696.gif?partner_uid=$BK_UUID_25515
Date: Thu, 16 Sep 2021 13:03:15 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame 798A 665 B
842 B 122ms
122ms Script
application/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=easymarks&thread_id=8777221916&referer=http%3A%2F%2Fwww.wdir1.com%2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.64 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

8e24790473e078048af7e44a28557c819779f096a755b9a00cb88eea7189096f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 noavatar92.png
a.disquscdn.com/1631056800/images/ Frame 798A 2 KB
2 KB 10ms
10ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1631056800/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 667510
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
content-type: image/png
content-length: 1644
x-amz-cf-id: f_8SMH9WjQ8kgRHfLBJquK-WN8wEtSGrCYUt_p6G117516QKauY9dg==
expires: Fri, 08 Oct 2021 19:38:05 GMT

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 798A 13 KB
13 KB 8ms
8ms Image
image/svg+xml 2600:9000:21f3:b600:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:b600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12176734
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: N6tYXuKl3NuNhssYxsErv5gQTWgF_bbnVn_ZvIs9cBSK507dKH_eZw==
x-cache-hits: 0

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 8FDC 254 B
1 KB 13ms
10ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via: 1.1 varnish
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Age: 19506
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
X-Served-By: cache-fra19182-FRA
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1631797396.597156,VS0,VE0
Date: Thu, 16 Sep 2021 13:03:15 GMT
x-amz-request-id: E8X2YXVA73E9K5Z9
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
abp: 65
X-Cache-Hits: 19315

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 5166 254 B
1 KB 13ms
10ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via: 1.1 varnish
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Age: 19506
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
X-Served-By: cache-fra19132-FRA
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1631797396.598111,VS0,VE0
Date: Thu, 16 Sep 2021 13:03:15 GMT
x-amz-request-id: E8X2YXVA73E9K5Z9
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
abp: 65
X-Cache-Hits: 19294

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 798A 43 B
295 B 96ms
95ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=1924&event=init_embed&thread=8777221916&forum=easymarks&forum_id=6347562&imp=1k4rccq3l9rood&prev_imp=1k4b9sq2tcr37b&thread_slug=movieshd915_43&user_type=anon&referrer=http%3A%2F%2Fwww.easymarks.org%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2

200

52154.gif Show response
idsync.rlcdn.com/ Frame 377C
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7888194857022319267

42 B
316 B

17ms
17ms

Document
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7888194857022319267
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: idsync.rlcdn.com
:scheme: https
:path: /52154.gif?served_by=evergreen&partner_uid=7888194857022319267
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
accept-encoding: gzip, deflate, br
cookie: rlas3=x/xEPQC6/oIvq/AjJKg3yFa1wWbQq7mz38sJ3QnUMDk=; pxrc=CJOBjYoGEgUI6AcQABIGCLbqARAAEgYIuuoBEAA=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=x/xEPQC6/oIvq/AjJKg3yFa1wWbQq7mz38sJ3QnUMDk=; Path=/; Domain=rlcdn.com; Expires=Fri, 16 Sep 2022 13:03:15 GMT; Secure; SameSite=None pxrc=CJOBjYoGEgUI6AcQABIGCLbqARAAEgYIuuoBEAA=; Path=/; Domain=rlcdn.com; Expires=Mon, 15 Nov 2021 13:03:15 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:15 GMT
content-length: 42
via: 1.1 google
alt-svc: clear

Redirect headers

Server: nginx/1.17.9
Date: Thu, 16 Sep 2021 13:03:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7888194857022319267
AN-X-Request-Uuid: 0a0c005b-7803-48bc-b236-810379947432
Set-Cookie: uuid2=7888194857022319267; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 15-Dec-2021 13:03:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame 60D6 506 B
1 KB 164ms
154ms Document
text/html 13.225.78.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-77.fra2.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: 9864c458929040774ea43798978b5b8acae7f67563a352864cf51a2616f4681d

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
accept-encoding: gzip, deflate, br
cookie: zync-uuid=3e86a4c8-40b6-4a41-af34-62fc1913550a:1631797395.2; sd-session-id=.eJwVyrsKgzAYQOFXKf_sEG8dBBdpOpQmIkSKk3gJNmrS1iRQInn32u0c-HZo33yTneLKQGY2ywMYVnGchmyHUeiPPQqGcEn6Lg6jdJ3teQEfgOZai5dqxfiXp_5QJKoTKjFq3GTopRBUINSw6nt_XCVxlaHzTTYOp4SRkLLiWc44Ig7HJRtcyWpLpjwH73-pPjFV.FCTSEw.cXubLk096fMX7JSyC5bAlMsAIms
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 506
date: Thu, 16 Sep 2021 13:03:15 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=3e86a4c8-40b6-4a41-af34-62fc1913550a:1631797395.2; Domain=rezync.com; Expires=Tue, 15-Mar-2022 06:03:15 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVyrsKgzAYQOFXKf_sEG8dBBdpOpQmIkSKk3gJNmrS1iRQInn32u0c-HZo33yTneLKQGY2ywMYVnGchmyHUeiPPQqGcEn6Lg6jdJ3teQEfgOZai5dqxfiXp_5QJKoTKjFq3GTopRBUINSw6nt_XCVxlaHzTTYOp4SRkLLiWc44Ig7HJRtcyWpLpjwH73-pPjFV.FCTSEw.cXubLk096fMX7JSyC5bAlMsAIms; Expires=Tue, 15-Mar-2022 13:03:15 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: VJKoBqjy8SHe31FsTLl1gzqVFMeAWDf-ljs8hoc5JNmpuKkeGB3dMQ==

GET
H/1.1

204
No Content

/
io.narrative.io/ Frame 798A
Redirect Chain

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac1k4ba3125lju6k
https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c1k4ba3125lju6k

0
247 B

30ms
30ms

Image
text/plain

52.17.47.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c1k4ba3125lju6k
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.47.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-47-34.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:15 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive

Redirect headers

location: https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c1k4ba3125lju6k
date: Thu, 16 Sep 2021 13:03:15 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 200
OK /
io.narrative.io/ Frame 798A 35 B
319 B 37ms
30ms Image
image/gif 52.17.47.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?companyId=19&id=disqus_id%3Ac1k4ba3125lju6k&ret=img&ref=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.47.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-47-34.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=easymarks&t_u=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915&t_d=%20movieshd915&t_t=%20movieshd915&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 13:03:15 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A47 17 KB
7 KB 271ms
103ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 16 Sep 2021 13:03:15 GMT

GET
H2

200

401726.gif
idsync.rlcdn.com/ Frame 60D6
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=7888194857022319267
https://p.rfihub.com/cm?pub=39342&in=1&userid=3e86a4c8-40b6-4a41-af34-62fc1913550a%3A1631797395.2&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc1k4ba3125lju6k
https://idsync.rlcdn.com/501709.gif?partner_uid=c1k4ba3125lju6k
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=120273&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}
https://idsync.rlcdn.com/401726.gif?partner_uid=zUNTaB26M8j1n0QNnW1o/e

42 B
333 B

15ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401726.gif?partner_uid=zUNTaB26M8j1n0QNnW1o/e
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:16 GMT
last-modified: Thu, 16 Sep 2021 13:03:16 GMT
server: Apache
access-control-allow-origin: *
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://idsync.rlcdn.com/401726.gif?partner_uid=zUNTaB26M8j1n0QNnW1o/e
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

362248.gif
idsync.rlcdn.com/ Frame 60D6
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=3e86a4c8-40b6-4a41-af34-62fc1913550a%3A1631797395.2&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1870471598141181659
https://idsync.rlcdn.com/501709.gif?partner_uid=c1k4ba3125lju6k
https://dpm.demdex.net/ibs:dpid=477&dpuuid=f7941ccc0b519ba9d6f1827d9f2846b023e32f262d5c74023551863d8c7d4275b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=f7941ccc0b519ba9d6f1827d9f2846b023e32f262d5c74023551863d8c7d4275b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3...
https://idsync.rlcdn.com/362248.gif?partner_uid=62002390156385497950962928998347681244

42 B
333 B

16ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362248.gif?partner_uid=62002390156385497950962928998347681244
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c1k4ba3125lju6k&pctry=DE&referrer=http%3A%2F%2Fwww.easymarks.org%2Flink%2F1080849%2Fmovieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:16 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

DCS: dcs-prod-irl1-1-v016-0d56ad4f4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: mn2jG2AkTiw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://idsync.rlcdn.com/362248.gif?partner_uid=62002390156385497950962928998347681244
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 8FDC 2 KB
1 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 1651
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19140-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1631797396.887183,VS0,VE0
date: Thu, 16 Sep 2021 13:03:15 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 9314

GET
H2 200 / Show response
pips.taboola.com/ Frame 8FDC 64 B
241 B 23ms
7ms XHR
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: cae87a091fc40b6d12c3a5bc83c64c648d0a50e10e95da4a6a33a6574e1528d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:15 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19169-FRA
access-control-allow-methods: GET
access-control-allow-origin: http://www.easymarks.org
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ Frame 8FDC 0
155 B 276ms
84ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=64627463-844f-43f3-b031-1145b9107ba1-tuct83cc611&uad=c1c70a79df9c14bb520a9172fea9444a9161a9470b819a3b7172e9f5330977a6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Sep 2021 13:03:16 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8608 12 KB
5 KB 79ms
78ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.easymarks.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 16 Sep 2021 12:54:09 GMT
expires: Fri, 16 Sep 2022 12:54:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 366A 783 B
815 B 89ms
89ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d00a96f0ccb75b9385deeecec87f55a6b94143e0f70af3955d4afd8ca4650cb6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jVk+QmaOuepd0vhM1+UfUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.easymarks.org/
accept-encoding: gzip, deflate, br
cookie: NID=223=X9TrA-I4Okt9lwpQ1ii_nucWU0wv7A80LNmTafZ4jfwKjNdVuOI3S14Llcn1CJzswk-HO9CqWYYeWtgvUvxHrTne_-vkTCj6Z0xBXXmODBqt1I_wrI2X_qkmvkK4ii2yivRjY90UXnkbRkTQuhvwA61g3dHBgx6IA3NVSiLlK_0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/

Response headers

expires: Thu, 16 Sep 2021 13:03:16 GMT
date: Thu, 16 Sep 2021 13:03:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jVk+QmaOuepd0vhM1+UfUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 5166 2 KB
984 B 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210914-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 1651
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19140-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1631797396.988699,VS0,VE0
date: Thu, 16 Sep 2021 13:03:15 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 65
x-cache-hits: 9316

GET
H2 200 / Show response
pips.taboola.com/ Frame 5166 64 B
99 B 8ms
7ms XHR
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: cae87a091fc40b6d12c3a5bc83c64c648d0a50e10e95da4a6a33a6574e1528d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:15 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19169-FRA
access-control-allow-methods: GET
access-control-allow-origin: http://www.easymarks.org
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ Frame 5166 0
155 B 254ms
84ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=b77b7b15-4fa6-4243-8093-fb3932e551f2-tuct83cc611&uad=c1c70a79df9c14bb520a9172fea9444a9161a9470b819a3b7172e9f5330977a6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Sep 2021 13:03:16 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 XcVhRkqPIT2L3eK0A2yH-xZ56-A5-6Pxm_m8s2he-Ag.js Show response
pagead2.googlesyndication.com/bg/ Frame 8608 35 KB
13 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XcVhRkqPIT2L3eK0A2yH-xZ56-A5-6Pxm_m8s2he-Ag.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dc561464a8f213d8bdde2b4036c87fb1679ebe039fba3f19bf9bcb3685ef808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 10:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13291
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 10:00:56 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 366A 0
0 130ms
129ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210914&jk=482796688493081&rc=
Requested by: Host: www.wdir1.com
URL: http://www.wdir1.com/link/1080851/movieshd915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 94ms
93ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210914&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbcfeb5de05e005c27b0da74441bae1b892db76ac3a528fd9b610ef7b39a8d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 13:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8427
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A47 0
64 B 96ms
96ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210914&jk=482796688493081&bg=!r6ylrOjNAAaUnz4elJ87ACkAdvg8WogziJWWvRGKhg1YBdoW94CxB8XLKAAouNCzTqzeeglJCsqpDQIAAABtUgAAAAxoAQeZApTS0I478bFZ23wZmJ8dU4DHdpPem7hACOK2jCPVGTqGveoXMc4Dy3uWBwpczTwqSY5tTEalECLx3mFl6nhj0L8rhFS64hpdMhIUpq9CBY14A4pZ1LzMkYIA0KHwS1lJZTpqnAOHMA71VWb6cxraa9uit5Y0OpzZs9IV6ROgVhu3jj6vC0rFIYA4rZJ00z0k_XUC2WEU9JGy2E9_nxtbR9P0KrWjjLgSWi-qQoNqmbpAxBigD1czrMt2hk8Q7MCzIgfFQQ3dnL_pt_tnZ7brrySLuE9fWb_KChNv4nTk5tBuRm1aJrKuWkgiU0fR6Utoe9HtZBFUkO5C-_B3EKg3MAAhwwNm88okrfvZmHITK38bwPuF5bBIiW4ar-kYEm2bFBEyzzNstJO0N3VclioKVAs3PC9tpScaBOBB4U-9_vAWZDH5IpPfCrAX6ugbRI_x-YvgFNRdPQT5uOw0uyADwsdZlDDEfVvS2M4NU_sGuM6t5grYk1uVpKBGHpWDZr1_Nv4767bH9gNMgz_z-vZwohA41UUTBwx1hDAiPDiAy2CDrUWjvKEVDHBk_wkwt8EevRwudYqzrKWpR0RvYWHM0PfIUSWTUGrLBramJzmP9rKDrKk8bZHFxT2nEVHD74hSel2OrJ0VmwyT-A892FufT8fxpty4e3HAGenC7tapSneGW5xdobQlMhozCl3QDH3Dvns337yixCm0IHrGQDy1ExYkmaHLCYIa5aGMzq8TMpK9BBGaf4r6kGWIHeLQJwLMrMFo-boo8xT4OZJrKuPXzQpx4y-XDXlyHYtkiyHjina-HWEBH9yHJ_ybZ8j8ACFIjvFT8t4o_gbHlq9MdDiKCo4R0xSY3XQBgf2N4rrV1S_RUEZKOfs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.easymarks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 13:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 16 Sep 2021 13:03:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 935A 12 KB
5 KB 81ms
80ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wdir1.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 16 Sep 2021 12:54:09 GMT
expires: Fri, 16 Sep 2022 12:54:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC42 783 B
740 B 90ms
89ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f5d0ef1643cb4f2f78d86c4154db1b6f67424107dd91979cfaf6a7d9febb48d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mH47PkM1QOj6Hszu11HN2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wdir1.com/
accept-encoding: gzip, deflate, br
cookie: NID=223=X9TrA-I4Okt9lwpQ1ii_nucWU0wv7A80LNmTafZ4jfwKjNdVuOI3S14Llcn1CJzswk-HO9CqWYYeWtgvUvxHrTne_-vkTCj6Z0xBXXmODBqt1I_wrI2X_qkmvkK4ii2yivRjY90UXnkbRkTQuhvwA61g3dHBgx6IA3NVSiLlK_0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/

Response headers

expires: Thu, 16 Sep 2021 13:03:16 GMT
date: Thu, 16 Sep 2021 13:03:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mH47PkM1QOj6Hszu11HN2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 XcVhRkqPIT2L3eK0A2yH-xZ56-A5-6Pxm_m8s2he-Ag.js Show response
pagead2.googlesyndication.com/bg/ Frame 935A 35 KB
13 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XcVhRkqPIT2L3eK0A2yH-xZ56-A5-6Pxm_m8s2he-Ag.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dc561464a8f213d8bdde2b4036c87fb1679ebe039fba3f19bf9bcb3685ef808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 10:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13291
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 10:00:56 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC42 0
0 91ms
91ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210914&jk=4015384356713501&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 99ms
99ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210914&jk=4015384356713501&bg=!HR6lHlrNAAaUnz4elJ87ACkAdvg8Ws2CKWV61qRcR3fZn85IWRNk6uuIsEagwrAtGdKgTfmlzwwSlgIAAABrUgAAAAloAQcKAC6jXRmrBIZbZSpjJqdbQHliCFVod5MzsYlo6O_zlp0mV7J1-uZPM9c0Z_l2AaNdmQKLFosNdeiT7qbogBSOnqV2AX_1E7g3GDK3RhT2x-M00mwI5VnK4PT5EgXN93jiV6Z_YVUwXg_YobmZ0nO5LSm1CK_u_kdSJB72Xs5YjJPTy9yWo68uxngVy_4ryQ0kurLKrCYt-W3eCpUQdHwrHh4uLI2gpuFoxOSk9jygolp9tuqZt9WX4FndC4uWWhiary-9aKrtfEiM5rmOAyRXM2uRTHpDWK65JMWoxI0CWnXI4FFwnytg9dqm4j0P9zxYq9SaWxNue0_qab-pdIdoWTl7kpco9b2dMgIUmn69eHZCxoeFCR7K3J4x5I3zcPdeMPJ50RdcninfSeTIn5Js5zg9SCEkX2dF4nRMSqFt4GY5XPzFtQfNzPl7ytlYqHbctE2UF1DRvmHpi_PqhIAsUgkXVXA6PTF_zx_6peLjm4essXtot01z80c9YemGuADTz_tIKwcJYCNNrNZdOdb8TcI7eFPPeP_b7yJfYb1U-n-kBu65oG4ntlNaHqN8JT-tHnZ5q8r-6NIyEH9jc_uNrPhEo4MRepDsHvaunns4J30NkR9yFWY7hs4Y92490j29dgAQVcXeWpXjyWgAbkn2-LOXRn9fIunN-QR5IgM4xOWVq3jMVJLjukNv1y8qxmb_b5BIYWqWtCAwtsU43IQZH6CBw0l01Yowec8DllWmz_fRWN7AMe7vUle5Jlfo_uceW4xBP3QRRH4o-Dml3Q5IU-JwBTQz3OppstezcDqR_Nsz0x0b66Tj8ec28pQEO0YD_HQmZCoyfH5p91qrKLRJEi7KDfJ9x4PnIYiCNq2Fkcr0M4Jx0X6R_OIB9Y-5nY-BtfllpT0TTgyEVJhQVydEQaLppYDi7Pwg43nkxIIq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.wdir1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 13:03:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.wdir1.com/	1970-01-20 06:45:25	Name: __atuvc Value: 1%7C37
www.wdir1.com/	1970-01-19 21:16:39	Name: __atuvs Value: 614340909f8b7d88000
.addthis.com/	1970-01-20 06:45:25	Name: loc Value: MDAwMDBFVURFTlcyMzE1MTg2OTAwMjAwMDBDSA==
.addthis.com/	1970-01-20 06:45:25	Name: uvc Value: 2%7C37
.wdir1.com/	1970-01-20 14:47:49	Name: _ga Value: GA1.2.2049292007.1631797393
.wdir1.com/	1970-01-19 21:18:03	Name: _gid Value: GA1.2.1924616932.1631797393
.wdir1.com/	1970-01-19 21:16:37	Name: _gat_gtag_UA_12703824_60 Value: 1
.doubleclick.net/	1970-01-20 06:38:13	Name: IDE Value: AHWqTUknrBGij3i8aNrjU1Z4N9A6wae6ZJie02NojMUCcS3_tVPZOUVdTqUCvJ2qIGc
.disqus.com/	1970-01-20 06:02:13	Name: disqus_unique Value: 1k4ba3125lju6k
.wdir1.com/	1970-01-20 06:38:13	Name: __gads Value: ID=b75990a6c93af7ec-22337b1d27c900f7:T=1631797393:RT=1631797393:S=ALNI_MYcm_4Aq3WU1dG4HEh1Ri2sPPXyjA
.scorecardresearch.com/	1970-01-20 14:33:25	Name: UID Value: 1EVOCG5Y5DNPPFTE9PANJ3g1631797394
.google.com/	1970-01-20 01:40:08	Name: NID Value: 223=X9TrA-I4Okt9lwpQ1ii_nucWU0wv7A80LNmTafZ4jfwKjNdVuOI3S14Llcn1CJzswk-HO9CqWYYeWtgvUvxHrTne_-vkTCj6Z0xBXXmODBqt1I_wrI2X_qkmvkK4ii2yivRjY90UXnkbRkTQuhvwA61g3dHBgx6IA3NVSiLlK_0
disqus.com/	1970-01-19 21:16:39	Name: __jid Value: 1k4rccq3l9rood
.hit.gemius.pl/	1970-01-20 06:45:25	Name: Gtest Value: KlQ-aMGGQMQGrm6iLUMMUMsissGMXP8c25nSGYdMwnaI651isG..
.hit.gemius.pl/	1970-01-20 06:45:25	Name: Gdyn Value: KlSSaMXGQMQGrm6iLUMMUMsissGMXP8c25nSGYdMwnaI65MiGsRPIQlGvGGpifD8SLS8RgTSFsCBI8l8MG..
.liadm.com/	1970-01-20 14:47:49	Name: lidid Value: 918204b0-e19d-4271-861a-040ec8717bb9
.adform.net/	1970-01-19 21:59:49	Name: C Value: 1
.adform.net/	1970-01-19 22:43:04	Name: uid Value: 6508845424380893189
io.narrative.io/	1970-01-20 10:24:35	Name: io.narrative.guid.v2 Value: 74597510-16ee-11ec-a833-0aa6849ebafd
.rezync.com/	1970-01-20 01:35:24	Name: zync-uuid Value: 3e86a4c8-40b6-4a41-af34-62fc1913550a:1631797395.2
live.rezync.com/	1970-01-20 01:35:49	Name: sd-session-id Value: .eJwVyrsKgzAYQOFXKf_sEG8dBBdpOpQmIkSKk3gJNmrS1iRQInn32u0c-HZo33yTneLKQGY2ywMYVnGchmyHUeiPPQqGcEn6Lg6jdJ3teQEfgOZai5dqxfiXp_5QJKoTKjFq3GTopRBUINSw6nt_XCVxlaHzTTYOp4SRkLLiWc44Ig7HJRtcyWpLpjwH73-pPjFV.FCTSEw.cXubLk096fMX7JSyC5bAlMsAIms
.adnxs.com/	1970-01-19 23:26:13	Name: uuid2 Value: 7888194857022319267
.rfihub.com/	1970-01-20 06:38:13	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1tDA0MTS0MDQztRTiM9T1skg0tSgsD8o1NYmX4jU0MzY0tzQ3tjQ1NbAEAOPlsNo0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1tDA0MTS0MDQztRTiM9T1skg0tSgsD8o1NYkHALb7IFslAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAAXBwRGAIAwEwI_txOG4SyB2ExgpxMrd_S7wnVHa09RWmEqwOpRFPxsJurd6EMTIwfS7_4A0vxA0AAAA
.criteo.com/	1970-01-20 06:38:13	Name: uid Value: 51219169-7ccf-491c-8798-e8dd9a23d877
.rfihub.com/	1970-01-20 06:38:13	Name: eud Value: H4sIAAAAAAAAAD3HwRGAIAwEwAp8UUecHJcEsJvASEE-rdaf-9ungHePtNXFdIZYGiQ3TaLuhQG6a14Ioo3G4Wd9y_E3VPkB2NR5zUQAAAA
.rlcdn.com/	1970-01-20 06:02:13	Name: rlas3 Value: KOX4ITdkNiAvq/AjJKg3yFa1wWbQq7mz38sJ3QnUMDk=
.rlcdn.com/	1970-01-19 22:43:01	Name: pxrc Value: CJOBjYoGEgUI6AcQABIGCLDqARAAEgYItuoBEAASBgi66gEQABIGCK/rARAB
.demdex.net/	1970-01-20 01:35:49	Name: demdex Value: 62002390156385497950962928998347681244
.weborama.fr/	1970-01-20 06:48:18	Name: AFFICHE_W Value: t7ZY7bi7bdW346
.dpm.demdex.net/	1970-01-20 01:35:49	Name: dpm Value: 62002390156385497950962928998347681244

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bankier.pl/forum/temat_regarder-le-film,49558167.html Message: Failed to load resource: the server responded with a status of 410 (Gone)
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1631797392&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wdir1.com%2Flink%2F1080851%2Fmovieshd915&ea=0&flash=0&pra=5&wgl=1&dt=1631797392404&bpp=4&bdt=487&idt=323&shv=r20210914&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8030751941580&frm=20&pv=2&ga_vid=2049292007.1631797393&ga_sid=1631797393&ga_hid=479264872&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062491&oid=3&pvsid=4015384356713501&pem=111&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=341 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3279755397&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wdir1.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1631797392575&bpp=1&bdt=254&idt=331&shv=r20210914&mjsv=m202109140101&ptt=9&saldr=aa&nras=1&correlator=3401429419456&frm=24&ife=1&pv=2&ga_vid=742725286.1631797393&ga_sid=1631797393&ga_hid=784973128&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=818&ish=640&ifk=2712465668&scr_x=-12245933&scr_y=-12245933&eid=31062093&oid=3&pvsid=482796688493081&pem=640&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C818%2C640&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.5hknn6iesb8o&fsb=1&dtd=345 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://funcallgirl.in/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.disquscdn.com
accounts.google.com
adservice.google.com
adservice.google.de
adx.adform.net
api-public.addthis.com
apis.google.com
bbp.salesmanago.pl
beterhbo.ning.com
c.disquscdn.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
ced-ns.sascdn.com
ced.sascdn.com
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
disqus.com
dpm.demdex.net
easymarks.disqus.com
ejp.rlcdn.com
eus.rubiconproject.com
fonts.googleapis.com
funcallgirl.in
gapl.hit.gemius.pl
get.optad360.io
glitter.services.disqus.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
images.taboola.com
io.narrative.io
itx4.smartadserver.com
links.services.disqus.com
live.rezync.com
ls.hit.gemius.pl
m.addthis.com
mug.criteo.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
referrer.disqus.com
rp.liadm.com
rp4.liadm.com
s1.adform.net
s7.addthis.com
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.hotjar.com
tagmanager.smartadserver.com
tags.bluekai.com
tempest.services.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
trc.taboola.com
v1.addthisedge.com
vars.hotjar.com
vidstat.taboola.com
wam.solution.weborama.fr
wdir1.disqus.com
widgets.pinterest.com
www.bankier.pl
www.easymarks.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.salesmanago.pl
www.statsforads.com
www.wdir1.com
www3.smartadserver.com
z.moatads.com
s7.addthis.com
104.109.78.125
104.111.215.191
104.84.56.126
13.224.193.116
13.224.193.38
13.225.78.14
13.225.78.15
13.225.78.28
13.225.78.77
141.226.224.32
142.250.185.162
142.250.185.226
146.59.30.104
148.72.244.233
151.101.128.84
151.101.193.44
151.101.64.134
151.101.65.44
178.250.0.157
185.33.223.178
185.86.139.58
185.86.139.59
193.0.160.129
195.167.159.38
195.177.216.95
199.232.192.134
199.232.196.134
199.232.196.64
199.232.198.49
2.16.186.113
2.18.235.40
2.19.35.65
2600:1f18:730:b120:5b38:df27:617f:9396
2600:9000:21f3:7e00:6:b871:4f00:93a1
2600:9000:21f3:b600:6:8656:f5c0:93a1
2600:9000:21f3:c400:11:a4de:2580:93a1
2606:4700::6810:a20d
2620:46:2000:16::68
2a00:1450:4001:803::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200d
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a02:2638::1c
2a02:26f0:6c00::210:ba0b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:600::485
35.244.174.68
37.157.4.23
37.157.6.235
5.175.3.206
52.17.47.34
52.49.107.116
54.146.217.90
54.76.227.154
69.173.144.165
89.25.223.83
89.25.223.88
91.216.195.18
006ba17433992601603c3d182e42074a78ed5f0d5dfd2c1edcba48c7842ca1ec
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01b3d21b898820c66984da63776e6cd05b8984e63c56548d2bec5c773f326328
0417e7b73d22ea2d8ef4e932d819833c4b1c13431b40a22227187919c27c6279
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05b29e731ac5a3e11c7b0fcde0785296c564342bcd8831c9c9206ca967224d88
06ecf34762ec3ed948e0585694c979a2d6cf70ccb5e1bde264a96cba5d93749e
081e073de297b2a8d18c2bc46318bfe6634d32abf79d833953460837ff161be3
086b8c77596d4f0402a62ac5e219e60b44a5ddd2cb182ddeeea6033c22f7322c
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31
0c9b75f27cdb5b0530537bb82f6772c9cea50e44961d19aad496e62d1b979042
0e7d496bd4b125e7085e2e2d3c6b201c98aab4cacf6bdaa27761c1a539ef7888
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114474004b8736fc8c4041c60815f27c70a3d4ac88b48f8b1a53b7ee2fbda10b
118d48945aae9fe2ed572cee841ee4a6bfa2b254c1573dbd73529714be9f953e
11d11733a9a475b22a94a81ad9b59b78be7c17c07887c6638d88eff88a087e89
126c9e5b46413d6efb7d8e7154e9c9582aaecace410e24d65ea003015dafdfbb
127c89f1d120b6de22ca9d112d75892f7f1ca921a9ed6a5abf12ec815ccfafd6
14fee68228a6fb20bcf44baf0b907a57b76339da2d871a9fef286f3a952c4c16
160c0386096f8dd71e60fa8016ed1dafa63045a837cc27b158810c060c9b9040
18178dad6e3ad8b47caedd39081e79094c7a56df82b29df34ffdb4c460cde2a0
1a182bb8d62d413bcd6a05262c9e3fd78f7b0065a2e525d0f00956aa7a281f90
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1f172c2353a938f4b33a940b3b64145baaeb6df69adaa513131fbac421ca2bd6
1f5d0ef1643cb4f2f78d86c4154db1b6f67424107dd91979cfaf6a7d9febb48d
20683013180bd0fe19f52785e9b57691593c6c8553c67c0dbbcebc9c1348b44a
20cef199764e090ab8fa631555722da5396595402250a8871c409120c9481a2b
22e100907f4ba5b3f942109f32a7ea517b95f4a58d5dacec627199dd9448dd4d
23b6a7c61a5e0bcdd32a4eb67c1d63ab5b20a64c1d57fca8218a4f86082bd3bb
27e8c57a8c68686b2e95291bf48c73b362657a00bb0640e392491ecfa716e6bc
2ac1d22cd8ed930bf720b55fbb1ef95307c0fe8023825bce18badfd20c7c956f
2b1fc74e817aa58e6026dec5c17a14951a372c93d958551b4bb47a80fc17ab49
2ba3adef1908921366b7670bd08b9dc31bf338420455169c25eda88e7968cb70
2c038fa1aaa4d38dc4dd6a92d02502c02175a0826ca6e706bd16fd65d9a389b1
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2cb5e850ad387bcd797fd93bdd1a01b3937b3b10696548360b8c40c7e9aa9afa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fc85e88218b642faeb3e78264fe935fcbf5713436f92609f06120ab05208946
31e73b16d364bb1e713cb275175f034f6062b2eab59c8fdf644112c8823b4d34
326c5f3c3633b0145bdf7824a17a710cbb4939ed1249da916c1719fde16ca9c8
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
3654e161cab68f4c5dd7a071e81a1afd80b82e0cbba038f137b7bbfa472000f2
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37d0c5a3182ca8a80f82435ad1b1773b2bb3b460c43c8b056c2faa88b2d3a23f
37e7b449e621dc146c80ad708fe44c15562f32393531c579a6c318908b451b27
382695a2192225e5796cc161b3e4eeae8044e02bbb81856d398d9258a1953b7b
39f35f672b324c617b0df8a7a199ea9de27a563ce0ed5923df6b83846cfef8f9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b4eda72d795567bc64781971a0480d2f191d2f1ed21b86ea5bcfa00f5ec7bf
434de14a5a9690149172b217a0d3aed4cea780cf28c54d9d518f46a8ae0f531e
43bd93a02b96b4539c3357e74a102e7edb758784e1d96a7428c4e9aab0c61dcf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
490022e226373cf5eed2b09ef202c54099c6291ced4a70f1660aedac3394e3bb
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
4f4a9dc905c89b4797277b47cda212e5978366940c5fb5b5a94189ed2ff299ef
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
508ea40340be2d4275ceb497b4c891b2dbf50da96f3e3157a184d6cef89cb828
53cc451fb51a455175105d98e31d6c366f48229e3081b4c9fd1b4f3e57629404
55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab
56ceb69e4cc8f97d0542e0fe28adfb1c4dc73050e59c5c9d40ed9ccb6a16fea0
5794cd2e3f5a51bd72a8621481643efa9f823eed9f90b87b8fac8bc9bc71ac7e
58013144a1ca085122ee381135d2c632556568896d08275535a543b5f195eabc
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
5bf16358577181bc2e62582d4b8dfc9cd6693d7c50a2389a05bab45ebf0679c1
5c569ce3a534fdf50bc132bf9dad2f0247fedc4db902626f7f312b7e5bb816d1
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5dc561464a8f213d8bdde2b4036c87fb1679ebe039fba3f19bf9bcb3685ef808
5e9812cadd8681637592b07793d0bd95520f64a64a89021e7299b18e8933fe62
5eef549a40a959226e79ba241e13203dc93f3bc076497bfe0846f8b640650e8a
5fdcaa676a5fef822d161a440c1e6114192c1481a19c02592497528eaae09f53
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
60e642785893759e29dca69afd93ff0f6fea591067850fe30d5d7235b0431de1
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
619a950b11865ed0b2809b1faa93c9733582cfd962e2269513e8813abf6d382d
635ccfa88020a03bd465576dff57f3655a642da90a36b58ffe65a5b8185575f7
664c2e1ec94a06bfca323af686247e6207c954454e80b0381bd8248a95c2aaa8
669857f90d81800baa92d098d477fcc347f06009dfab909624c3ed8067d148af
686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d
6970b5b61d8c95e52b01c4fe581f849b93e7c613b230005034e2506675067455
69cab1643ee32641f1493c30e56388c4e661e07e10356d5d74d9a800b0201e61
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f9c822d9971f13a4f5d45a151d39031eb38bb427a226ea9ca3b52cb945108d8
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
73e7562da4e7d9f7a6739e355716f8efc6e8897ac2f2d9dca0f88d8bc53f047e
7412c8909af30393a88a807ee30d55de4593d82079dcc7f49f0afa62ac2c5dea
79a05a1845363997e213c7297ff3bdd7f2642446129aa2346a73f6bd2a4cb51d
79bd17216de8a5d3b4737da7908953a05b711abfa8a30d0bd1f0c5ce45df4fbb
7a09c8623919a997d4955c308af2f11ee10a065314717aca406e562cab91c348
7a5d0f53a60e1969d83f6a3f7cdb8af68e041bea2fc69014b36c6c5b5ee0fa56
7bf71100174b419bc5a1cb507435657f74e4f1b931df3e2c26b2a65adbbe84ad
7ec7c1d46987f1a7cc3c842b7d9d3da6b79a472fb2b744548f3ad739cfc61ca2
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
8187015bbe34b0327cb75e83f1c52487f08fdd31f2f3bc9b4f8cdd3d12d2936e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84498695ecbb07321191e331c2aecadeec5e2ba73f44f3b4ed7442dbbf1c5c37
85b5ab2d40dceff956a033c8e7704008997180b610f32a343a09994e775ba58e
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
89d6faf8869d446cb855030d67c888c0169e7b817624dbc919d4194438ddd55c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad21d344112aa593a3ea567ba282838b3f8605d36f16647a9979a71620b0667
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e
8e24790473e078048af7e44a28557c819779f096a755b9a00cb88eea7189096f
8f593e0233681ad36a58e14c0e041cd1b3cd903b9ea2f1db5cb4ada9628ccfbb
92f7993ac9ed657a4c71c45f3ce4fb3b729326654b7accbb58f18f0d77a2acb1
952b2b839257d457cc0127a5c741d9c5b8cdf0ea3a541c933f0f3c56afe3403f
958f279404b404969374ee81fc3983a836135baac26f7e24f10e83425e5734ff
96bf34be96152a1e9b30121f463904332e2ee264399170c25749b5ba8a562443
9864c458929040774ea43798978b5b8acae7f67563a352864cf51a2616f4681d
9e109d33391b97d12cfe2fc608444f728bcf35311037bb7c97ae20b02975d271
9e806bbcf51a337153242a67e8525ecf8817890287c510ca1b5e4c0fce6750a2
9ee74b69bcf8d9034f07cc018c890139a23719ac34468f935f1d2b3a61b3ecf3
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9f53dcff71b60ef594dd29b1a27f99a550f083531afc536efd60bfbf3c832fba
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2843fa252e5d000c060ddb3f535e4d7d5159cc83da4631d7247de6108c946c3
a2ac7d27583731c7b8390949ca3884a647f16f7e499fef291bc73881ac4400b9
a31747f76763ece618c3f378cbd57acb87c36a4f664a122924975a03153c1680
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a903ab241aed2158e0763f9150b009a2e267dd9c11bb9504045002645a80dd94
a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a
ab2219b5ce702bc5b782f526f54c69f36a08bc6e12a738b450ae28b5a1f0369c
accba2bc11e8b33566f2edccf4a1388b6b9ac4df2ecb2d563668f283fa1f427f
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af2c53d9541e1e8a6d2d677ee26cfc4988338f391e526f4da4ec5c607fc4e044
af5d5348c7415ac535ecc4e86f351817f9d576f07d79be6ff0b24878976dd868
b040c2d2208a2fd0132da80eda55500479e66e3d18ceccdc65ce16fc99609aa8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b30a7ccba177c4e6c571eb4cc00ac405e6b23f628a8073637c4c64dfba9ca7c7
b38baab029c01df74c0015ff12754f556aabb6aee42eb03e41aa90cabfdb9b8b
b3c4df3ef0232a64563179bf95de31ec96bb44b231deebb11587f0d1ede7d6be
b41c3fe6776ea6a1a73a39c4affecac544b742e6c1eb7ba027977eca8e08ed8b
b41da802bdf58a996c6e3b7022190c1e1ebbf35b6dff6518b4e6b20197ec5394
b4a32b198ba15f2df81a265ea3b0f5460e20ed29ea542e5288f21f2253b567e3
b6538c6a71f350ef1c0e2e0a71881e29852995573425ac52de4c238e99ad8860
b671cdcad3ff49c25b5841cae217518571faefc3942d73941dda54a8bd111fc3
b925a5ac98354268b57b23e8849049931d86bc25c72bc7a915f7b14e30c6f68d
b9c5385fe2a7178bca062410e40f687d8656be20d0db09643c1df7eef914a4a5
ba74e74e08f349966454ed6a6d0dbf5827dab49f0a8f8dfd64809c6e22ae5a8b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb754ee9cdc4340cf3bb446dfe105473abff2ba8da2ae6ebbcf0096c0117f446
bddb6f81ac43ee693b6832c29d74396a18399420febfec7d088fdb4ddaafe467
bde8a188e37aa936b167aecc5e5a3da40262f6e51fd54c584f2cf2b6b99d96ca
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c03671ab4306356cc772804de2ff0b074f788c81f06b52f03392f1e5f9aa7953
c0d615e82eb58740595627b25046cb19d91dc61cbb65d61c4a2f877abdf147f8
c1fc6751c31ac0ac718cebaf521a02dee07b0594d9c0aa7d77ba95db58badc21
c23c2aabd9867c0f7543ca4a2bb08c1898e7322d63a370ccc4dabf3e480f8f22
c28198494529eabde1e029201371b611335a3834b274654ea858ea5ff1d47764
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c45a3c3e0a8fdafab3a7a75514d91dedffbe875648172933eb13c8a63ab3b7e1
c5cef9e0049b04ddcfdbb0a0cc60dfc627218da8772a788ad8aa61e4ccb0b732
c8d43b78caf6f8854903dd5d547b02f0fcd06dc4fc9fa844ccb7e529078de822
ca64f6e8126e8e8764a3341b5cb1e344e431c14295ee265dfea6a339a8070d58
cae87a091fc40b6d12c3a5bc83c64c648d0a50e10e95da4a6a33a6574e1528d3
cd5770e47b27ff7ed7bc81924472b8cd9658ce51a81c054fa893e8227007ea7a
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cebd86b7201affe15d78722c7c362481c8d0c3c95b3feaf8d3c6af102cde0b6a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56
d00a96f0ccb75b9385deeecec87f55a6b94143e0f70af3955d4afd8ca4650cb6
d28323ec9d8534e2e6445f85e889e0dd7dbc9575c9b0a4a9a0dcb1f3c466c46a
d3dd422f9137b4143255ff663cf07145156f9a627b2e3a99d19405742891631e
d735e34f28f281a4542a395edba8df131bfc80ed208dafc1d4d40aaa34027923
d76c6754605938815efd79d08a444fb559debb69ead247cbc3131cdc041ac2a1
dbcfeb5de05e005c27b0da74441bae1b892db76ac3a528fd9b610ef7b39a8d3f
dca0654c6ee40acb99776b0f765e0c23631907d180e22d6c9bc1feac4c4b1f7f
ded19b459683bf05ecef3e14c92708b6df9d6bb18f074868946e46b9ea0cb52a
e1344c39aeba037623ab5aadf4827a6d52f816500b3b1d018246bca800262585
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f789c74c35f401aee8be0195700d82ddf0a28ba772e19d6c10460e1b1b1485
e427c9697145ba044b9009469b2e42b3b464db570a36e9208f3e08bba0fc0155
e59867a786084ba65ad1786c1013095c90a185e1409ca0c2088ee408b5d64c4b
e5e84752fa700dd08617003e4f2bfbc783a4ef077ecefe6d89333aac9440cf9d
e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399
e888cee596afe76b1eb6145afd788d8ca6c61bf9d0b0eff298c5938d3c809ebf
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e
ea3a51d361d7aad22666e0b6b9ae73e7329e69ad3d3e3aaa0b09ea2a9679ef1d
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
eab04a6e65571903da729fd95957b197fafbe3baf4fdb7e39a3edabba4794f12
ecf1ebfac9d60aac2ad293c8079c75aff7a702424c15e19d43df2d6250cc5293
ee39adcb61477d08a0395dfd30c71f1bca978c443eddda80bed2091ef0216051
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7d5f7947a63650a572af7e956a61edc65b55909b6959fc712fa84f60d779267
f99d15ce30635e2873cac74d7c3ac90203e1deb66dadb85389d78e775ecb48b0
f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c
f9f05b7dc1cd43c1d7f507db807c3f2df32609c5c7562ea36b88dd9b401ea522
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd7d791d78f10d59b04151bc2e7057b5884e36426ad5a9b99f8ada07fe282f46
ff7d449e8703e741e414a265aa3d5b1db409794f51aac80e939c109326d76288

www.wdir1.com Open in urlscan Pro 5.175.3.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

342 Requests

92 %HTTPS

39 %IPv6

47 Domains

87 Subdomains

66 IPs

8 Countries

5928 kBTransfer

15391 kBSize

32 Cookies

103 Outgoing links

Redirected requests

342 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.wdir1.com Open in urlscan Pro
5.175.3.206 Public Scan

Screenshot
Live screenshot

Full Image

342
Requests

92 %
HTTPS

39 %
IPv6

47
Domains

87
Subdomains

66
IPs

8
Countries

5928 kB
Transfer

15391 kB
Size

32
Cookies

342 HTTP transactions
6 data transactions