www.4mark.net Open in urlscan Pro
5.175.5.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.4mark.net/story/3165183/jovnaolhpoghawer
Submission Tags: falconsandbox
Submission: On June 11 via api (June 11th 2021, 5:54:13 pm UTC) from US

Summary HTTP 306 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 82 IPs in 10 countries across 67 domains to perform 306 HTTP transactions. The main IP is 5.175.5.64, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is www.4mark.net.

This is the only time www.4mark.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	5.175.5.64 5.175.5.64	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2600:9000:211... 2600:9000:211a:c400:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	5.175.3.206 5.175.3.206	20773 (GODADDY) (GODADDY)
1	34.232.169.188 34.232.169.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3035::ac43:8768	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::268	54113 (FASTLY) (FASTLY)
1 2	179.43.113.26 179.43.113.26	27823 (Dattatec.com) (Dattatec.com)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	35.196.153.42 35.196.153.42	15169 (GOOGLE) (GOOGLE)
1	69.16.238.134 69.16.238.134	32244 (LIQUIDWEB) (LIQUIDWEB)
1	13.32.2.89 13.32.2.89	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	162.144.0.108 162.144.0.108	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	162.0.209.115 162.0.209.115	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	129.67.193.7 129.67.193.7	786 (JANET Jis...) (JANET Jisc Services Limited)
1	164.165.7.69 164.165.7.69	54885 (STATE-OF-...) (STATE-OF-IDAHO-SECONDARY-ASN)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
16	2600:9000:211... 2600:9000:211a:4000:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 10	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	2600:9000:206... 2600:9000:206e:1000:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	3.209.191.86 3.209.191.86	14618 (AMAZON-AES) (AMAZON-AES)
2	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
29	2600:9000:211... 2600:9000:211a:8e00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 2	52.39.107.107 52.39.107.107	16509 (AMAZON-02) (AMAZON-02)
3 10	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
30	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	99.86.241.13 99.86.241.13	16509 (AMAZON-02) (AMAZON-02)
2	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a00d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
5 6	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
31	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
4 7	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	99.86.241.67 99.86.241.67	16509 (AMAZON-02) (AMAZON-02)
1	54.76.227.154 54.76.227.154	16509 (AMAZON-02) (AMAZON-02)
1 2	54.229.111.52 54.229.111.52	16509 (AMAZON-02) (AMAZON-02)
4	151.101.12.64 151.101.12.64	54113 (FASTLY) (FASTLY)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	18.195.240.234 18.195.240.234	16509 (AMAZON-02) (AMAZON-02)
4 16	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4 4	88.212.252.22 88.212.252.22	7979 (SERVERS-COM) (SERVERS-COM)
2	35.153.224.87 35.153.224.87	14618 (AMAZON-AES) (AMAZON-AES)
2 4	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 3	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	172.105.221.240 172.105.221.240	63949 (LINODE-AP...) (LINODE-AP Linode)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
6 6	3.124.251.221 3.124.251.221	16509 (AMAZON-02) (AMAZON-02)
2 2	18.193.144.52 18.193.144.52	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
2 2	3.127.166.11 3.127.166.11	16509 (AMAZON-02) (AMAZON-02)
1	13.225.222.42 13.225.222.42	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2	52.209.181.46 52.209.181.46	16509 (AMAZON-02) (AMAZON-02)
1	13.225.74.66 13.225.74.66	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2013	15169 (GOOGLE) (GOOGLE)
306	82

20 5.175.5.64 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: vs235095.vs.hosteurope.de

www.4mark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:c400:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.175.3.206 (Strasbourg, France)

ASN20773 (GODADDY, DE)
PTR: vs226095.vs.hosteurope.de

www.posts123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.169.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-169-188.compute-1.amazonaws.com

penzu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:8768 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sabaiydee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 179.43.113.26 (Rosario, Argentina) 1 redirects

ASN27823 (Dattatec.com, AR)
PTR: sd-1919030-l.dattaweb.com

ipsnoticias.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.196.153.42 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 42.153.196.35.bc.googleusercontent.com

diytransport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.238.134 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.interfuse1.com

uberant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.2.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-89.vie50.r.cloudfront.net

ap1.pbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.144.0.108 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-0-108.unifiedlayer.com

www.mactel.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.209.115 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium171-5.web-hosting.com

realearnmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.67.193.7 (Oxford, United Kingdom)

ASN786 (JANET Jisc Services Limited, GB)
PTR: caerus.oerc.ox.ac.uk

www.cpdn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.165.7.69 (Meridian, United States)

ASN54885 (STATE-OF-IDAHO-SECONDARY-ASN, US)
PTR: forms.idoc.idaho.gov

forms.idoc.idaho.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:211a:4000:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.112.134 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

4mark.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:1000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.191.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-191-86.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:211a:8e00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.39.107.107 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.241.13 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-13.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.15 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.241.67 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-67.vie50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.227.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-227-154.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.111.52 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-111-52.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.240.234 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 141.226.228.48 (Netherlands) 4 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.252.22 (Russian Federation) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.153.224.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-224-87.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.105.221.240 (Tokyo, Japan) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.124.251.221 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-251-221.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.144.52 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.166.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.222.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-222-42.jfk51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.181.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.74.66 (United States)

ASN16509 (AMAZON-02, US)

analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	taboola.com 4 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com pips.taboola.com cds.taboola.com	704 KB
31	disquscdn.com c.disquscdn.com a.disquscdn.com	989 KB
26	disqus.com 1 redirects 4mark.disqus.com disqus.com tempest.services.disqus.com referrer.disqus.com glitter.services.disqus.com links.services.disqus.com	133 KB
20	sharethis.com w.sharethis.com ws.sharethis.com count-server.sharethis.com l.sharethis.com	106 KB
20	4mark.net www.4mark.net	336 KB
18	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	15 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	384 KB
11	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	213 KB
9	google.com adservice.google.com www.google.com apis.google.com accounts.google.com	41 KB
7	rlcdn.com 4 redirects ejp.rlcdn.com idsync.rlcdn.com	2 KB
6	bidswitch.net 6 redirects x.bidswitch.net	2 KB
6	adnxs.com 5 redirects ib.adnxs.com	5 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	6 KB
5	gstatic.com fonts.gstatic.com ssl.gstatic.com	94 KB
4	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	105 KB
4	webgains.com track.webgains.com diapi.webgains.com	98 KB
4	contextweb.com 2 redirects bh.contextweb.com	2 KB
4	betweendigital.com 4 redirects ads.betweendigital.com	2 KB
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com	3 KB
4	criteo.com 4 redirects gum.criteo.com dis.criteo.com	2 KB
4	pubmatic.com 2 redirects image6.pubmatic.com simage2.pubmatic.com	2 KB
4	openx.net 2 redirects rtb.openx.net u.openx.net	971 B
3	lijit.com 1 redirects ce.lijit.com	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	rezync.com 2 redirects live.rezync.com	3 KB
3	rubiconproject.com 1 redirects pixel.rubiconproject.com	934 B
3	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net ad4mat.net	4 KB
3	google.de adservice.google.de www.google.de	394 B
2	m-t.io w-it.m-t.io	280 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	awin1.com www.awin1.com	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	bttrack.com bttrack.com	760 B
2	appier.net 2 redirects s.c.appier.net	724 B
2	emxdgt.com e1.emxdgt.com	81 B
2	smartadserver.com rtb-csync.smartadserver.com	1 KB
2	postrelease.com jadserve.postrelease.com	855 B
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	narrative.io 1 redirects io.narrative.io	769 B
2	viglink.com cdn.viglink.com	1 KB
2	facebook.net connect.facebook.net	67 KB
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	ipsnoticias.net 1 redirects ipsnoticias.net	459 B
2	jquery.com code.jquery.com	183 KB
1	imrworldwide.com obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	38 B
1	facebook.com www.facebook.com
1	mookie1.com odr.mookie1.com	324 B
1	quantserve.com cms.quantserve.com	464 B
1	googleadservices.com partner.googleadservices.com	655 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	idaho.gov forms.idoc.idaho.gov
1	cpdn.org www.cpdn.org
1	realearnmoney.com realearnmoney.com	57 KB
1	mactel.ca www.mactel.ca	98 KB
1	blogspot.com 1.bp.blogspot.com	675 KB
1	pbase.com ap1.pbase.com	1 KB
1	uberant.com uberant.com	14 KB
1	diytransport.com diytransport.com	190 KB
1	wp.com i2.wp.com	223 KB
1	shopify.com cdn.shopify.com	208 KB
1	sabaiydee.com www.sabaiydee.com	3 KB
1	penzu.com penzu.com
1	posts123.com www.posts123.com	2 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
306	67

	Domain	Requested by
29	c.disquscdn.com	4mark.disqus.com disqus.com c.disquscdn.com tempest.services.disqus.com www.4mark.net
25	images.taboola.com	www.4mark.net tempest.services.disqus.com cdn.taboola.com
20	www.4mark.net	www.4mark.net
18	cdn.taboola.com	tempest.services.disqus.com cdn.taboola.com
16	ws.sharethis.com	w.sharethis.com ws.sharethis.com www.4mark.net
12	sync.taboola.com	4 redirects
10	cm.g.doubleclick.net	3 redirects www.4mark.net googleads.g.doubleclick.net
8	trc.taboola.com	cdn.taboola.com
8	disqus.com	4mark.disqus.com c.disquscdn.com
7	referrer.disqus.com	www.4mark.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.4mark.net
7	pagead2.googlesyndication.com	www.4mark.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	x.bidswitch.net	6 redirects
6	ib.adnxs.com	5 redirects c.disquscdn.com
6	sb.scorecardresearch.com	2 redirects cdn.taboola.com tempest.services.disqus.com
5	idsync.rlcdn.com	2 redirects c.disquscdn.com live.rezync.com
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
4	sync-t1.taboola.com
4	bh.contextweb.com	2 redirects
4	ads.betweendigital.com	4 redirects
4	rtb.mfadsrvr.com	4 redirects
4	links.services.disqus.com	c.disquscdn.com www.4mark.net
4	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	track.webgains.com	as.ad4m.at analytics.webgains.io
3	ce.lijit.com	1 redirects
3	match.adsrvr.org	3 redirects
3	live.rezync.com	2 redirects c.disquscdn.com
3	vidstat.taboola.com	cdn.taboola.com
3	15.taboola.com	cdn.taboola.com
3	pixel.rubiconproject.com	1 redirects
3	tempest.services.disqus.com	4mark.disqus.com c.disquscdn.com
3	www.google.com	www.4mark.net googleads.g.doubleclick.net tpc.googlesyndication.com
3	4mark.disqus.com	1 redirects www.4mark.net 4mark.disqus.com
2	w-it.m-t.io	analytics-wg.webgains.io
2	api.webgains.io	analytics.webgains.io
2	prod.perf-serving.com	2 redirects
2	www.awin1.com	as.ad4m.at
2	cds.taboola.com	cdn.taboola.com
2	pips.taboola.com	cdn.taboola.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	a.sportradarserving.com	2 redirects
2	bttrack.com	cdn.taboola.com
2	s.c.appier.net	2 redirects
2	dis.criteo.com	2 redirects
2	e1.emxdgt.com
2	rtb-csync.smartadserver.com
2	simage2.pubmatic.com
2	jadserve.postrelease.com	cdn.taboola.com
2	u.openx.net
2	match.taboola.com
2	gum.criteo.com	2 redirects
2	p.rfihub.com	2 redirects
2	io.narrative.io	1 redirects www.4mark.net
2	ejp.rlcdn.com	2 redirects
2	imprammp.taboola.com	www.4mark.net
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	cdn.viglink.com	www.4mark.net
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	a.disquscdn.com	www.4mark.net c.disquscdn.com
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	l.sharethis.com	w.sharethis.com www.4mark.net
2	www.google-analytics.com	www.4mark.net www.google-analytics.com
2	ipsnoticias.net	1 redirects www.4mark.net
2	code.jquery.com	www.4mark.net
1	analytics-wg.webgains.io	analytics.webgains.io
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	www.4mark.net
1	glitter.services.disqus.com	c.disquscdn.com
1	ssl.gstatic.com	accounts.google.com
1	www.facebook.com	c.disquscdn.com
1	ad4mat.net	ad4m.at
1	static-de.ad4mat.net	ad4m.at
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.4mark.net
1	www.google.de	www.4mark.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	count-server.sharethis.com	ws.sharethis.com
1	c.sharethis.mgr.consensu.org	w.sharethis.com
1	forms.idoc.idaho.gov	www.4mark.net
1	www.cpdn.org	www.4mark.net
1	realearnmoney.com	www.4mark.net
1	www.mactel.ca	www.4mark.net
1	1.bp.blogspot.com	www.4mark.net
1	ap1.pbase.com	www.4mark.net
1	uberant.com	www.4mark.net
1	diytransport.com	www.4mark.net
1	i2.wp.com	www.4mark.net
1	cdn.shopify.com	www.4mark.net
1	www.sabaiydee.com	www.4mark.net
1	penzu.com	www.4mark.net
1	www.posts123.com	www.4mark.net
1	w.sharethis.com	www.4mark.net
1	fonts.googleapis.com	www.4mark.net
0	sync.crwdcntrl.net Failed
306	105

This site contains links to these domains. Also see Links.

Domain
www.posts123.com
digg.com
posts123.com
penzu.com
www.sabaiydee.com
www.openlearning.com
bit.ly
ipsnews.net
www.theamericanreporter.com
www.diytransport.com
uberant.com
pbase.com
provincialfabrichousensw.blogspot.com
mactel.pbworks.com
realearnmoney.com
www.cpdn.org
forms.idoc.idaho.gov

Subject Issuer	Validity	Valid
www.posts123.com R3	`2021-04-09` - `2021-07-08`	3 months	crt.sh
penzu.com Amazon	`2021-03-17` - `2022-04-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
ipsnoticias.net Sectigo RSA Domain Validation Secure Server CA	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
diytransport.com R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
uberant.com cPanel, Inc. Certification Authority	`2021-04-03` - `2021-07-02`	3 months	crt.sh
ap1.pbase.com Amazon	`2020-08-28` - `2021-09-27`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
mactel.ca Sectigo RSA Domain Validation Secure Server CA	`2020-07-13` - `2021-07-13`	a year	crt.sh
realearnmoney.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-18`	a year	crt.sh
www.cpdn.org R3	`2021-04-17` - `2021-07-16`	3 months	crt.sh
*.idaho.gov DigiCert SHA2 High Assurance Server CA	`2020-04-08` - `2022-05-02`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.npdredinuid.imrworldwide.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.narrative.io Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-06-07` - `2021-09-05`	3 months	crt.sh

This page contains 29 frames:

Primary Page: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Frame ID: 5728EED1A72500E110763E65FF674324
Requests: 95 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 1DD8A9FB456CF583AA17E89500CA174C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 19CD16A01E4719BB869DC9F423735D05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1623434034&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&ea=0&flash=0&pra=5&wgl=1&dt=1623434034702&bpp=3&bdt=287&idt=90&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2917600815681&frm=20&pv=2&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
Frame ID: D929BB9C2448607D53C1C8A2208CA78B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=280&slotname=8833263846&adk=3962291895&adf=30787386&pi=t.ma~as.8833263846&w=750&fwrn=4&fwrnh=100&lmt=1623434034&rafmt=1&psa=0&format=750x280&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1623434034705&bpp=2&bdt=289&idt=181&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=n6u8Gr1MYU&p=http%3A//www.4mark.net&dtd=188
Frame ID: 5B4AEC732261B7EB155725669096AAB2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=280&slotname=8833263846&adk=1792749478&adf=1712765404&pi=t.ma~as.8833263846&w=1170&fwrn=4&fwrnh=100&lmt=1623434034&rafmt=1&psa=0&format=1170x280&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1623434034707&bpp=1&bdt=292&idt=195&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3836&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2ZegPBKMKx&p=http%3A//www.4mark.net&dtd=201
Frame ID: 1F0B4545AC24A451FD071B9122312009
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=600&adk=1928773920&adf=3052158835&pi=t.aa~a.1654111852~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x600&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280&nras=2&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M0V1PvjSqN&p=http%3A//www.4mark.net&dtd=33
Frame ID: 77EF29D03C167C9ED60890EF4202145A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=240&adk=580979257&adf=3726972538&pi=t.aa~a.233573410~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x240&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=1&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280%2C165x600&nras=3&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=425&ady=1865&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=t9Ow1c5XZA&p=http%3A//www.4mark.net&dtd=36
Frame ID: 24EF7CBEFB461765D174121E124CB453
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
Frame ID: B16411493BB8ACC43B01684A2413EA64
Requests: 26 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Frame ID: 1C86F798E4CBF2A2B7481C36BF45925F
Requests: 33 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Frame ID: 4628C5A0D4F3E9661D76E66C51ACFDB1
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CigGJM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE4wFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZlNbNwc-ZOvXGmugbl7ti5mM3oAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTIyNDYzNjE0MzczNTYxNDE&sigh=TasDeuyhbCg
Frame ID: 033D8496896FF6821CC091B1021F9A21
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D
Frame ID: C887D3FBCA0FE50BCB00226EEDD2B966
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA8580C10C2B2E5A71F9B037F053F940
Requests: 9 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r
Frame ID: 8B6B4E0E9DD2C3D84DE256FDBEF9C743
Requests: 16 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8E65D0F2CE9EB9582D0A8BBC1203B787
Requests: 1 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Frame ID: 03E7E7F1B3E21A820324B41F89A6FED0
Requests: 3 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: A4A318D6C45F52AE9C06A5F301985C7A
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: ED28D813A06B06DE4DAE24D7ED2D0534
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2576DC1CC442075417296055411&cicmp=1337627&cijs=1&dast=V7EBICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLLazUYcxoZDGk0Gu9VoMVtMdsPRYrJcTJaQMIvFYjSZrYZTMNjC53R3t4EETafD57rXi15uw8tzumteltvT4_LcRU7P4_W5a_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCSOBDE4bP7zS7TPwAAHgpAAAAEMEIAsgx-RAAAAABGAAAAAEgABBILSwAc7hZNAAAC8vhrBLNPAAAADupknrZZ_v___2MA8t6bZAAo0jZuDHoAHnwAHoQAAAAuhjLIqAxFBt0GiApMixgBAAAASJlJyB1N6oTKour____fCuAKACAgj79mUCPr5qSYNQwAAABgbIEeFr_f7LBr_G6X_f________-b_Z8BoAkN6YWnAWmEI6nxjFwrrP0CAgCwvRsAwJsAXMwB2AEAAADc_f___-cBAABI7VGyvVbj2aOs9xls4XO6u-s3YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDjEg6pz6XxenY8NOJkrBpO5YjhXLEarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
Frame ID: 83B5A677937D9636189FDFCC5404C4DC
Requests: 1 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJDuHbJ9eo7cF0LFZZ5W8Oc&google_cver=1
Frame ID: 9C3462A952859D708F1A19E1F9CF8BB5
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34t5n633mvo80i&pctry=FR&referrer=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer
Frame ID: 0D012003387092AFD709AD80D540C13B
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=9AE8885C704426079771969272979&cicmp=1337627&cijs=1&dast=V7t_8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLlgEYfD1YY3GI0ms8FuuZvNlrPdaLXazJaQMIvFYjSZrYZTMNjC53R3t4EETafD57rXi15uw8tzumteltvT4_LcRU7P4_W5a_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCSOBDE4bP7zS7TPwAAHgpAAAAEMEIAsgyoRAAAAABGAAAAAEgABBILSwAc7hZNAAAC8vhrCA9OAAAADupknrZZ_v___2MA8t6bZAAo0jZuDHoAHnwAHoQAAAAuhmi1WlI_ilfqiQosixgBAAAASJlJyB1N6oTKour____fCuAKACAgj7-GkC_r5qSYNQwAAABgbIEeFr_f7LBr_G6X_f________-b_Z8BoAkN6YWnAWmEI6nxjFwrrP0CAgCwvRsAwJsAXMwB2AEAAADc_f___-cBAACA7VGyvVbj2aOs9xls4XO6u-s3YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDjEg6pz6XxenY8NOJkrBpO5YjhXLEarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
Frame ID: CC2B2961DF89488BBDBF3B502A8C81BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 44295DC57169BAA412F97F136CD06192
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E62296F4A6B398E4758B9E6CE23C9125
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: F7AC0A2FE3897956C2B49629B52C19A0
Requests: 3 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32b7dd62-9391-43cf-8213-e782bd3834ec&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3D32b7dd62-9391-43cf-8213-e782bd3834ec&isDirect=0
Frame ID: 8866BDE1DADA4D644EAC62DD8B6385E3
Requests: 20 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Frame ID: 2301B4F12FBB7EED0D26EF3AE2CBC469
Requests: 19 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb2ef676-3640-4b82-83c0-e7f9b0123c2f&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3Dbb2ef676-3640-4b82-83c0-e7f9b0123c2f&isDirect=0
Frame ID: 3AED42A44DEA0305EE0862DFF1763DC8
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

306
Requests

89 %
HTTPS

37 %
IPv6

67
Domains

105
Subdomains

82
IPs

10
Countries

5045 kB
Transfer

9402 kB
Size

12
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.posts123.com/post/1325324/jovnaolhpoghawer
Title: https://www.posts123.com/post/1325324/jovnaolhpoghawer

Search URL Search Domain Scan URL

URL: https://digg.com/@sul-piu-bello-streaming-ita-altadefinizione
Title: https://digg.com/@sul-piu-bello-streaming-ita-altadefinizione

Search URL Search Domain Scan URL

URL: https://digg.com/@i-predatori-streaming-ita-altadefinizione
Title: https://digg.com/@i-predatori-streaming-ita-altadefinizione

Search URL Search Domain Scan URL

URL: https://digg.com/@trash-2020-streaming-ita-altadefinizione
Title: https://digg.com/@trash-2020-streaming-ita-altadefinizione

Search URL Search Domain Scan URL

URL: http://posts123.com/
Title: posts123.com

Search URL Search Domain Scan URL

URL: https://penzu.com/public/daa6f834

Search URL Search Domain Scan URL

URL: https://www.sabaiydee.com/

Search URL Search Domain Scan URL

URL: https://www.openlearning.com/u/luu-quj7qx/blog/10WrongAnswersToCommonOnlineCasinoGuideQuestionsDoYouKnowTheRightOnes/

Search URL Search Domain Scan URL

URL: https://bit.ly/3gb7FKn

Search URL Search Domain Scan URL

URL: https://ipsnews.net/business/2021/06/10/jibe-cbd-gummies-reviews-pros-cons-real-price-for-sale-benefits/

Search URL Search Domain Scan URL

URL: https://www.theamericanreporter.com/vtl-max-male-enhancement-reviews-2021-scam-alert-pills-price-benefits/

Search URL Search Domain Scan URL

URL: https://www.diytransport.com/

Search URL Search Domain Scan URL

URL: https://uberant.com/article/1593531-the-cheap-nfl-jerseys-awards:-the-best,-worst,-and-weirdest-things-weve-seen/

Search URL Search Domain Scan URL

URL: https://pbase.com/topics/w8crbai115/theultim083

Search URL Search Domain Scan URL

URL: https://provincialfabrichousensw.blogspot.com/2021/05/a-simple-guide-to-buying-from-online.html

Search URL Search Domain Scan URL

URL: http://mactel.pbworks.com/w/page/145142643/hone%20bill%20shows%20some%20hidden%20charges

Search URL Search Domain Scan URL

URL: https://realearnmoney.com/how-to-make-money-on-twitch-2021/

Search URL Search Domain Scan URL

URL: https://www.cpdn.org/cpdnboinc/team_display.php?teamid=23767

Search URL Search Domain Scan URL

URL: https://forms.idoc.idaho.gov/Forms/handlers/downloadattachment.ashx?req=DownLoad&aid=366580&authkey=670fa117-dcc5-428e-9a40-d749637aa167

Search URL Search Domain Scan URL

URL: https://forms.idoc.idaho.gov/Forms/handlers/downloadattachment.ashx?req=DownLoad&aid=366580&authkey=
Title: https://forms.idoc.idaho.gov/Forms/handlers/downloadattachment.ashx?req=DownLoad&aid=366580&authkey=

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png HTTP 301
https://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png

Request Chain 40

http://4mark.disqus.com/embed.js HTTP 301
https://4mark.disqus.com/embed.js

Request Chain 45

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 85

http://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71 HTTP 307
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71

Request Chain 86

http://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71 HTTP 307
https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71

Request Chain 102

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIsJenRXMwo-p8QPzonrSoK-COIZCfbx8e6S-NEVkocLFEL6BXbIdH9xmMpacP0mqQuHWnj_P6w_mNaLisYDra0E7eZKZI&google_gid=CAESEHl5R85IuqYG4TmJjVWxlzE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIsJenRXMwo-p8QPzonrSoK-COIZCfbx8e6S-NEVkocLFEL6BXbIdH9xmMpacP0mqQuHWnj_P6w_mNaLisYDra0E7eZKZI&google_gid=CAESEHl5R85IuqYG4TmJjVWxlzE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MTExNzUzNTYwNjMxNzczNTg1NDMyNQ%3D%3D&google_push=AYg5qPIsJenRXMwo-p8QPzonrSoK-COIZCfbx8e6S-NEVkocLFEL6BXbIdH9xmMpacP0mqQuHWnj_P6w_mNaLisYDra0E7eZKZI

Request Chain 104

https://rtb.openx.net/sync/dds?google_gid=CAESEO5F-4v5hBYFKIulk0ajjd0&google_cver=1&google_push=AYg5qPL9hIy68caV_R4lalEuqj6NwmGqPATOtas9nB4BI3ft6dQ-lb9cjCzT-BpMNZVkvCWlFAiT3oZ-l8eBNqm5WK4YVga64cI HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEO5F-4v5hBYFKIulk0ajjd0&google_cver=1&google_push=AYg5qPL9hIy68caV_R4lalEuqj6NwmGqPATOtas9nB4BI3ft6dQ-lb9cjCzT-BpMNZVkvCWlFAiT3oZ-l8eBNqm5WK4YVga64cI&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL9hIy68caV_R4lalEuqj6NwmGqPATOtas9nB4BI3ft6dQ-lb9cjCzT-BpMNZVkvCWlFAiT3oZ-l8eBNqm5WK4YVga64cI&google_hm=dbMZl1VaxJkMDZV4l3n2Lw==

Request Chain 105

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEDFyyoyILWcBa1BNVxSk0w&google_cver=1&google_push=AYg5qPKhWUe5CS9UuXnmjxAI1ea3-_TbWt7wq6Q8tK0pTU34MecIi9UEY5svqpgSFLCsAM-s1J9v6XPIeB7XwRVq8flOVqJdTQc HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEDFyyoyILWcBa1BNVxSk0w&google_cver=1&google_push=AYg5qPKhWUe5CS9UuXnmjxAI1ea3-_TbWt7wq6Q8tK0pTU34MecIi9UEY5svqpgSFLCsAM-s1J9v6XPIeB7XwRVq8flOVqJdTQc&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wda5O43bTBqBZAKgCkUg9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKhWUe5CS9UuXnmjxAI1ea3-_TbWt7wq6Q8tK0pTU34MecIi9UEY5svqpgSFLCsAM-s1J9v6XPIeB7XwRVq8flOVqJdTQc

Request Chain 106

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMvwpgG2C2F_6KuhBbSm178&google_cver=1&google_push=AYg5qPLdSyz7-4LKGdN2a9XmE48-2dTXIA5vypkBeuPXDCfkuxCK_qPzfNuRHR7azMtDZkFPl4H3UBzUSK9QP6m4W9ZVP2tLzgU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BTTVBJTkEtWS0yMjA1&google_push=AYg5qPLdSyz7-4LKGdN2a9XmE48-2dTXIA5vypkBeuPXDCfkuxCK_qPzfNuRHR7azMtDZkFPl4H3UBzUSK9QP6m4W9ZVP2tLzgU

Request Chain 107

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8

Request Chain 140

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1623434035685&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71&c9=http%3A%2F%2Fwww.4mark.net%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1623434035685&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71&c9=http%3A%2F%2Fwww.4mark.net%2F

Request Chain 141

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1623434035686&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dbottom%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71&c9=http%3A%2F%2Fwww.4mark.net%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1623434035686&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dbottom%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71&c9=http%3A%2F%2Fwww.4mark.net%2F

Request Chain 207

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCLTGjoYGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJDuHbJ9eo7cF0LFZZ5W8Oc&google_cver=1

Request Chain 210

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac34t5n633mvo80i&ret=img&ref=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=fdff1cf0-cadd-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac34t5n633mvo80i&ret=img&ref=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer

Request Chain 220

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP 307
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

Request Chain 225

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=1216095245932084365 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=44d84a50-dcb7-4328-b772-ef66d2fd159b%3A1623434036.33&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc34t5n633mvo80i HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c34t5n633mvo80i HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1216095245932084365

Request Chain 226

https://p.rfihub.com/cm?pub=39342&in=1&userid=44d84a50-dcb7-4328-b772-ef66d2fd159b%3A1623434036.33&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597495802323350 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c34t5n633mvo80i HTTP 307
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=8xWmlemM670wM4H1kf4qbQIPQNNSoWYU

Request Chain 240

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32b7dd62-9391-43cf-8213-e782bd3834ec HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32b7dd62-9391-43cf-8213-e782bd3834ec&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3D32b7dd62-9391-43cf-8213-e782bd3834ec&isDirect=0

Request Chain 243

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=87fa10bb-4d79-51a2-b56e-b0e3d5ad13d5

Request Chain 245

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=RpAxCraeMY3T&ev=1&orig=trc&pid=562107

Request Chain 246

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1216095245932084365&orig=trc

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK2PgWOJk-xC5o7neh3KfNs&google_cver=1

Request Chain 249

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5

Request Chain 250

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c276a701-c2b7-49d7-958b-350822c9cd09

Request Chain 251

https://ce.lijit.com/merge?pid=42&3pid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 255

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4f08d9e8-b53a-4c84-b83e-655c648f57fd

Request Chain 256

https://id5-sync.com/s/464/9.gif?puid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/6/2.gif?puid=dadc7bc0-8577-4708-a379-c2dd9c4e9a63&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZY6ZnVZRjdBpibTppSqbHYT-c9FBPIPS5rkAkg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZY6ZnVZRjdBpibTppSqbHYT-c9FBPIPS5rkAkg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/5/3.gif?puid=7ea4cdcb-2d6a-476e-bf34-d3c44ea94999&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/4/4.gif?puid=e_dff3debe-5825-47f0-833b-ebcd3e3bb2f3&gdpr=1&gdpr_consent= HTTP 302
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
https://id5-sync.com/c/464/9/3/5.gif?puid=jYf2FCQs5bCOgqCGAMNc5s_KW23OgEJ1IXZZgOcDsas&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESED3fTS7P7aHtIiAm0w6WH08&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESED3fTS7P7aHtIiAm0w6WH08&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1216095245932084365&opid=apx&ops=&utidl=tech:goo:CAESED3fTS7P7aHtIiAm0w6WH08&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A18027972446&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Request Chain 257

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=aYYWKXFoCiK471LwNqPDYA

Request Chain 259

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a551a1b0-3f37-40da-86fb-45f13f77362d&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fe9ac2b9-2d22-44ec-9cee-051ae2583d67

Request Chain 275

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb2ef676-3640-4b82-83c0-e7f9b0123c2f HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb2ef676-3640-4b82-83c0-e7f9b0123c2f&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3Dbb2ef676-3640-4b82-83c0-e7f9b0123c2f&isDirect=0

Request Chain 276

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=5b41a688-9af3-51a2-a934-fe63c9f75d55

Request Chain 278

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kPyjJ0gD9idX&ev=1&orig=trc&pid=562107

Request Chain 279

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5

Request Chain 280

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4f08d9e8-b53a-4c84-b83e-655c648f57fd

Request Chain 281

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ETwYeMU5AkKeHyj8NqPDYA

Request Chain 283

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=ba4ca459-0781-446d-ad6c-963759838fcc&ssp=taboola&user_group=1 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fe9ac2b9-2d22-44ec-9cee-051ae2583d67

Request Chain 286

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1216095245932084365&orig=trc

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK2PgWOJk-xC5o7neh3KfNs&google_cver=1

Request Chain 289

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c276a701-c2b7-49d7-958b-350822c9cd09

Request Chain 294

https://id5-sync.com/s/464/9.gif?puid=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/6/2.gif?puid=dadc7bc0-8577-4708-a379-c2dd9c4e9a63&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZY6ZnVZRjdBpibTppSqbHYT-c9FBPIPS5rkAkg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZY6ZnVZRjdBpibTppSqbHYT-c9FBPIPS5rkAkg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/5/3.gif?puid=7ea4cdcb-2d6a-476e-bf34-d3c44ea94999&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/4/4.gif?puid=e_dff3debe-5825-47f0-833b-ebcd3e3bb2f3&gdpr=1&gdpr_consent= HTTP 302
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
https://id5-sync.com/c/464/9/3/5.gif?puid=y9S5glO2BK8usxAodgStCt_Y-Mk5GyD90tylyl3ljLI&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESED3fTS7P7aHtIiAm0w6WH08&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESED3fTS7P7aHtIiAm0w6WH08&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1216095245932084365&opid=apx&ops=&utidl=tech:goo:CAESED3fTS7P7aHtIiAm0w6WH08&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A18027972446&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

306 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request jovnaolhpoghawer Show response
www.4mark.net/story/3165183/ 31 KB
9 KB 279ms
263ms Document
text/html 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e71e2e3d169ca8921057cd600e8c0ed982c91cac1ac9c799389357ebc0e3511a

Request headers

Host: www.4mark.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Length: 9408

GET
H/1.1 200
OK css
fonts.googleapis.com/ 10 KB
1 KB 23ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8afdde25674d742bf5bb60d7325fc5d48ed80ffc6613c78167d7030ed7863089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 11 Jun 2021 17:53:54 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Fri, 11 Jun 2021 17:53:54 GMT

GET
H/1.1 200
OK bootstrap.css
www.4mark.net/css/ 118 KB
26 KB 43ms
33ms Stylesheet
text/css 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/bootstrap.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0e430441e9833f9e3b9219b4837068670afbb50171678365b95f45de9291b632

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "bb8f5bc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 26754

GET
H/1.1 200
OK normalize.min.css
www.4mark.net/css/ 2 KB
2 KB 60ms
44ms Stylesheet
text/css 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/normalize.min.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3822b897f1eb08ba5e7afa130a0866d2616b80db9de763b21bc555c4aec1d52d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "98f25dc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1361

GET
H/1.1 200
OK font-awesome.min.css
www.4mark.net/css/ 165 KB
79 KB 56ms
39ms Stylesheet
text/css 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/font-awesome.min.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8c07db0f8c47b64b9ff91a2201556577db2737e2db7f0b0b4f1cbe5920a03a81

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "98f25dc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK animate.css
www.4mark.net/css/ 57 KB
8 KB 61ms
44ms Stylesheet
text/css 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/animate.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b7f115b1794b5c090c8632d5abe2a32bf54a0c4e0845eeb7b6e41ddd45bbced9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "bb8f5bc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 8196

GET
H/1.1 200
OK templatemo-misc.css
www.4mark.net/css/ 2 KB
999 B 60ms
43ms Stylesheet
text/css 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/templatemo-misc.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 59433eae456916d07b9af106cd6e5a39e9ca36b2e23e3836c4557e33a8476a56

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "8e5460c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 676

GET
H/1.1 200
OK templatemo-style.css
www.4mark.net/css/ 19 KB
5 KB 53ms
37ms Stylesheet
text/css 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/templatemo-style.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3f2edf41a656bd4427e323267e8e4ffed4eb9005b2496152a2b38297bd9c3c99

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "8e5460c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 4858

GET
H/1.1 200
OK modernizr-2.6.2.min.js Show response
www.4mark.net/js/vendor/ 15 KB
8 KB 90ms
32ms Script
application/javascript 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/vendor/modernizr-2.6.2.min.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "88408bc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 7483

GET
H/1.1 200
OK jquery-1.9.1.js Show response
code.jquery.com/ 262 KB
78 KB 15ms
7ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.9.1.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-4185d"
Vary: Accept-Encoding
X-HW: 1623434034.dop230.fr8.t,1623434034.cds250.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 79506

GET
H/1.1 200
OK jquery-ui.js Show response
code.jquery.com/ui/1.10.3/ 426 KB
105 KB 15ms
7ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/ui/1.10.3/jquery-ui.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Server: nginx
ETag: W/"54499a48-6a684"
Vary: Accept-Encoding
X-HW: 1623434034.dop209.fr8.t,1623434034.cds209.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 106766

GET
H/1.1 200
OK star-rating.css
www.4mark.net/css/ 755 B
692 B 78ms
25ms Stylesheet
text/css 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/css/star-rating.css
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ef1405f179fa8657a3f496b3007bcc32bc1ded77779fcaf2f61fc4d60d905b07

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "98f25dc8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 369

GET
H/1.1 200
OK custom.js Show response
www.4mark.net/js/ 3 KB
2 KB 90ms
30ms Script
application/javascript 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/custom.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f63eebfcadb7e00204c9d5100d6c791391ef0df2c17d8d38af013e4b9c864b0e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "40f3cea6a15d61:0"
Last-Modified: Sat, 18 Apr 2020 10:19:59 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1508

GET
H/1.1 200
OK buttons.js Show response
w.sharethis.com/button/ 59 KB
17 KB 47ms
19ms Script
application/javascript 2600:9000:211a:c400:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w.sharethis.com/button/buttons.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 2600:9000:211a:c400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 04:24:35 GMT
Content-Encoding: gzip
Age: 221359
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16639
Server: nginx/1.16.1
ETag: W/"60256fd0-eabe"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
Cache-Control: max-age=259200
X-Amz-Cf-Pop: VIE50-C2
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: U5ZZCxMEKpiHR6Al36thePa6qbO4bY_vWuxX8wrlibKx-2atl9Nxhg==
Expires: Sat, 12 Jun 2021 04:24:35 GMT

GET
H/1.1 200
OK logo.gif
www.4mark.net/images/ 48 KB
48 KB 43ms
31ms Image
image/gif 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/logo.gif
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1e10af313c557dc0079253e5a343699e49106acfe441fe006c742c1b0ce51a0d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2dcb75c8e4ed31:0"
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 48661

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 35ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b10336dfd25f2124f44e5c6e0003c3ea4c8b250f198791a052aa999bcf02e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 11 Jun 2021 17:53:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9057635387429138617
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48391
X-XSS-Protection: 0
Expires: Fri, 11 Jun 2021 17:53:54 GMT

GET
H/1.1 200
OK no-photo.jpg
www.posts123.com/images/ 1 KB
2 KB 140ms
24ms Image
image/jpeg 5.175.3.206
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.posts123.com/images/no-photo.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 5.175.3.206 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: vs226095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 93eecd05275c8a2511850e68ee31978b955f9b3685124433e5a53c939d506c96

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:14 GMT
Last-Modified: Thu, 12 Mar 2020 17:40:44 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6377ab5b95f8d51:0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1494

GET
H2 200 daa6f834
penzu.com/public/ 0
0 335ms
110ms Image
text/html 34.232.169.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://penzu.com/public/daa6f834
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.169.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-169-188.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 Download-Taiwan-VPN-Plugin-for-OpenVPN-3.4.2-APK-75x75.png
www.sabaiydee.com/wp-content/uploads/2021/06/ 3 KB
3 KB 79ms
19ms Image
image/png 2606:4700:3035::ac43:8768
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sabaiydee.com/wp-content/uploads/2021/06/Download-Taiwan-VPN-Plugin-for-OpenVPN-3.4.2-APK-75x75.png

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:8768 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2c65c21c546b55123d3d20906879b2b4864738989bf7b46f755f3eb7b7adb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 77
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2887
cf-request-id: 0a9dce95ca00004a56c2a30000000001
last-modified: Sat, 05 Jun 2021 01:50:17 GMT
server: cloudflare
etag: "60bad859-b47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4D5aCCAHzE6KZJInlC1L1%2BcY3JqFAk%2FXKLTHuO4tOOHbIpVXe%2BZ9SMLBuSfSZUc8TUjsZRJzldAcwGbUxveMdpSGIAeuKrGpblixrG9o%2BAjg2cGnhejBYP6Dbb0YpnY0ZQmOka96n%2Bj3ufQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 65dcb39c7ca14a56-FRA
expires: Sun, 11 Jul 2021 17:52:37 GMT

GET
H/1.1 200
OK AreYouSerious_AsiagoPappercorn_1_1200x1200.jpg
cdn.shopify.com/s/files/1/0236/2012/4752/products/ 207 KB
208 KB 172ms
137ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://cdn.shopify.com/s/files/1/0236/2012/4752/products/AreYouSerious_AsiagoPappercorn_1_1200x1200.jpg?v=1615916525

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19145-FRA /

Resource Hash

afedf9c11d31c952d34d1ae8437f62fd4ba216e1c26cffcfec4a23b0c47db670

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
X-CDN: Fastly, http1
X-Dc: gcp-us-central1
X-Cache: HIT, MISS
Connection: keep-alive
Content-Length: 211862
X-Xss-Protection: 1; mode=block
X-Request-Id: b1ca0315ca568ba7be226c3f67cbdb249eb2c18c1467c4981da518a8c3815984
X-Served-By: cache-lga21946-LGA, cache-fra19145-FRA
Last-Modified: Fri, 11 Jun 2021 17:17:22 GMT
Server: cache-fra19145-FRA
X-Timer: S1623434035.616453,VS0,VE123
Date: Fri, 11 Jun 2021 17:53:54 GMT
Vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
Content-Type: image/webp
Access-Control-Allow-Origin: *
Expires: Sat, 11 Jun 2022 17:17:21 GMT
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Link: <https://cdn.shopify.com/s/files/1/0236/2012/4752/products/AreYouSerious_AsiagoPappercorn_1_1200x1200.jpg>; rel="canonical"
X-Cache-Hits: 1, 0

GET
H2

404

tria.png
ipsnoticias.net/wp-content/themes/ips-spa/images/
Redirect Chain

http://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png
https://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png

0
0

1056ms
564ms

Image
text/html

179.43.113.26
Dattatec.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 179.43.113.26 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS: sd-1919030-l.dattaweb.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date: Fri, 11 Jun 2021 17:53:54 GMT
Server: Apache
X-Powered-By: PHP/7.4.14
Transfer-Encoding: chunked
Upgrade: h2,h2c
Location: https://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=100
X-Redirect-By: WordPress
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Capture-14.png
i2.wp.com/www.theamericanreporter.com/wp-content/uploads/2021/05/ 222 KB
223 KB 74ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.theamericanreporter.com/wp-content/uploads/2021/05/Capture-14.png?fit=688%2C393&ssl=1

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a5ff475f9c22440bd946ea12b2365c8ef0b90dcec2007e55510b476d41e7b597

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 11 Jun 2021 17:53:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 06:40:00 GMT
server: nginx
etag: "51a5d5a3c8a003ed"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.theamericanreporter.com/wp-content/uploads/2021/05/Capture-14.png>; rel="canonical"
content-length: 227346
expires: Sat, 10 Jun 2023 18:40:00 GMT

GET
H2 200 Easy-shop-banner-gif.gif
diytransport.com/wp-content/uploads/ 189 KB
190 KB 418ms
123ms Image
image/gif 35.196.153.42
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diytransport.com/wp-content/uploads/Easy-shop-banner-gif.gif
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.153.42 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 42.153.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6f628aa75039a3417d1d1e439acbc5b0338500d14e44fd354b8ea14b17916e43

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:54 GMT
last-modified: Wed, 12 May 2021 23:25:44 GMT
server: nginx
etag: "609c63f8-2f51d"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 193821

GET
H2 200 badge7-300x300.jpg
uberant.com/images/badges/ 14 KB
14 KB 440ms
120ms Image
image/jpeg 69.16.238.134
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uberant.com/images/badges/badge7-300x300.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.238.134 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.interfuse1.com
Software: Apache /
Resource Hash: 2893f77eba4141e525b48695ade3adbe09acc35f2d91cf3f7bd9cf7404d9dd34

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:54 GMT
last-modified: Thu, 15 Dec 2016 23:19:08 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14420
expires: Sun, 11 Jul 2021 17:53:54 GMT

GET
H2 200 m_pbase.gif
ap1.pbase.com/site/ 1 KB
1 KB 115ms
37ms Image
image/gif 13.32.2.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap1.pbase.com/site/m_pbase.gif
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-89.vie50.r.cloudfront.net
Software: Apache/2.4.34 () /
Resource Hash: 2c0f435fca8cf8a0382da15ab8e1f25e0d3bfb6939c2c7f8b4f8fcf8d5a1e819

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:52:00 GMT
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
last-modified: Wed, 06 Feb 2019 03:28:26 GMT
server: Apache/2.4.34 ()
age: 273
etag: "431-58131519c0a37"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 1073
x-amz-cf-id: S05wM91f_o-L4VZb1Z4p6T-Tbunr-IDOe1XUrPuoSMrFo6GxaliAHw==

GET
H2 200 emboridery-brown-.png
1.bp.blogspot.com/-jkr-RTV0b0I/YLPNQKzBEnI/AAAAAAAAAAM/kijrW8twezcoyPteIJWtmZ_OylHS7IrrgCLcBGAsYHQ/w1200-h630-p-k-no-nu/ 675 KB
675 KB 28ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-jkr-RTV0b0I/YLPNQKzBEnI/AAAAAAAAAAM/kijrW8twezcoyPteIJWtmZ_OylHS7IrrgCLcBGAsYHQ/w1200-h630-p-k-no-nu/emboridery-brown-.png

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad3dfa52f49c4d1fa322fc1371f0f617ccaf991456640e5ffeffee9cf6c03d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:50:43 GMT
x-content-type-options: nosniff
age: 191
content-disposition: inline;filename="emboridery-brown-.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 690747
x-xss-protection: 0
server: fife
etag: "v4"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 12 Jun 2021 17:50:43 GMT

GET
H2 200 home_hero.jpg
www.mactel.ca/assets/vendor/img/home/ 97 KB
98 KB 942ms
167ms Image
image/jpeg 162.144.0.108
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mactel.ca/assets/vendor/img/home/home_hero.jpg

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.144.0.108 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-144-0-108.unifiedlayer.com

Software

Apache /

Resource Hash

1a1c450df47bd35d38d3d744036a9de016b30f360535979ace68cc2f14cc7be5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
last-modified: Thu, 03 Sep 2020 19:07:12 GMT
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 99101
server: Apache
content-type: image/jpeg

GET
H2 200 How-to-Make-Money-on-Twitch-2021.jpg
realearnmoney.com/wp-content/uploads/2021/04/ 57 KB
57 KB 628ms
302ms Image
image/jpeg 162.0.209.115
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://realearnmoney.com/wp-content/uploads/2021/04/How-to-Make-Money-on-Twitch-2021.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.115 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium171-5.web-hosting.com
Software: Apache / W3 Total Cache/2.1.2
Resource Hash: 0bae6cd2133098c754007d9037e7079d685dfd82fcce02f25605753058585dea

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 11 Jun 2021 17:53:55 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 25 Apr 2021 19:55:41 GMT
server: Apache
x-powered-by: W3 Total Cache/2.1.2
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 58345
etag: "e3e9-5c0d169f1c2c7"
expires: Sat, 11 Jun 2022 17:53:55 GMT

GET
H/1.1 200
OK team_display.php
www.cpdn.org/cpdnboinc/ 0
0 172ms
87ms Image
text/html 129.67.193.7
JANET Jisc Servic...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cpdn.org/cpdnboinc/team_display.php?teamid=23767
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.67.193.7 Oxford, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS: caerus.oerc.ox.ac.uk
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK downloadattachment.ashx
forms.idoc.idaho.gov/Forms/handlers/ 0
0 804ms
321ms Image
application/pdf 164.165.7.69
STATE-OF-IDAHO-SE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forms.idoc.idaho.gov/Forms/handlers/downloadattachment.ashx?req=DownLoad&aid=366580&authkey=670fa117-dcc5-428e-9a40-d749637aa167
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 164.165.7.69 Meridian, United States, ASN54885 (STATE-OF-IDAHO-SECONDARY-ASN, US),
Reverse DNS: forms.idoc.idaho.gov
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b10336dfd25f2124f44e5c6e0003c3ea4c8b250f198791a052aa999bcf02e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48391
x-xss-protection: 0
server: cafe
etag: 9057635387429138617
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 17:53:54 GMT

GET
H/1.1 200
OK cookies.js Show response
www.4mark.net/js/ 2 KB
2 KB 27ms
26ms Script
application/javascript 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/cookies.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9dc03012086ebf3cf2d0a97afe111b567678711ae1ab60e58bdedb16a4fbf143

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "5fe429ae6dd2d31:0"
Last-Modified: Thu, 12 Apr 2018 14:51:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1262

GET
H/1.1 200
OK jquery-1.10.1.min.js Show response
www.4mark.net/js/vendor/ 91 KB
41 KB 27ms
27ms Script
application/javascript 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/vendor/jquery-1.10.1.min.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "88dd88c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 41691

GET
H/1.1 200
OK jquery.easing-1.3.js Show response
www.4mark.net/js/ 8 KB
3 KB 43ms
31ms Script
application/javascript 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/jquery.easing-1.3.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "b97c86c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2541

GET
H/1.1 200
OK bootstrap.js Show response
www.4mark.net/js/ 54 KB
16 KB 45ms
32ms Script
application/javascript 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/bootstrap.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a9d250db6b377dcc698f55167295d617b6eee4d5936121ff91eca5e7e140c361

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "b97c86c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 15854

GET
H/1.1 200
OK plugins.js Show response
www.4mark.net/js/ 53 KB
12 KB 44ms
32ms Script
application/javascript 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/plugins.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c308c8fddf687a0c3d845d86333d3a596d62579f4551e41c6addccac8c73906c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "88dd88c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 12331

GET
H/1.1 200
OK main.js Show response
www.4mark.net/js/ 470 B
729 B 40ms
28ms Script
application/javascript 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/js/main.js
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2a26cfdb9775a00de1ff890c8d1cc78036be9cafa7ef4a659182259edd4413f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Content-Encoding: gzip
ETag: "88dd88c8e4ed31:0"
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 392

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
15 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 18:15:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:19 GMT
Server: sffe
Age: 257903
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14440
X-XSS-Protection: 0
Expires: Wed, 08 Jun 2022 18:15:31 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 66ms
23ms Script
application/javascript 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 01:26:09 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 232065
etag: W/"60257011-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: VIE50-C2
x-robots-tag: noindex, nofollow
content-length: 18815
x-amz-cf-id: dbs_vvResz0oq2P6QbkGKsW7wAhZdHbzjGDcgsFuJB-nBq8ZLZsz1Q==
expires: Sat, 12 Jun 2021 01:26:09 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.4mark.net/fonts/ 43 KB
44 KB 27ms
27ms Font
font/x-woff 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4mark.net/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Pragma: no-cache
Origin: http://www.4mark.net
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4mark.net/css/font-awesome.min.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://www.4mark.net
Referer: http://www.4mark.net/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "bc1a65c8e4ed31:0"
Content-Type: font/x-woff
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 44432

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 07:31:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:50 GMT
Server: sffe
Age: 296556
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15112
X-XSS-Protection: 0
Expires: Wed, 08 Jun 2022 07:31:18 GMT

GET
H/1.1

200
OK

embed.js Show response
4mark.disqus.com/
Redirect Chain

http://4mark.disqus.com/embed.js
https://4mark.disqus.com/embed.js

75 KB
25 KB

233ms
179ms

Script
application/javascript

151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://4mark.disqus.com/embed.js

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

bd259cf2645aec751e58b90c318412801ea956709108f34bfb81ed63453c421f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:54 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24749

Redirect headers

Date: Fri, 11 Jun 2021 17:53:54 GMT
Server: Varnish
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: text/html
Location: https://4mark.disqus.com/embed.js
Cache-Control: public, max-age=31536000
Connection: close
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 219

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 1DD8 2 KB
1 KB 65ms
20ms Document
text/html 2600:9000:206e:1000:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:1000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Fri, 11 Jun 2021 17:25:19 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: vh44Gr8NptUCKjnNeT3zG2XP1uK8Z5SdkO39jVo93uPgN6VRJJoHaQ==
age: 1715

GET
H/1.1 200
OK star.png
www.4mark.net/images/ 3 KB
3 KB 27ms
27ms Image
image/png 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/star.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/css/star-rating.css
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ba5fe7ace3d49a823dc7393554fe97845d73972c3d6f7d0d1a514894a79af1da

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.4mark.net/css/star-rating.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/css/star-rating.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "752e78c8e4ed31:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2791

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v20/ 9 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFUZ0bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 20:43:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:20 GMT
Server: sffe
Age: 249020
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9400
X-XSS-Protection: 0
Expires: Wed, 08 Jun 2022 20:43:34 GMT

GET
H/1.1 200
OK link.png
www.4mark.net/images/ 25 KB
25 KB 27ms
27ms Image
image/png 5.175.5.64
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4mark.net/images/link.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 5.175.5.64 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs235095.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4b3e60fd6e52b6e4e0a3235609611b8bfa0d5c91c7c578ea1673857b94a45fdd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4mark.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4mark.net/story/3165183/jovnaolhpoghawer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:54:16 GMT
Last-Modified: Sun, 06 Aug 2017 18:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2dcb75c8e4ed31:0"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 25735

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

8ms
7ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1262
date: Fri, 11 Jun 2021 17:32:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 11 Jun 2021 19:32:52 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4mark.net
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 08 Jun 2021 22:36:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 18 May 2021 21:21:26 GMT
Server: sffe
Age: 242236
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14956
X-XSS-Protection: 0
Expires: Wed, 08 Jun 2022 22:36:38 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ 231 KB
85 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2246361437356141&plah=www.4mark.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87427
x-xss-protection: 0
server: cafe
etag: 18285230650351733317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 17:53:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 19CD 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 11 Jun 2021 13:03:54 GMT
expires: Fri, 25 Jun 2021 13:03:54 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
age: 17400
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 20ms
20ms Stylesheet
text/css 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 12:25:38 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
age: 19697
etag: W/"60257012-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: VBQrYcy_NI33JgS3nR55RHdn08PE1Lb9u38-f7StcW3iQQRKqnIv5A==

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 117 B
363 B 391ms
105ms Script
text/javascript 3.209.191.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&cb=stButtons.processCB&wd=true
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.191.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-191-86.compute-1.amazonaws.com
Software: / Express
Resource Hash: 0547893c70d3047b075ad887fff14ea6efaeaca85a5d39f4056c6c804ae6519c

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
Cache-Control: public, max-age=900
ETag: 61ccafecd6f64b8b2517b241e2894818
Connection: keep-alive
X-Powered-By: Express
Content-Length: 117
Content-Type: text/javascript; charset=utf-8

GET
H2 200 sharethis_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 24ms
22ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/sharethis_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 10363608
etag: "60256fcb-539"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1337
x-amz-cf-id: SFg2C5NmPGBfOdJFQkqvNJWI-28W6N1M-BoHAY8TPcMMXLUiwJW3ng==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 googleplus_32.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 24ms
22ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/googleplus_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 10363608
etag: "60256fcb-9a4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2468
x-amz-cf-id: evoDzfLqt-_YApj3A_PHOnLXwFag6so1Ptr4D75bcC1QuQ3UJp_YTg==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 facebook_32.png
ws.sharethis.com/images/2017/ 1 KB
1 KB 24ms
22ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 13:47:21 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 7185993
etag: "60256fcb-497"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1175
x-amz-cf-id: IC_O9yuSX_YkgEiLhRgPmDBqJkG99A0yJwkAeP7al4rG6djb0vjGwg==
expires: Sun, 20 Mar 2022 13:47:21 GMT

GET
H2 200 twitter_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 24ms
23ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 17:50:23 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 3801811
etag: "60256fcb-53a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1338
x-amz-cf-id: a7FiW5qRCV6S4KzWVX5kqVGc_aeRq0WGDtgVrj1KywDcfvhwX1Bb2A==
expires: Thu, 28 Apr 2022 17:50:23 GMT

GET
H2 200 pinterest_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 24ms
23ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/pinterest_32.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 10363608
etag: "60256fcb-59b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1435
x-amz-cf-id: yOX3dUzSVhn0ZuDdCuI06XeXvxfIBC5yRtemzda_MUqH8Pe07JQglw==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 sharethis_counter.png
ws.sharethis.com/images/2017/ 3 KB
3 KB 24ms
23ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/sharethis_counter.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 18:43:41 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 5699413
etag: "60256fcb-a58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2648
x-amz-cf-id: vjO29c9qEpDg6sB5Lm3hbpr__Gw8VyWNtlTqp7FMPTct02NwySv3Nw==
expires: Wed, 06 Apr 2022 18:43:41 GMT

GET
H2 200 facebook_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 24ms
23ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 10363608
etag: "60256fcb-977"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2423
x-amz-cf-id: gUL2Nt8jAtnOxcB2JP_rMqKgXhC-cP3FEte2hawc4Y9dNmhQMJrgjg==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 twitter_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 24ms
23ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_counter.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 10363608
etag: "60256fcb-9ae"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2478
x-amz-cf-id: TC-rRPE2ZNJ8oHGVsUF5tH5y4CxHtBQz6JfD6KX8ND5agP1I-cLbbg==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 pinterest_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 24ms
23ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/pinterest_counter.png
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 47c1ac2e88d06479a7bda88be7c0c01bf368aaa0bed4d894e6c2c179b0ce6357

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:16:47 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 3699427
etag: "60256fcb-8b6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2230
x-amz-cf-id: armR30_loEIr2OnUdAOLwNO_TFymkRgEgDS_FAoFw8702omecKdjqw==
expires: Fri, 29 Apr 2022 22:16:47 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
334 B 102ms
25ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1623434034571.32500&hostname=www.4mark.net&location=%2Fstory%2F3165183%2Fjovnaolhpoghawer&product=widget&fcmp=false&fcmpv2=false&publisher=a0b77922-91c2-48a2-9e56-195a26ce8cfa&bsamesite=true&consent_cookie_duration=190&consent_duration=190&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&title=jovnaolhpoghawer%20%7C%20vaegaweraw3r&sop=false&description=https%3A%2F%2Fdigg.com%2F%40sul-piu-bello-streaming-ita-altadefinizione%20https%3A%2F%2Fdigg.com%2F%40i-predatori-streaming-ita-altadefinizione%20https%3A%2F%2Fdigg.com%2F%40trash-2020-streaming-ita-altadefinizione%20%C2%A0%20%C2%A0%20%7C%20posts123.com%20%7C%20Information%20and%20comments%20for%20jovnaolhpoghawer%20on%204mark.net
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:54 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://www.4mark.net
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1359294230&t=pageview&_s=1&dl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&ul=en-us&de=UTF-8&dt=jovnaolhpoghawer%20%7C%20vaegaweraw3r&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=883781344&gjid=128139460&cid=1135266042.1623434035&tid=UA-12703824-20&_gid=431473814.1623434035&_r=1&_slc=1&z=416765786

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.4mark.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bubble_arrow.png
ws.sharethis.com/secure/images/ 979 B
1 KB 21ms
20ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/secure/images/bubble_arrow.png
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe

Request headers

Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:16:34 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 1885040
etag: "60257011-3d3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 979
x-amz-cf-id: cWFyaBoGjqtbOWQTfKwJ4ktT8bDxWazKEmvkWWiiN0IvdGFvpUHRig==
expires: Fri, 20 May 2022 22:16:34 GMT

GET
H2 200 googleplus_16.png
ws.sharethis.com/images/2017/ 2 KB
2 KB 21ms
21ms Image
image/png 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/googleplus_16.png
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8

Request headers

Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:07 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 10363607
etag: "60256fcb-61f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1567
x-amz-cf-id: 7R_lq8-dIZbfqFMuHtirzhJPQZl5gRx3pSmbju9bvv-4s1CC8EREpQ==
expires: Fri, 11 Feb 2022 19:07:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 89ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.4mark.net&callback=_gfp_s_&client=ca-pub-2246361437356141

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2246361437356141&plah=www.4mark.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ca24383d54a1679861156231bbb4b306904a955a142e16b4a3bf6d0267300deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.4mark.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.4mark.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D929 20 KB
1 KB 121ms
119ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1623434034&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&ea=0&flash=0&pra=5&wgl=1&dt=1623434034702&bpp=3&bdt=287&idt=90&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2917600815681&frm=20&pv=2&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d6f6b8d7034c7f39754966e0c701d53f46ebf89e60bcb2fad0c714531b3bf64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2246361437356141&output=html&adk=1812271804&adf=3025194257&lmt=1623434034&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&ea=0&flash=0&pra=5&wgl=1&dt=1623434034702&bpp=3&bdt=287&idt=90&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2917600815681&frm=20&pv=2&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Jun 2021 17:53:54 GMT
server: cafe
content-length: 1135
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Jun-2021 18:08:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Jun 2021 17:53:54 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263566164500"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28162
x-xss-protection: 0
expires: Fri, 11 Jun 2021 17:53:54 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-12703824-20&cid=1135266042.1623434035&jid=883781344&gjid=128139460&_gid=431473814.1623434035&_u=IEBAAEAAAAAAAC~&z=8281959

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Jun 2021 17:53:54 GMT
content-type: text/plain
access-control-allow-origin: http://www.4mark.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B4A 436 B
235 B 156ms
155ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=280&slotname=8833263846&adk=3962291895&adf=30787386&pi=t.ma~as.8833263846&w=750&fwrn=4&fwrnh=100&lmt=1623434034&rafmt=1&psa=0&format=750x280&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1623434034705&bpp=2&bdt=289&idt=181&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=n6u8Gr1MYU&p=http%3A//www.4mark.net&dtd=188

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e194a07b3bf133d774beaa8077ad36cf5b73447aec78d1180d6facc0f2783da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2246361437356141&output=html&h=280&slotname=8833263846&adk=3962291895&adf=30787386&pi=t.ma~as.8833263846&w=750&fwrn=4&fwrnh=100&lmt=1623434034&rafmt=1&psa=0&format=750x280&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1623434034705&bpp=2&bdt=289&idt=181&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=571&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=n6u8Gr1MYU&p=http%3A//www.4mark.net&dtd=188
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Jun 2021 17:53:55 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Jun-2021 18:08:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Jun 2021 17:53:55 GMT
cache-control: private

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 26ms
26ms Image
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1623434034571.32500&hostname=www.4mark.net&location=%2Fstory%2F3165183%2Fjovnaolhpoghawer&product=widget&fcmp=false&fcmpv2=false&publisher=a0b77922-91c2-48a2-9e56-195a26ce8cfa&bsamesite=true&consent_cookie_duration=190&consent_duration=190&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&title=jovnaolhpoghawer%20%7C%20vaegaweraw3r&sop=false&description=https%3A%2F%2Fdigg.com%2F%40sul-piu-bello-streaming-ita-altadefinizione%20https%3A%2F%2Fdigg.com%2F%40i-predatori-streaming-ita-altadefinizione%20https%3A%2F%2Fdigg.com%2F%40trash-2020-streaming-ita-altadefinizione%20%C2%A0%20%C2%A0%20%7C%20posts123.com%20%7C%20Information%20and%20comments%20for%20jovnaolhpoghawer%20on%204mark.net&gdpr_domain=.consensu.org&gdpr_method=cookie&description=https%3A%2F%2Fdigg.com%2F%40sul-piu-bello-streaming-ita-altadefinizione%20https%3A%2F%2Fdigg.com%2F%40i-predatori-streaming-ita-altadefinizione%20https%3A%2F%2Fdigg.com%2F%40trash-2020-streaming-ita-altadefinizione%20%C2%A0%20%C2%A0%20%7C%20posts123.com%20%7C%20Information%20and%20comments%20for%20jovnaolhpoghawer%20on%204mark.net&img_pview=true
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:54 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F0B 436 B
235 B 183ms
182ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=280&slotname=8833263846&adk=1792749478&adf=1712765404&pi=t.ma~as.8833263846&w=1170&fwrn=4&fwrnh=100&lmt=1623434034&rafmt=1&psa=0&format=1170x280&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1623434034707&bpp=1&bdt=292&idt=195&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3836&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2ZegPBKMKx&p=http%3A//www.4mark.net&dtd=201

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eaa72192e6e1be9d875588d1b485a7ea34d52793f76680c30e6645a1614b9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2246361437356141&output=html&h=280&slotname=8833263846&adk=1792749478&adf=1712765404&pi=t.ma~as.8833263846&w=1170&fwrn=4&fwrnh=100&lmt=1623434034&rafmt=1&psa=0&format=1170x280&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1623434034707&bpp=1&bdt=292&idt=195&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C750x280&nras=1&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=3836&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2ZegPBKMKx&p=http%3A//www.4mark.net&dtd=201
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Jun 2021 17:53:55 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Jun-2021 18:08:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Jun 2021 17:53:55 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-12703824-20&cid=1135266042.1623434035&jid=883781344&_u=IEBAAEAAAAAAAC~&z=1291386774

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-12703824-20&cid=1135266042.1623434035&jid=883781344&_u=IEBAAEAAAAAAAC~&z=1291386774

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 20ms
19ms Other
text/css 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Requested by

Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343419
x-cache: Hit from cloudfront
content-length: 25570
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-63e2"
content-type: text/css; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: zzgVuTjJfbyeynoxtR93TOvvPgEFWLjHAKTrhHCTk9H99BwAUCQ1IA==
x-cache-hits: 0

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/ 0
93 KB 21ms
20ms Other
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343419
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: 8nMGLwcHA467i2KvYv02jbXivQuTIRm2dQIb4fzWaNiRz4bAmkJLgw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ac702132ea5e06471da27768120c5978.js
c.disquscdn.com/next/embed/ 0
118 KB 21ms
21ms Other
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Requested by

Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343419
x-cache: Hit from cloudfront
content-length: 120382
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1d63e"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: -bm0B2HRwqgfmN1GMDpgDLKg-F8TjjfB8ohvOGQ3_sFzVrVTkTrEDg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 55ms
21ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 25
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11965
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
4mark.disqus.com/ 62 KB
21 KB 159ms
159ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://4mark.disqus.com/recommendations.js

Requested by

Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

d336656fdf014272d55a63451cc0c1ca9c56a42fbbd8111b3bd8673a3b3fdc11

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20754

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.4mark.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
23ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.4mark.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 77EF 16 KB
7 KB 179ms
178ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=600&adk=1928773920&adf=3052158835&pi=t.aa~a.1654111852~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x600&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280&nras=2&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M0V1PvjSqN&p=http%3A//www.4mark.net&dtd=33

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9d8263695a9bd12a3ec574db87a9390d616e2b00b397f2c02bfb1758269d665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2246361437356141&output=html&h=600&adk=1928773920&adf=3052158835&pi=t.aa~a.1654111852~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x600&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280&nras=2&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M0V1PvjSqN&p=http%3A//www.4mark.net&dtd=33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Jun 2021 17:53:55 GMT
server: cafe
content-length: 7260
x-xss-protection: 0
set-cookie: IDE=AHWqTUmvL64tsHtsb4tm0ceLJ8FU-puCj8-Jkh3GvJHx4ZbRkp_FrK5BkOag_yFt-fU; expires=Wed, 06-Jul-2022 17:53:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Jun 2021 17:53:55 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24EF 436 B
235 B 180ms
180ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=240&adk=580979257&adf=3726972538&pi=t.aa~a.233573410~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x240&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=1&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280%2C165x600&nras=3&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=425&ady=1865&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=t9Ow1c5XZA&p=http%3A//www.4mark.net&dtd=36

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21a5dd93a5bf922d40803eaa54f2190fae4bb77a04894577b6939196612118e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2246361437356141&output=html&h=240&adk=580979257&adf=3726972538&pi=t.aa~a.233573410~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x240&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=1&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280%2C165x600&nras=3&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=425&ady=1865&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=t9Ow1c5XZA&p=http%3A//www.4mark.net&dtd=36
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Jun 2021 17:53:55 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: IDE=AHWqTUkfXHRy7mLoDSCWEWEUHoz4IXKTHjD7Djn6FLj6qt34biX6hOjEu032-FX_29Q; expires=Wed, 06-Jul-2022 17:53:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Jun 2021 17:53:55 GMT
cache-control: private

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame B164 6 KB
4 KB 148ms
148ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default

Requested by

Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

70381620e4caa586c0338ab6a56b589a17d39434418c709dc7e97d18bf440674

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.4mark.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

Connection: keep-alive
Content-Length: 2566
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Wed, 03 Feb 2021 16:38:27 GMT
ETag: W/"lounge:view:8382762038.6ebc6a838609558887882df6b2204236.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 17:53:55 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1

200
OK

/ Show response
tempest.services.disqus.com/ads-iframe/taboola/ Frame 1C86
Redirect Chain

http://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=...
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl...

28 KB
9 KB

207ms
143ms

Document
text/html

151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Requested by: Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: bb591573c6d393cd831d196e31a3b9dbeaa8d1d1c144e8e3c6940b32c607f991

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.4mark.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

Connection: keep-alive
Content-Length: 9330
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 17:53:55 GMT
Age: 0
Vary: Accept-Encoding,

Redirect headers

Location: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

/ Show response
tempest.services.disqus.com/ads-iframe/taboola/ Frame 4628
Redirect Chain

http://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceU...
https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&source...

28 KB
9 KB

208ms
146ms

Document
text/html

151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Requested by: Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 1e9604b3045b0059b1cb7b8a936ca4be4744bbcc8259e3bed441f80970f1f9a0

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.4mark.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

Connection: keep-alive
Content-Length: 9332
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 17:53:55 GMT
Age: 0
Vary: Accept-Encoding,

Redirect headers

Location: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 169ms
117ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34v0c1c3fk53tc&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=4mark&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=3668931

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 185ms
133ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34v0c1c3fk53tc&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=4mark&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=3668931

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 0
4 KB 20ms
20ms Other
text/css 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: 4mark.disqus.com
URL: https://4mark.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 10:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3138160
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 10:11:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: sZbHSThtqEashTVBYGtnzoO97ND4tNN2THKXVazNIH8GyreE9AHBTw==
x-cache-hits: 0

GET
H2 200 common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js
c.disquscdn.com/next/recommendations/ 0
87 KB 21ms
20ms Other
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Requested by

Host: 4mark.disqus.com
URL: https://4mark.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343426
x-cache: Hit from cloudfront
content-length: 88889
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-15b39"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: H3Ki_9UsS1E8n_m6UpW6htYo4oT4Bi13r4axhisx87U1PpP7SdYeQw==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js
c.disquscdn.com/next/recommendations/ 0
20 KB 21ms
20ms Other
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js

Requested by

Host: 4mark.disqus.com
URL: https://4mark.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343426
x-cache: Hit from cloudfront
content-length: 20101
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-4e85"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: 081yvkafTYbSw84JKNZdBS2HEx8vT7ntjteCZgYTra1iY7eTtto2UQ==
x-cache-hits: 0

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 033D 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CigGJM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE4wFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZlNbNwc-ZOvXGmugbl7ti5mM3oAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTIyNDYzNjE0MzczNTYxNDE&sigh=TasDeuyhbCg

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=600&adk=1928773920&adf=3052158835&pi=t.aa~a.1654111852~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x600&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280&nras=2&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M0V1PvjSqN&p=http%3A//www.4mark.net&dtd=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Jun 2021 17:53:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 033D 0
0 31ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hbsdg11mhc4d1hcmarmc7sdna3zq7egs3sgd19c31rerhhpetbhet1xf71bpa59vg9d0cys08dqyn0ys87vae2f2f40tmkd9ra9pcazvpvnf8cqzfxjxtxq9e9wyg4qdb0zn2wxvsjva4kpf4e0ssx7zgcgjxxatwbz17m49cvfgyfdv58naypra74p4dtsy7f7ynmhs4xkxqbccpek144qj07zfmh470j2d0c375rpm5pe224tee0w1k785nxw9ajc5781nh3x07t4f9vedhcjx9gpb8v79b3ph77c8g9hxpjkbpswqddreh5gqe5r4cq582ycnw1bt19888x4snnj08trpr2km1fx3xeqb13ha7xe6yst442363qkjey8xdznqy59&b=YMOjMwABLH0IFUDbAAgA9JqRzuPEhK7Bd3gYZA
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame C887 2 KB
2 KB 64ms
42ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=600&adk=1928773920&adf=3052158835&pi=t.aa~a.1654111852~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x600&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280&nras=2&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M0V1PvjSqN&p=http%3A//www.4mark.net&dtd=33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78ae44d17ca7fbcc352d2b4d6c0a0bb3ac42fcf8652b5a68d4e1cb1b43b8ae96

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a9dce985700004abcd1b8b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65dcb3a089234abc-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 033D 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Jun 2021 17:53:52 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DA85 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 10 Jun 2021 19:15:34 GMT
expires: Fri, 11 Jun 2021 19:15:34 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 81501
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 033D 122 KB
37 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263560240521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37945
x-xss-protection: 0
expires: Fri, 11 Jun 2021 17:53:55 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 033D 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:52:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Jun 2021 17:52:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 033D 0
0 13ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjO5s3o5_IB_-k2sZHElya_G81pFpkhTK32Qe0lfPqK-J6CDQQKE4L9_AKO30jK4l2POBrQJZhYHIDnOhRc3P8BaGSDg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=600&adk=1928773920&adf=3052158835&pi=t.aa~a.1654111852~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x600&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280&nras=2&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M0V1PvjSqN&p=http%3A//www.4mark.net&dtd=33
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 lounge.load.a5921af07b365f6dfd62075d2dee3735.js Show response
c.disquscdn.com/next/embed/ Frame B164 1 KB
1 KB 20ms
19ms Script
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.a5921af07b365f6dfd62075d2dee3735.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0a0c09e1e97f172c235c9dcb12dbcd2c20b6bd1bce3a0fe453b245139ededbac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343419
x-cache: Hit from cloudfront
content-length: 532
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-214"
content-type: application/javascript; charset=utf-8
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: dCywxAdSVZznhCoU7CQ-TGLce3HtL0BK7jZLgDRRXKmSx5Z4goeFrw==
x-cache-hits: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame DA85 35 B
464 B 29ms
9ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECXt-MtNfWuYVpioXTi6RkE&google_cver=1&google_push=AYg5qPLsoYlINsPCjiz97Yg8eNFpyuxct1IUTPqd_pcvBIrhTNxDiIN7fJ3qq-78sn0u2u56AkFKS1faG9RZIgcMrnryl0XGtzw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DA85
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIsJenR...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIsJenR...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MTExNzUzNTYwNjMxNzczNTg1NDMyNQ%3D%3D&google_push=AYg5qPIsJenRXMwo-p8QPzonrSoK-COIZCfbx8e6S-NEVkocLFEL6BXbIdH9xmMpacP0mq...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MTExNzUzNTYwNjMxNzczNTg1NDMyNQ%3D%3D&google_push=AYg5qPIsJenRXMwo-p8QPzonrSoK-COIZCfbx8e6S-NEVkocLFEL6BXbIdH9xmMpacP0mqQuHWnj_P6w_mNaLisYDra0E7eZKZI

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MTExNzUzNTYwNjMxNzczNTg1NDMyNQ%3D%3D&google_push=AYg5qPIsJenRXMwo-p8QPzonrSoK-COIZCfbx8e6S-NEVkocLFEL6BXbIdH9xmMpacP0mqQuHWnj_P6w_mNaLisYDra0E7eZKZI
Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:56 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame DA85 43 B
324 B 69ms
28ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENiWX5sc-wbVwAKtDvCPxw4&google_push=AYg5qPJAb-R1JaaLLAcjTTqEpZDgbm735EEWw2vhKBEtr8kVN0loDCaWlINrJqhv_8H7cTXgt80LwoSb7CliUCB8eEVGviOElQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2246361437356141&output=html&h=600&adk=1928773920&adf=3052158835&pi=t.aa~a.1654111852~rp.1&w=165&fwrn=4&fwrnh=100&lmt=1623434035&rafmt=1&to=qs&pwprc=2657778103&psa=0&format=165x600&url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623434035020&bpp=1&bdt=605&idt=-M&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0ef379b5c3842b9-22847346ddc800ad%3AT%3D1623434034%3ART%3D1623434034%3AS%3DALNI_Mb3qELc839VdAkog25A5JzO3mHchg&prev_fmts=0x0%2C750x280%2C1170x280&nras=2&correlator=2917600815681&frm=20&pv=1&ga_vid=1135266042.1623434035&ga_sid=1623434035&ga_hid=1359294230&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2919333470408819&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M0V1PvjSqN&p=http%3A//www.4mark.net&dtd=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DA85
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEO5F-4v5hBYFKIulk0ajjd0&google_cver=1&google_push=AYg5qPL9hIy68caV_R4lalEuqj6NwmGqPATOtas9nB4BI3ft6dQ-lb9cjCzT-BpMNZVkvCWlFAiT3oZ-l8eBNqm5WK4YVga64cI
https://rtb.openx.net/sync/dds?google_gid=CAESEO5F-4v5hBYFKIulk0ajjd0&google_cver=1&google_push=AYg5qPL9hIy68caV_R4lalEuqj6NwmGqPATOtas9nB4BI3ft6dQ-lb9cjCzT-BpMNZVkvCWlFAiT3oZ-l8eBNqm5WK4YVga64cI&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL9hIy68caV_R4lalEuqj6NwmGqPATOtas9nB4BI3ft6dQ-lb9cjCzT-BpMNZVkvCWlFAiT3oZ-l8eBNqm5WK4YVga64cI&google_hm=dbMZl1VaxJkMDZV4l3n2Lw==

170 B
188 B

71ms
37ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL9hIy68caV_R4lalEuqj6NwmGqPATOtas9nB4BI3ft6dQ-lb9cjCzT-BpMNZVkvCWlFAiT3oZ-l8eBNqm5WK4YVga64cI&google_hm=dbMZl1VaxJkMDZV4l3n2Lw==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:54 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL9hIy68caV_R4lalEuqj6NwmGqPATOtas9nB4BI3ft6dQ-lb9cjCzT-BpMNZVkvCWlFAiT3oZ-l8eBNqm5WK4YVga64cI&google_hm=dbMZl1VaxJkMDZV4l3n2Lw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: e9ntnq9brhkkrgnfsmddt5vitteddkl9

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DA85
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wda5O43bTBqBZAKgCkUg9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wda5O43bTBqBZAKgCkUg9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKhWUe5CS9UuXnmjxAI1ea3-_TbWt7wq6Q8tK0pTU34MecIi9UEY5svqpgSFLCsAM-s1J9v6XPIeB7XwRVq8flOVqJdTQc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Wda5O43bTBqBZAKgCkUg9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKhWUe5CS9UuXnmjxAI1ea3-_TbWt7wq6Q8tK0pTU34MecIi9UEY5svqpgSFLCsAM-s1J9v6XPIeB7XwRVq8flOVqJdTQc
date: Fri, 11 Jun 2021 17:53:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DA85
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMvwpgG2C2F_6KuhBbSm178&google_cver=1&google_push=AYg5qPLdSyz7-4LKGdN2a9XmE48-2dTXIA5vypkBeuPXDCfkuxCK_qPzfNuRHR7azMtDZkFPl4H...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BTTVBJTkEtWS0yMjA1&google_push=AYg5qPLdSyz7-4LKGdN2a9XmE48-2dTXIA5vypkBeuPXDCfkuxCK_qPzfNuRHR7azMtDZkFPl4H3UBzUSK9QP6m4W9ZVP2tLzgU

170 B
188 B

37ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BTTVBJTkEtWS0yMjA1&google_push=AYg5qPLdSyz7-4LKGdN2a9XmE48-2dTXIA5vypkBeuPXDCfkuxCK_qPzfNuRHR7azMtDZkFPl4H3UBzUSK9QP6m4W9ZVP2tLzgU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BTTVBJTkEtWS0yMjA1&google_push=AYg5qPLdSyz7-4LKGdN2a9XmE48-2dTXIA5vypkBeuPXDCfkuxCK_qPzfNuRHR7azMtDZkFPl4H3UBzUSK9QP6m4W9ZVP2tLzgU
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame DA85
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DA85 0
59 B 32ms
32ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHKisxAvzjiV1OltnrR-Z07FJnoLRLLgeaA5wBzllfIK7BY9atEE-3N3KeM73n_8FJQyyJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 8B6B 5 KB
3 KB 131ms
131ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r

Requested by

Host: 4mark.disqus.com
URL: https://4mark.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

95902542c04c4db487ed6aaa02f166006b7fb7580d68f0975e4cfb6dbf7ffb83

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.4mark.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

Connection: keep-alive
Content-Length: 2178
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Tue, 08 Dec 2020 03:04:22 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 17:53:55 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
DATA 200
OK truncated
/ Frame 033D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d94d734a63cd9e56bada53946280f54c159b740c38652f1f612593e7679f79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js Show response
c.disquscdn.com/next/embed/ Frame B164 282 KB
93 KB 20ms
19ms Script
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.a5921af07b365f6dfd62075d2dee3735.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343419
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: V1mfU379AmEbw21dI36WLsfTSbNTaDr_SMHZOeUcpSlVbJThS_EadA==
x-cache-hits: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame 1C86 253 KB
39 KB 78ms
26ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a84baeb6a4010282cee438ffc78a344f3ef1c861c58c73d5b0fa877a347af82

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1WJhxwA4Zvgt7F29mt1MVREppzzbIcGv
content-encoding: gzip
etag: "6d8e1dedc72c43a18655218b6d2fa396"
age: 99
x-cache: HIT
content-length: 39374
x-amz-id-2: dJO/vCtyormwwXKxfJXJe52bTuZqzF6kBn/gnBchNy6qiKQZGK11++yrc6SZm38ieZWCRBIUYOc=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 09:20:49 GMT
server: AmazonS3
x-timer: S1623434035.406752,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: J6X32FSXVBZ2RD3C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 98
x-cache-hits: 2

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame 4628 253 KB
39 KB 94ms
47ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a84baeb6a4010282cee438ffc78a344f3ef1c861c58c73d5b0fa877a347af82

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1WJhxwA4Zvgt7F29mt1MVREppzzbIcGv
content-encoding: gzip
etag: "6d8e1dedc72c43a18655218b6d2fa396"
age: 99
x-cache: HIT
content-length: 39374
x-amz-id-2: dJO/vCtyormwwXKxfJXJe52bTuZqzF6kBn/gnBchNy6qiKQZGK11++yrc6SZm38ieZWCRBIUYOc=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 09:20:49 GMT
server: AmazonS3
x-timer: S1623434035.406907,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: J6X32FSXVBZ2RD3C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 98
x-cache-hits: 3

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame C887 58 KB
59 KB 38ms
26ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Fri, 11 Jun 2021 17:53:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6987288
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
cf-request-id: 0a9dce98a200004e19d2b59000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0QGAb1GJNYGIBGr4IZVLYjwvYDCUTqdFzc3NmZiGgnFUfUk4EtHn%2Fn%2FZzGH1iYS58fOLRyYGm8I3Sg2bcPWuixNh9K26NOeoMA5cuFxKfJFdQPY262h%2BAwaVYYrbCSYN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 65dcb3a10e1d4e19-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame C887 36 KB
12 KB 44ms
33ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1680
x-guploader-uploadid: ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a9dce98a200004e192321e000000001
last-modified: Thu, 06 May 2021 17:25:03 GMT
server: cloudflare
etag: W/"3b814633f8af4ea4642e44435db55b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3yVrpc1f8vr2H%2B9S6YCqSxXFiRwOQFtm9vKskGm1yuFZmf6RXDqns3xF5UXE9LHMhfNJzdRPQgZa5hLne8PuCPduTZDCXlzfUtoCzJRkCeJWLPN63gSqcfm8SUWgbYYV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620321903630655
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12034
cf-ray: 65dcb3a10e184e19-FRA
expires: Fri, 11 Jun 2021 17:25:55 GMT

GET
H2 200 lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ Frame B164 158 KB
26 KB 21ms
19ms Stylesheet
text/css 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343419
x-cache: Hit from cloudfront
content-length: 25570
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-63e2"
content-type: text/css; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: EgjR4AXE92E6bRTggU3G7B7i2hrob6fKvpPWQJpdLo0DI2zFUTQdWA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ac702132ea5e06471da27768120c5978.js Show response
c.disquscdn.com/next/embed/ Frame B164 467 KB
118 KB 20ms
20ms Script
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d42a5154973ce1847b0f60cd27dbde653347daf6169ed714e2f4a71a87f33a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343419
x-cache: Hit from cloudfront
content-length: 120382
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1d63e"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: Ub2Sp3j4rmivf4Z-2yt_LrNIjRhY-nXiutjd5KF83a4Xp4JJ2HojEw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame B164 12 KB
12 KB 22ms
17ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

481e97c1373314243ac83c1b1c9f466b9ce65b95f5fd4b82538f032d976820a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 25
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11965
X-XSS-Protection: 1; mode=block

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C887 3 KB
4 KB 34ms
15ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Fri, 11 Jun 2021 17:53:55 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 191653
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
cf-request-id: 0a9dce98ea00004e55028d3000000001
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H0tDs7WkbrN5AtNBOs1sVDmNiM7VulAiRLf1I6ubotqriS33QPSYASFhnZwdP3FMk4Mekt2sHvFurmnYv5koMPQ%2Bw5N67x4TYy1AeHz3K9fgVsMjoiYUTUCuIUA%2BDsNIwC2f54T3drj4UjYoKbU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 65dcb3a17fc04e55-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 8E65 2 KB
2 KB 43ms
43ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Fri, 11 Jun 2021 18:53:55 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1630679
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0a9dce98fc00004e19348df000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RF6MNUoynTWNrJczU76GiMR4h72Li%2B5ATRehBRyCE%2FErZGpySrd6ZUpZfu7UUEfHlT8Cc0WT6Mzj830cMZsdhiulb0MgxwiZEnjVc2imgQOhyPjHx7sjxqcylVmH968r"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65dcb3a19f914e19-FRA
content-encoding: br

GET
H2 200 recommendations.load.f22fce76ee94f29aa709a0de464f3303.js Show response
c.disquscdn.com/next/recommendations/ Frame 8B6B 923 B
1021 B 21ms
20ms Script
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.f22fce76ee94f29aa709a0de464f3303.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65868622f5681b69bdab392fc96d26b6b57e966b4085e260a4d7dab6edc24acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343425
x-cache: Hit from cloudfront
content-length: 448
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1c0"
content-type: application/javascript; charset=utf-8
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: V8eZku1lfjlWyqDY0jtNjb-9s0z6UlHTSbkz7YHiCKH6FlpjPPcNXQ==
x-cache-hits: 0

GET
H2 200 impl.20210610-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 1C86 494 KB
113 KB 25ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d7e6804e0f55fa09ec9a6ea1bccd64ca993a297de1681f72e9bc761bb745861c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _g2Sf5m1MUfSS3ExvhI7urPFT8pCOUmO
content-encoding: br
etag: "c7b729478f0d3ae3cc050f11478c17a0"
age: 2761
x-cache: HIT
content-length: 115706
x-amz-id-2: vB16OI6fj5C0XrRqE051gV6XZuVxXQHEBK73mAasMPs3f8eaPatrNgN1dx/pE45jyGJJn/WtRZA=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 09:05:27 GMT
server: AmazonS3-br
x-timer: S1623434035.468553,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: CFQV3JAJA49AFCMD
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 5952

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 1C86 1 KB
2 KB 115ms
35ms Script
application/javascript 99.86.241.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-13.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:36:45 GMT
via: 1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1030
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: MCz85QLrh5cZIxib4HwGp5njgo0uNG-iqNnb3icHHtUAG87YnW3bng==

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame B164 3 KB
3 KB 114ms
114ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=4mark&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

48503c9b016f1f748ae2793d7ef479cbc0a635759b45de7d734f00e58104102d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 2823
X-XSS-Protection: 1; mode=block

GET
H2 200 impl.20210610-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 4628 494 KB
113 KB 27ms
27ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d7e6804e0f55fa09ec9a6ea1bccd64ca993a297de1681f72e9bc761bb745861c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _g2Sf5m1MUfSS3ExvhI7urPFT8pCOUmO
content-encoding: br
etag: "c7b729478f0d3ae3cc050f11478c17a0"
age: 2761
x-cache: HIT
content-length: 115706
x-amz-id-2: vB16OI6fj5C0XrRqE051gV6XZuVxXQHEBK73mAasMPs3f8eaPatrNgN1dx/pE45jyGJJn/WtRZA=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 09:05:27 GMT
server: AmazonS3-br
x-timer: S1623434036.543600,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: CFQV3JAJA49AFCMD
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 5953

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 4628 1 KB
2 KB 42ms
36ms Script
application/javascript 99.86.241.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-13.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:36:45 GMT
via: 1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1030
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: eWUQdPbYN6-TCk_qEzsn_11Be_Zjzb671VZ8D53orWEqTJ45iM8yDA==

GET
H2 200 common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js Show response
c.disquscdn.com/next/recommendations/ Frame 8B6B 262 KB
87 KB 20ms
19ms Script
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.f22fce76ee94f29aa709a0de464f3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1e73bd64edcf6b9b779802e3124b7c484db59493c8252fff3c2af5f8a0375434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343426
x-cache: Hit from cloudfront
content-length: 88889
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-15b39"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: emFma5Lqz6vg8Nlt85WMDdSd10tc7KdgYqADKxCZz5W4CovJni8SQQ==
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/survey/ Frame 03E7 14 KB
6 KB 133ms
131ms Document
text/html 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: c0a8afa7bc235a0c062ca0406d6ac37b86da87c63929147b51b8587b171d8936

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: disqus_unique=34t5n633mvo80i
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default

Response headers

Connection: keep-alive
Content-Length: 5485
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Service: router
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 17:53:55 GMT
Age: 0
Vary: Accept-Encoding,

GET
H2 200 noavatar92.png
a.disquscdn.com/1623278138/images/ Frame B164 2 KB
2 KB 54ms
15ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1623278138/images/noavatar92.png

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 73370
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: fITadvIkzkoH7M3ngtkTKplNwJGhfT5pQ5ru5uNgesi5QJM7fZ0Gsg==
expires: Sat, 10 Jul 2021 21:31:04 GMT

GET
DATA 200
OK truncated
/ Frame B164 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame B164 43 B
295 B 126ms
121ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34v0c1c3fk53tc&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=4mark&zone=thread&page_url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&page_referrer=http%3A%2F%2Fwww.4mark.net%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=3668931

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 json Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame 1C86 18 KB
7 KB 295ms
293ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=19%3A53%3A55.589&lti=deflated&data=%7B%22id%22%3A421%2C%22ii%22%3A%22%2Fstory%2F3165183%2Fjovnaolhpoghawer%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1623316830489%2C%22vi%22%3A1623434035588%2C%22cv%22%3A%2220210610-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22http%3A%2F%2Fwww.4mark.net%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A750%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A750%2C%22dh%22%3A27%2C%22qs%22%3A%22%3Fposition%3Dtop%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fwww.4mark.net%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%224mark%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fwww.4mark.net%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%224mark%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ce894f9a8a3a86374b21b089508ae83f240f907c60d5d23b545103c1d6d75be

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 267
date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: gzip
server: nginx
x-timer: S1623434036.604908,VS0,VE267
x-served-by: cache-fra19148-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://tempest.services.disqus.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame B164 13 KB
13 KB 20ms
19ms Image
image/svg+xml 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3813374
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: u94jLDgiliXpgdpQodnRV5p3MOt--6TV1C46AQketPgG7j4CL4bu_Q==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame B164 3 KB
3 KB 21ms
21ms Image
image/gif 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 11105748
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rSpwhPykWTY4P0BGq_1CjVacpSgLMhYkuTbsPGsaiLjmJIc9GJxBVw==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame B164 2 KB
2 KB 21ms
21ms Image
image/png 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 06:58:50 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4013705
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 22 Apr 2021 19:20:03 GMT
server: nginx
etag: "6081cc63-746"
content-type: image/png
access-control-allow-origin: *
expires: Tue, 26 Apr 2022 06:58:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3LZwUmepphi4HDzOyHeZLoOilByvabD-yLp5z14iWHs6r2dOdbckkw==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame B164 8 KB
8 KB 21ms
21ms Font
application/octet-stream 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3315141
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: s_mREbL5XYwffVjU4IFFHE1z06sTC_lOTZevbwrpFxKM-mwPS_yJOg==
x-cache-hits: 0

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 20ms
20ms Script
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: 4mark.disqus.com
URL: http://4mark.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3205705
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: M-UhXmomf7EsMTrIcwcK77CqYoptBP7Y0m7RMmyr1B_R9MMy83USjw==
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B164 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c218890ddb9bad5f574d6a00d9bba5b91234b684e78395f359c9f504ff33aea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HtrOLRZB0Z2QfpwvBVfX4g==
cross-origin-resource-policy: cross-origin
expires: Fri, 11 Jun 2021 18:08:25 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1782
x-fb-rlafr: 0
x-fb-debug: kbeF/Jj8VzrJus8fYc0LgaA2DvNKTTJ3/ZCgjCKakVMNdeAN2cMM48yCE8RHHEMgCWig6l1fEA34KAAkm9kWyg==
x-fb-trip-id: 686109401
x-fb-content-md5: 447f931627b7e12ea4193d717e85f921
date: Fri, 11 Jun 2021 17:53:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2dc7f25e0f4f6e907a08014122d43865"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 api.js Show response
apis.google.com/js/ Frame B164 12 KB
5 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P6fG93bu6H+dpBC6vetxNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "79224003c2b5597899d15c3a85e46734"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-P6fG93bu6H+dpBC6vetxNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 11 Jun 2021 17:53:55 GMT

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 1C86
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1623434035685&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1623434035685&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%2...

64 B
329 B

51ms
50ms

Image
image/gif

99.86.241.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1623434035685&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71&c9=http%3A%2F%2Fwww.4mark.net%2F
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-13.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Grelu0rSxaKUwgAYgtG6oI9qCtqeeV_R-Zn4epz3oXwd6nsJhNvQBA==

Redirect headers

date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1623434035685&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dtop%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71&c9=http%3A%2F%2Fwww.4mark.net%2F
content-length: 536
x-amz-cf-id: zaoIdOddajZijkrwD1mm5vci1zl2DHnZdVAXX9D--lmcqJxVWddHqg==

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 4628
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1623434035686&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dbottom...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1623434035686&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dbotto...

64 B
331 B

63ms
63ms

Image
image/gif

99.86.241.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1623434035686&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dbottom%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71&c9=http%3A%2F%2Fwww.4mark.net%2F
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-13.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: M25wpaJGtEFnHvviwcawbtx6KgAPRlFZXCyN8FLRSvm2jFOWlLBBZA==

Redirect headers

date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1623434035686&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Ftaboola%2F%3Fposition%3Dbottom%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71&c9=http%3A%2F%2Fwww.4mark.net%2F
content-length: 539
x-amz-cf-id: A4nGh9P7uhn8Of2Q1TSvcgzb02ckpIRvNungXRACmL4xc2Vtpto1WA==

GET
H2 200 json Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame 4628 14 KB
6 KB 366ms
365ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=19%3A53%3A55.717&lti=deflated&data=%7B%22id%22%3A184%2C%22ii%22%3A%22%2Fstory%2F3165183%2Fjovnaolhpoghawer%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1623316830489%2C%22vi%22%3A1623434035717%2C%22cv%22%3A%2220210610-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22http%3A%2F%2Fwww.4mark.net%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A750%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A750%2C%22dh%22%3A27%2C%22qs%22%3A%22%3Fposition%3Dbottom%26shortname%3D4mark%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%25232a80b9%26colorScheme%3Dlight%26sourceUrl%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26typeface%3Dsans-serif%26disqus_version%3D5884b71%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fwww.4mark.net%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%224mark%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22http%3A%2F%2Fwww.4mark.net%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%224mark%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db6bb8deec411d8a3162980d195f6dac39c6bd7bf56d07422fa0d9884cd5ce38

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 339
date: Fri, 11 Jun 2021 17:53:56 GMT
content-encoding: gzip
server: nginx
x-timer: S1623434036.731790,VS0,VE339
x-served-by: cache-fra19148-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://tempest.services.disqus.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame B164 13 KB
13 KB 20ms
19ms Image
image/svg+xml 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3813374
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: m-ieyHJ6njTxEusW-rTzKCHWHaj1thmPE_dwEjIajXjMvMUP7UixwA==
x-cache-hits: 0

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 8B6B 17 KB
4 KB 19ms
19ms Stylesheet
text/css 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 10:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3138160
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 10:11:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: NPnAiq-yI8Lvzi_a0rHHA75vtfvm3TTsEufSUlUlFobcFjpbwhigAA==
x-cache-hits: 0

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
601 B 194ms
187ms Image
image/gif 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=7.503054697154031
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
CF-Cache-Status: HIT
Age: 10
CF-RAY: 65dcb3a3686ed6c5-FRA
Connection: keep-alive
Content-Length: 43
x-amz-id-2: HZt5TVgQAq45JR1EYO5+vLByFMtnRD08KtfskBpAxyM4ezIEhe8YPIfl3SW66SEIG9bi7l7CuRc=
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
x-amz-request-id: MQDRM63QZQ5N3ES6
Cache-Control: max-age=15, must-revalidate
cf-request-id: 0a9dce9a260000d6c56412d000000001
Accept-Ranges: bytes
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
601 B 62ms
55ms Image
image/gif 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=7.503054697154031
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
CF-Cache-Status: HIT
Age: 10
CF-RAY: 65dcb3a36e0f4a73-FRA
Connection: keep-alive
Content-Length: 43
x-amz-id-2: HZt5TVgQAq45JR1EYO5+vLByFMtnRD08KtfskBpAxyM4ezIEhe8YPIfl3SW66SEIG9bi7l7CuRc=
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
x-amz-request-id: MQDRM63QZQ5N3ES6
Cache-Control: max-age=15, must-revalidate
cf-request-id: 0a9dce9a2500004a734d3be000000001
Accept-Ranges: bytes
Content-Type: image/gif

GET
H2 200 recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js Show response
c.disquscdn.com/next/recommendations/ Frame 8B6B 65 KB
20 KB 20ms
20ms Script
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0932077174a2d9a267a1458d40842414ee1f7c8e91b9230a9f32343b39b6587d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343426
x-cache: Hit from cloudfront
content-length: 20101
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-4e85"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: zoF6uh_NYXLU7k6pqr70dkGfljyfSEJP4LhMcnPi4OjNdQwMM2JEWQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 8B6B 12 KB
12 KB 23ms
23ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

481e97c1373314243ac83c1b1c9f466b9ce65b95f5fd4b82538f032d976820a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/recommendations/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 26
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11965
X-XSS-Protection: 1; mode=block

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B164 220 KB
65 KB 11ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=61140105961f97de62fa68b05c141144&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c709936c5623073ed3d44f270c85f967b44822dcf9379c84ab8b956ae39d6916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iOszAHA+bO7vwCihzeuGtw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66128
x-fb-rlafr: 0
x-fb-debug: hIxLzUpfnrZh7/bbfbcWhWRcmBYGYpx8/U5886k8R4Nv2QZcko075E3NKK0rV+jknQY2XFXv3M8glit3jURsPw==
x-fb-content-md5: 843085032a5ca568d81f02f11993b712
x-frame-options: DENY
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "60629c1118d1f05cb3442951fe5a2a43"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 11 Jun 2022 17:27:14 GMT

GET
H2 502 frame.html
ad4mat.net/ Frame A4A3 0
0 53ms
43ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4mat.net/frame.html

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=502:65dcb3a39d2f4e55:FRA; path=/; expires=Fri, 11-Jun-21 17:54:25 GMT cf_use_ob=443; path=/; expires=Fri, 11-Jun-21 17:54:25 GMT
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 65dcb3a39d2f4e55-FRA
server: cloudflare

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame B164 103 KB
34 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35022
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 14:22:34 GMT

GET
H2 200 prebid.4.42.1.js Show response
c.disquscdn.com/js/dist/ Frame 03E7 325 KB
99 KB 21ms
20ms Script
application/javascript 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/js/dist/prebid.4.42.1.js

Requested by

Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

664151db09e75d1bfa1da782f064245566b25b3a73f48ada211cce019a994f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70431
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
content-length: 100908
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Thu, 10 Jun 2021 20:17:43 GMT
server: nginx
etag: "60c27367-18a2c"
content-type: application/javascript; charset=utf-8
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
expires: Sat, 10 Jul 2021 22:20:04 GMT
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: mdWj4i4qlwpydG95hrVBZV8xF6k4phfkzoSaeFJ-3OZEyUrdCRnkKQ==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 8B6B 3 KB
3 KB 119ms
118ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=4mark&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

48503c9b016f1f748ae2793d7ef479cbc0a635759b45de7d734f00e58104102d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 2823
X-XSS-Protection: 1; mode=block

GET
H2 200 status
www.facebook.com/x/oauth/ Frame B164 0
0 43ms
43ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=http%3A%2F%2Fwww.4mark.net&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3D4mark%26t_u%3Dhttp%253A%252F%252Fwww.4mark.net%252Fstory%252F3165183%252Fjovnaolhpoghawer%26t_d%3Djovnaolhpoghawer%2520%257C%2520vaegaweraw3r%26t_t%3Djovnaolhpoghawer%2520%257C%2520vaegaweraw3r%26s_o%3Ddefault%23version%3Da5921af07b365f6dfd62075d2dee3735&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: b+jE4tjvpCzW/0ftVf5yZHQsYyK2sQUU/zIzGsyTIQBhV5dJ9a6Em21Z+JxiS8l5fMfc9Kncobq/CMbMF3jlvA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Jun 2021 17:53:55 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame ED28 513 B
545 B 15ms
15ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4a48c00f72c626725c027ef33e9ab790172121d96a8e8bb3e95d8d868c6554f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X5tX2HXtyPpZ2kHTOoC9yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=Fn6Rcqr_0-6DTCVTSu7X5EgEYo8O3tK4oqN3IMxvuYaQXPde9TH9xc5To5-5zpJ96E-cE9fRznbm46yk9N5lA_XHjQ6MuaxZXrgZC3SFmjFxU1f_CJg32W1an1aoqLF4JLoJcPLQZifmqfyVJLhZ5c5UcWOGshmG0u2kFpVBgmg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Jun 2021 17:53:55 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-X5tX2HXtyPpZ2kHTOoC9yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 03E7 137 B
847 B 78ms
26ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/js/dist/prebid.4.42.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

666a5547987058503dbeb6d0ee50c8980d261ade81d690b7117b62768eb38c2c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: c7fce9fb-cb7d-47e0-8052-94fc5e4b00b1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tempest.services.disqus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame B164 43 B
295 B 118ms
117ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34v0c1c3fk53tc&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=4mark&zone=thread&page_url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&page_referrer=http%3A%2F%2Fwww.4mark.net%2F&object_type=advertisement&provider=survey&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A75%7D&forum_id=3668931

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 8B6B 7 KB
8 KB 220ms
220ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=4mark&thread=url%3Ahttp%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8e1162f5e5da23ed608b602c882b8ed5295b6c1cdfc8c9c4af858d95c9b38a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:56 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 7443
X-XSS-Protection: 1; mode=block

GET
H2 200 1076821231-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame ED28 115 KB
39 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1076821231-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1816d947d4d4bafd1c4f03793110f64a56b2885ee29fc9fae3c226cea8bc2757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 08:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40143
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 02:30:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 08:20:12 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 1C86 18 KB
6 KB 29ms
29ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding: gzip
etag: "7f7f981d4ecb61feeff48e66441716da"
age: 24045
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5628
x-amz-id-2: TklKzcscKDRV/KiZHZSW4Hmm6Wuc/xAae1ssr1JymSf8MvlqblKYbJKXGTrDqOG6ZMNoaHOT5iw=
x-served-by: cache-fra19148-FRA
last-modified: Sun, 30 May 2021 11:12:52 GMT
server: AmazonS3
x-timer: S1623434036.903797,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: NWCSWNG0MX0N8EZJ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 101207

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 1C86 2 KB
976 B 30ms
29ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 5943
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19148-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1623434036.903944,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 57
x-cache-hits: 16404

GET
H2 200 tfa-eid.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 1C86 13 KB
5 KB 28ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c5d4409cbfbad0acc97ba77ec5c9828bc0eaad3430b4474b963c5f4ba091029

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: XdPmq.1Gg.9jjDVu0_GtQ9_2PgvH9n6H
content-encoding: gzip
etag: "53fc507dc4b1c4acb5609b5be89215a8"
age: 17
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4867
x-amz-id-2: qvFborLLD7ZbLMPUrX8qXPfSu2xnWf+7m1KFbAw9/H9ogfGIm1B1xa+POW9gGs8jCodb1IIVjes=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 11:47:44 GMT
server: AmazonS3
x-timer: S1623434036.905447,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: 5Q6N2R3P17DJ8PDK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 57
x-cache-hits: 46

GET
H2 200 sha256.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 1C86 6 KB
3 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ebc7c8375b9ed4fdbb6c795d8662c7e79dab5ec054abf49018da33e4f1b91dc

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1GfYRfvMJBQwPkGKDqn1iCXsOmfgnu8Z
content-encoding: gzip
etag: "741f4c7d3076e0a32bfcc42d6200020b"
age: 3
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: 49o8XgzDnAI3pRmcqHfMeaNyRpDOMcXun8IVk7ptcV9ap7uagU5IOX3GGbXsGnIWoct8/53PF0Y=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 11:47:57 GMT
server: AmazonS3
x-timer: S1623434036.905561,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: TJ4BDCNXKCXRCY5F
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 57
x-cache-hits: 8

GET
H2 200 tb Show response
15.taboola.com/ Frame 1C86 4 KB
3 KB 87ms
35ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=disqus-widget-safetylevel20longtail09&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22http%3A%2F%2Fwww.4mark.net%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%224mark%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=http%3A%2F%2Fwww.4mark.net%2F&cirf=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&encoded=1&uid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&variant=327895|478542&callback=TRC.videoTagCallbacks.videoCallback1&cb=1623434035910&tagid=&cntry=FR&platform=1&sesid=19fe8062d10824c2c0fba2649f9a52d2&itemid=/story/3165183/jovnaolhpoghawer&viewid=1623434035588&geolat=&geoing=&deviceifa=&appid=&sd=v2_19fe8062d10824c2c0fba2649f9a52d2_90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3_1623434035_1623434035_CIi3jgYQktQ_GISD1uGfLyABKAEwSjjE1whA7IsQSIe13QNQ7aEPWABgAGixr-m1yv33zq0B&ri=2b0a7022eb3fa1d7d3cac5c63c9d41ab&appname=&cdb=&gdprApplies=true&rid=&sii=-6053987407776006299&oee=true&tpubid=1042962&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=IDF&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d3c7e6e1b0872579e08f4964fb77269d209344c634c21d557adb4499fa4ad436

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: gzip
access-control-allow-origin: https://tempest.services.disqus.com
machineid: 1429
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn11581-HHN
pragma: no-cache
server: nginx
x-timer: S1623434036.974847,VS0,VE11
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 1C86 23 KB
8 KB 25ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a89e4c058b477bee9ff0f6a980d054ea7c5b46e225b4d24a6acde4bce4fb9a

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yS42FFnGWQRA3XhR7DHOFMbSRKsS8pf0
content-encoding: gzip
etag: "c0ccd5ec1e3e8c18b20218a8ef29275e"
age: 85
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7962
x-amz-id-2: eaEpUTOvXQvjrlk96AH8qNcV//OIL2f9lDnIwxaNNxxFfi+wJi+wc307sqIGodfxVHXvconzeZQ=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 11:47:39 GMT
server: AmazonS3
x-timer: S1623434036.923090,VS0,VE0
date: Fri, 11 Jun 2021 17:53:55 GMT
vary: Accept-Encoding
x-amz-request-id: AVX1SE2S52GC6N4W
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 57
x-cache-hits: 36

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame ED28 14 B
58 B 25ms
24ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1076821231-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 11 Jun 2021 18:53:55 GMT

GET
H2 200 2642fea6093ac7fb19bce2d8b8831ebc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 8 KB
8 KB 79ms
28ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2642fea6093ac7fb19bce2d8b8831ebc.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ab2153b514db5c1ac3b5b0f4461f5c488f5cb7c8b4544af6e1c7a2af3404e8f

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 1245616
edge-cache-tag: 301862587797583020484716945862674508284,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 93
expiration: expiry-date="Sun, 27 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2642fea6093ac7fb19bce2d8b8831ebc.jpg
content-length: 8062
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Thu, 27 May 2021 05:28:39 GMT
server: nginx
x-timer: S1623434036.980159,VS0,VE0
etag: "3955ff7766913d68609e9cfa3f23ab92"
x-served-by: cache-wdc5550-WDC, cache-dca12923-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 26

GET
H2 200 tbp Show response
15.taboola.com/ Frame 1C86 6 KB
2 KB 94ms
48ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a200162853df13c7ca4889afc5f882617a2e42b4927f401064fc836bae58710

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
content-encoding: gzip
access-control-allow-origin: https://tempest.services.disqus.com
machineid: 1446
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11581-HHN
pragma: no-cache
server: nginx
x-timer: S1623434036.974881,VS0,VE24
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 7cf5b981137589359070d3a233bf906a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 9 KB
10 KB 74ms
24ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cf5b981137589359070d3a233bf906a.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ee2b0bd78c689a50355199b5df527a4816f99cdc5ce3871656fdb6867b655df

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 2547846
edge-cache-tag: 574918199290536714353604569645295250117,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 21
expiration: expiry-date="Wed, 26 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cf5b981137589359070d3a233bf906a.jpg
content-length: 9580
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sun, 25 Apr 2021 07:26:08 GMT
server: nginx
x-timer: S1623434036.980149,VS0,VE0
etag: "2310926839410441cfecc11241f3fe23"
x-served-by: cache-wdc5569-WDC, cache-dca17773-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 23

GET
H2 200 d46af9fc9a462b0904026156648340b7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 22 KB
22 KB 98ms
48ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d46af9fc9a462b0904026156648340b7.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64a3a49e4b9194026ea605e85e67e7806516a345165f196a38bc9e13b525c38a

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 455744
edge-cache-tag: 397103231213453212343237091208528336369,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 35
expiration: expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d46af9fc9a462b0904026156648340b7.jpg
content-length: 22182
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Fri, 28 May 2021 12:41:19 GMT
server: nginx
x-timer: S1623434036.980371,VS0,VE1
etag: "bed387ef9d02a33d25df7ccb7f3d6fc5"
x-served-by: cache-wdc5583-WDC, cache-dca17734-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 fc7efe62e4d86270411d025653b1a751.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 9 KB
10 KB 87ms
37ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc7efe62e4d86270411d025653b1a751.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 828d2a6cc1c1fce8b6069844f92eddf8ea4e4a177e29c142b325f4ad06cde380

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 1206490
edge-cache-tag: 301735695814511676460417850556559875501,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 23
expiration: expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc7efe62e4d86270411d025653b1a751.jpg
content-length: 9122
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Fri, 28 May 2021 06:09:35 GMT
server: nginx
x-timer: S1623434036.980295,VS0,VE0
etag: "5557210c828af76adc878f9854837509"
x-served-by: cache-wdc5570-WDC, cache-dca17725-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 8

GET
H2 200 55bd907a068ea3d6627a2a57962588f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 18 KB
19 KB 90ms
41ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55bd907a068ea3d6627a2a57962588f8.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 823b8ca58a18d79fe2253acdb7e6e944b02e8f5e55d28ed47f43d38748e5cc5c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 636543
edge-cache-tag: 328628989075899534794387240850611855507,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 377
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55bd907a068ea3d6627a2a57962588f8.jpg
content-length: 18488
x-request-id: 988992bb97a0fcf635b3ba8294599b5b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 03 Jun 2021 16:37:56 GMT
server: nginx
x-timer: S1623434036.980347,VS0,VE0
etag: "c7e3262cd9679df1137dd4b5a4ec0d4b"
x-served-by: cache-wdc5548-WDC, cache-dca17776-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

GET
H2 200 55cf07ebb581389d8b09876614dbbe55.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 6 KB
7 KB 103ms
53ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55cf07ebb581389d8b09876614dbbe55.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 560f31523e89b638075a88c6435155ba2f94b97359d9fb661444a766c01b3029

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 11 Jun 2021 17:53:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 723074
edge-cache-tag: 428732779541356950576201499255762322831,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 23
expiration: expiry-date="Tue, 22 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55cf07ebb581389d8b09876614dbbe55.jpg
content-length: 6572
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sat, 22 May 2021 10:52:21 GMT
server: nginx
x-timer: S1623434036.980329,VS0,VE1
etag: "371e08bb51b821d136d0d24f029f5b89"
x-served-by: cache-wdc5551-WDC, cache-dca17768-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 780c1f0907f45ee6989368ac56e02ec5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 9 KB
9 KB 27ms
27ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/780c1f0907f45ee6989368ac56e02ec5.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7546ccfc4a0a0ab6088d710363e10d4b9566385016a1c43a883f0255da5b76ee

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 214958
edge-cache-tag: 339795090121286261365140016547801199664,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 193
expiration: expiry-date="Thu, 10 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/780c1f0907f45ee6989368ac56e02ec5.jpg
content-length: 8722
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Mon, 10 May 2021 08:21:39 GMT
server: nginx
x-timer: S1623434036.008782,VS0,VE1
etag: "11b1e1e7ce8757ba900a8fe710ca72fb"
x-served-by: cache-wdc5549-WDC, cache-dca17743-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame B164 633 B
833 B 183ms
130ms Script
application/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=4mark&thread_id=8382762038&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

ca5d311b54c98942afc2e608f8e5ca14534f2367ebef046d0813cd025c9db5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 noavatar92.png
a.disquscdn.com/1623278138/images/ Frame B164 2 KB
2 KB 15ms
14ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1623278138/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 73371
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: CDG3-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: fITadvIkzkoH7M3ngtkTKplNwJGhfT5pQ5ru5uNgesi5QJM7fZ0Gsg==
expires: Sat, 10 Jul 2021 21:31:04 GMT

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/1.4.0/ Frame 1C86 79 KB
24 KB 26ms
24ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront), 1.1 varnish
age: 237676
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 23743
x-served-by: cache-hhn11581-HHN
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
server: AmazonS3
x-timer: S1623434036.012954,VS0,VE0
etag: "b683c290896a82c974838a04b4ea4aff"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: S0Tl8hBCTDtzKICSHxY5Nekww1UaloNs5HuHvbVjXfzpJfHSAc8iEw==
x-cache-hits: 4429

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cf5b981137589359070d3a233bf906a.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ee2b0bd78c689a50355199b5df527a4816f99cdc5ce3871656fdb6867b655df

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 2547847
edge-cache-tag: 574918199290536714353604569645295250117,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 21
expiration: expiry-date="Wed, 26 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cf5b981137589359070d3a233bf906a.jpg
content-length: 9580
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sun, 25 Apr 2021 07:26:08 GMT
server: nginx
x-timer: S1623434036.016150,VS0,VE0
etag: "2310926839410441cfecc11241f3fe23"
x-served-by: cache-wdc5569-WDC, cache-dca17773-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 24

GET
H2 200 2642fea6093ac7fb19bce2d8b8831ebc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 8 KB
9 KB 24ms
24ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2642fea6093ac7fb19bce2d8b8831ebc.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ab2153b514db5c1ac3b5b0f4461f5c488f5cb7c8b4544af6e1c7a2af3404e8f

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 1245616
edge-cache-tag: 301862587797583020484716945862674508284,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 93
expiration: expiry-date="Sun, 27 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2642fea6093ac7fb19bce2d8b8831ebc.jpg
content-length: 8062
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Thu, 27 May 2021 05:28:39 GMT
server: nginx
x-timer: S1623434036.021268,VS0,VE0
etag: "3955ff7766913d68609e9cfa3f23ab92"
x-served-by: cache-wdc5550-WDC, cache-dca12923-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 27

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ Frame 1C86 4 KB
2 KB 26ms
26ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront), 1.1 varnish
age: 1245211
x-amz-meta-mtime: 1580720676
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-hhn11581-HHN
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1623434036.025207,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: ll5VX_qDxgpQA9XC-ohxfWN-gQbkl6EsMi-VmbuzplryZtTQxqOSyw==
x-cache-hits: 143207

GET
H2 200 fc7efe62e4d86270411d025653b1a751.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 9 KB
9 KB 24ms
24ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc7efe62e4d86270411d025653b1a751.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 828d2a6cc1c1fce8b6069844f92eddf8ea4e4a177e29c142b325f4ad06cde380

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 1206490
edge-cache-tag: 301735695814511676460417850556559875501,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 23
expiration: expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc7efe62e4d86270411d025653b1a751.jpg
content-length: 9122
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Fri, 28 May 2021 06:09:35 GMT
server: nginx
x-timer: S1623434036.032913,VS0,VE0
etag: "5557210c828af76adc878f9854837509"
x-served-by: cache-wdc5570-WDC, cache-dca17725-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55bd907a068ea3d6627a2a57962588f8.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 823b8ca58a18d79fe2253acdb7e6e944b02e8f5e55d28ed47f43d38748e5cc5c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 636544
edge-cache-tag: 328628989075899534794387240850611855507,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 377
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55bd907a068ea3d6627a2a57962588f8.jpg
content-length: 18488
x-request-id: 988992bb97a0fcf635b3ba8294599b5b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 03 Jun 2021 16:37:56 GMT
server: nginx
x-timer: S1623434036.032977,VS0,VE0
etag: "c7e3262cd9679df1137dd4b5a4ec0d4b"
x-served-by: cache-wdc5548-WDC, cache-dca17776-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d46af9fc9a462b0904026156648340b7.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64a3a49e4b9194026ea605e85e67e7806516a345165f196a38bc9e13b525c38a

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 455744
edge-cache-tag: 397103231213453212343237091208528336369,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 35
expiration: expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d46af9fc9a462b0904026156648340b7.jpg
content-length: 22182
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Fri, 28 May 2021 12:41:19 GMT
server: nginx
x-timer: S1623434036.052588,VS0,VE0
etag: "bed387ef9d02a33d25df7ccb7f3d6fc5"
x-served-by: cache-wdc5583-WDC, cache-dca17734-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55cf07ebb581389d8b09876614dbbe55.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 560f31523e89b638075a88c6435155ba2f94b97359d9fb661444a766c01b3029

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 723074
edge-cache-tag: 428732779541356950576201499255762322831,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 23
expiration: expiry-date="Tue, 22 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55cf07ebb581389d8b09876614dbbe55.jpg
content-length: 6572
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sat, 22 May 2021 10:52:21 GMT
server: nginx
x-timer: S1623434036.052724,VS0,VE0
etag: "371e08bb51b821d136d0d24f029f5b89"
x-served-by: cache-wdc5551-WDC, cache-dca17768-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame B164 43 B
295 B 113ms
112ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=528&event=init_embed&thread=8382762038&forum=4mark&forum_id=3668931&imp=34v0c1c3fk53tc&prev_imp&thread_slug=jovnaolhpoghawer_vaegaweraw3r&user_type=anon&referrer=http%3A%2F%2Fwww.4mark.net%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 83B5 0
54 B 35ms
33ms Document
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2576DC1CC442075417296055411&cicmp=1337627&cijs=1&dast=V7EBICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLLazUYcxoZDGk0Gu9VoMVtMdsPRYrJcTJaQMIvFYjSZrYZTMNjC53R3t4EETafD57rXi15uw8tzumteltvT4_LcRU7P4_W5a_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCSOBDE4bP7zS7TPwAAHgpAAAAEMEIAsgx-RAAAAABGAAAAAEgABBILSwAc7hZNAAAC8vhrBLNPAAAADupknrZZ_v___2MA8t6bZAAo0jZuDHoAHnwAHoQAAAAuhjLIqAxFBt0GiApMixgBAAAASJlJyB1N6oTKour____fCuAKACAgj79mUCPr5qSYNQwAAABgbIEeFr_f7LBr_G6X_f________-b_Z8BoAkN6YWnAWmEI6nxjFwrrP0CAgCwvRsAwJsAXMwB2AEAAADc_f___-cBAABI7VGyvVbj2aOs9xls4XO6u-s3YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDjEg6pz6XxenY8NOJkrBpO5YjhXLEarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=2576DC1CC442075417296055411&cicmp=1337627&cijs=1&dast=V7EBICFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLLazUYcxoZDGk0Gu9VoMVtMdsPRYrJcTJaQMIvFYjSZrYZTMNjC53R3t4EETafD57rXi15uw8tzumteltvT4_LcRU7P4_W5a_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCSOBDE4bP7zS7TPwAAHgpAAAAEMEIAsgx-RAAAAABGAAAAAEgABBILSwAc7hZNAAAC8vhrBLNPAAAADupknrZZ_v___2MA8t6bZAAo0jZuDHoAHnwAHoQAAAAuhjLIqAxFBt0GiApMixgBAAAASJlJyB1N6oTKour____fCuAKACAgj79mUCPr5qSYNQwAAABgbIEeFr_f7LBr_G6X_f________-b_Z8BoAkN6YWnAWmEI6nxjFwrrP0CAgCwvRsAwJsAXMwB2AEAAADc_f___-cBAABI7VGyvVbj2aOs9xls4XO6u-s3YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDjEg6pz6XxenY8NOJkrBpO5YjhXLEarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tempest.services.disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tempest.services.disqus.com/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish
x-served-by: cache-fra19148-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1623434036.065250,VS0,VE10
content-length: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame 4628 18 KB
6 KB 25ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding: gzip
etag: "7f7f981d4ecb61feeff48e66441716da"
age: 24045
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5628
x-amz-id-2: TklKzcscKDRV/KiZHZSW4Hmm6Wuc/xAae1ssr1JymSf8MvlqblKYbJKXGTrDqOG6ZMNoaHOT5iw=
x-served-by: cache-fra19148-FRA
last-modified: Sun, 30 May 2021 11:12:52 GMT
server: AmazonS3
x-timer: S1623434036.099557,VS0,VE0
date: Fri, 11 Jun 2021 17:53:56 GMT
vary: Accept-Encoding
x-amz-request-id: NWCSWNG0MX0N8EZJ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 101211

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 4628 2 KB
976 B 26ms
24ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 5943
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19148-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1623434036.100092,VS0,VE0
date: Fri, 11 Jun 2021 17:53:56 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 57
x-cache-hits: 16407

GET
H2 200 tfa-eid.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 4628 13 KB
5 KB 24ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c5d4409cbfbad0acc97ba77ec5c9828bc0eaad3430b4474b963c5f4ba091029

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: XdPmq.1Gg.9jjDVu0_GtQ9_2PgvH9n6H
content-encoding: gzip
etag: "53fc507dc4b1c4acb5609b5be89215a8"
age: 17
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4867
x-amz-id-2: qvFborLLD7ZbLMPUrX8qXPfSu2xnWf+7m1KFbAw9/H9ogfGIm1B1xa+POW9gGs8jCodb1IIVjes=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 11:47:44 GMT
server: AmazonS3
x-timer: S1623434036.101422,VS0,VE0
date: Fri, 11 Jun 2021 17:53:56 GMT
vary: Accept-Encoding
x-amz-request-id: 5Q6N2R3P17DJ8PDK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 57
x-cache-hits: 49

GET
H2 200 sha256.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 4628 6 KB
3 KB 24ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ebc7c8375b9ed4fdbb6c795d8662c7e79dab5ec054abf49018da33e4f1b91dc

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1GfYRfvMJBQwPkGKDqn1iCXsOmfgnu8Z
content-encoding: gzip
etag: "741f4c7d3076e0a32bfcc42d6200020b"
age: 3
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: 49o8XgzDnAI3pRmcqHfMeaNyRpDOMcXun8IVk7ptcV9ap7uagU5IOX3GGbXsGnIWoct8/53PF0Y=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 11:47:57 GMT
server: AmazonS3
x-timer: S1623434036.101408,VS0,VE0
date: Fri, 11 Jun 2021 17:53:56 GMT
vary: Accept-Encoding
x-amz-request-id: TJ4BDCNXKCXRCY5F
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 57
x-cache-hits: 11

GET
H2 200 userx.20210610-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 4628 23 KB
8 KB 24ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210610-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a89e4c058b477bee9ff0f6a980d054ea7c5b46e225b4d24a6acde4bce4fb9a

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yS42FFnGWQRA3XhR7DHOFMbSRKsS8pf0
content-encoding: gzip
etag: "c0ccd5ec1e3e8c18b20218a8ef29275e"
age: 85
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7962
x-amz-id-2: eaEpUTOvXQvjrlk96AH8qNcV//OIL2f9lDnIwxaNNxxFfi+wJi+wc307sqIGodfxVHXvconzeZQ=
x-served-by: cache-fra19148-FRA
last-modified: Thu, 10 Jun 2021 11:47:39 GMT
server: AmazonS3
x-timer: S1623434036.109643,VS0,VE0
date: Fri, 11 Jun 2021 17:53:56 GMT
vary: Accept-Encoding
x-amz-request-id: AVX1SE2S52GC6N4W
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 57
x-cache-hits: 37

GET
H2 200 get
c.disquscdn.com/ Frame 8B6B 60 KB
60 KB 23ms
21ms Image
image/png 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Flh3.googleusercontent.com%2FMnJkdTWmx4D9kIJaluROOhDCyEAc_EvH5AAAw6eeeLlMEOx62tHSkDKaqMZk5XZ371Zcd8JkY0gL_sxJzZr7m2P2pGnArZm2JJPh9CVl&key=l0RhLffiAfPa7H-QN843WQ&h=200

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

72f2fa29869b9acbc03be0f6a199288e9686424280520995ddd8834156ff1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 04:33:00 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 480056
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-disposition: inline;filename="unnamed.png"
content-length: 61271
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: jyW-CavIJpR2jtKYjIa_SF1QSdIiOR9PI6qQT3sIgy8MTTrJOQ4PzQ==
expires: Tue, 06 Jul 2021 04:33:00 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 8B6B 19 KB
19 KB 23ms
22ms Image
image/jpeg 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fcdn.pharmiweb.com%2Fmedia%2F12160%2Fmedical-device.jpg&key=_78cmgO6nUl1rCs9HU8jzg&h=200

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eaf2805a9783713ad47e749e291c6f090dbc96fb43c854b04daf5d01baef00e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 04:22:56 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-md5: ZUMsYOBaj+ug3HyGtueTmA==
age: 135060
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 19166
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: C73YQUz8R0-YVjmFlem2NVXHQDuJ30UQrsjYg1EwP9motOG0sDgEbw==
expires: Sat, 10 Jul 2021 04:22:56 GMT

GET
H2 404 get
c.disquscdn.com/ Frame 8B6B 0
0 192ms
191ms Image
text/html 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fsarahdsmith.blogspot.com%2F2021%2F02%2Fhow-to-escape-self-employment-trap-and.html&key=6kr-JvlBikqXA05iOgAqMA&h=200
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 get
c.disquscdn.com/ Frame 8B6B 3 KB
4 KB 23ms
22ms Image
image/png 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fqartpay.com%2Fimages%2Flogo.png&key=vlaVccX0IoOX9KUUuFChCA&h=200

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d5e19c74e14510d16a8293f718ad7a29de78d80d3f902614678b48420951464f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 19:27:53 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 339963
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 3360
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: cbNra9c9h4fVuCfNy0d9LPvi-jAIQVjOYSJ4mSmNXnlSmPG0lk4T_g==
expires: Wed, 07 Jul 2021 19:27:53 GMT

GET
H2 404 get
c.disquscdn.com/ Frame 8B6B 0
0 169ms
168ms Image
text/html 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fadvisory.consulting%2Ftest-bank-canadian-entrepreneurship-and-small-business-management-10th-edition-balderson%2F&key=kbir1peLcTkEWaVWz0ZIaQ&h=200
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 8B6B 0
0 128ms
127ms Image
text/html 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.storeboard.com%2Fblogs%2Fnews%2Fcan-cbd-aid-with-insomnia%2F4702757&key=ZAJ0F-Tti_7O9QwMjcmRQw&h=200
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 get
c.disquscdn.com/ Frame 8B6B 9 KB
9 KB 21ms
20ms Image
image/png 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fmarvelelectricians.com%2Fwp-content%2Fuploads%2F2020%2F05%2Flogo_marvel.png&key=Ec3S_n8A0YE4swI6vQwAQw&h=200

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b3aab8e5f948e10663526612cd50c62e9a3c9090a22e6dec8c18539ec5c538a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 19:27:17 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 599199
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 8733
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: u7KUwAQeUfwrefvtBbpuw71hUCaSwVbBioW5ObLMil7shkwFaXRz1Q==
expires: Sun, 04 Jul 2021 19:27:17 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 8B6B 26 KB
27 KB 21ms
21ms Image
image/jpeg 2600:9000:211a:8e00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fescatter11.fullerton.edu%2Fnfs%2Fimg%2FNFS_Logo.jpg&key=HfaPn0HS-ZG_fRVSvfI8mw&h=200

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:8e00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ab4e83dddf1e6412217bd98e9dc449eadcf689d3198d7a52c4248f6a8b4e8192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 04:22:09 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 135107
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 26705
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: d-ypzkW_vAZfQ6XRuAS8aezab-2o4C0oNtWIUoznM6ez3eibJHDpEQ==
expires: Sat, 10 Jul 2021 04:22:09 GMT

GET
H2 200 7cf5b981137589359070d3a233bf906a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 9 KB
10 KB 24ms
24ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cf5b981137589359070d3a233bf906a.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ee2b0bd78c689a50355199b5df527a4816f99cdc5ce3871656fdb6867b655df

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 2547847
edge-cache-tag: 574918199290536714353604569645295250117,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 21
expiration: expiry-date="Wed, 26 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cf5b981137589359070d3a233bf906a.jpg
content-length: 9580
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sun, 25 Apr 2021 07:26:08 GMT
server: nginx
x-timer: S1623434036.160747,VS0,VE0
etag: "2310926839410441cfecc11241f3fe23"
x-served-by: cache-wdc5569-WDC, cache-dca17773-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 25

GET
H2 200 tbp Show response
15.taboola.com/ Frame 4628 6 KB
3 KB 224ms
223ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f3103d365a3d8a3a4a5c4f9cabd293a6f8f47b70c6eb863b480056f76b99c92c

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Jun 2021 17:53:56 GMT
content-encoding: gzip
access-control-allow-origin: https://tempest.services.disqus.com
machineid: 1430
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn11581-HHN
pragma: no-cache
server: nginx
x-timer: S1623434036.161040,VS0,VE199
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 5fcfd14183c4523f06a8a5cf87470bfa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 9 KB
10 KB 26ms
25ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fcfd14183c4523f06a8a5cf87470bfa.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: be898880f54a6d13ae605c2f851c98ac5940d197cdafb604172eb04e46545235

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 1234528
edge-cache-tag: 484118877866796086668316190833527273798,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 39
expiration: expiry-date="Fri, 28 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fcfd14183c4523f06a8a5cf87470bfa.jpg
content-length: 9676
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 27 Apr 2021 08:17:54 GMT
server: nginx
x-timer: S1623434036.162512,VS0,VE0
etag: "eb8621a0ab28c2c0dfa47b0a1da32004"
x-served-by: cache-wdc5539-WDC, cache-dca17750-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

GET
H2 200 909598062__WuWyI7XO.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/WST/ Frame 4628 11 KB
12 KB 27ms
26ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/WST/909598062__WuWyI7XO.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 49e7fb5874a634dd52f963b5c0bb41e39fc6ac418227183bb03090610f570901

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 2230661
edge-cache-tag: 344553765742927069872278399413239753281,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 36
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/WST/909598062__WuWyI7XO.jpg
content-length: 11522
x-request-id: 7b73cd3d52d2c73df4a075eb94dca8ed
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Fri, 16 Apr 2021 08:23:08 GMT
server: nginx
x-timer: S1623434036.162487,VS0,VE1
etag: "9de079a0286771f37770d01e7f6b1f37"
x-served-by: cache-wdc5520-WDC, cache-dca17753-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 55cf07ebb581389d8b09876614dbbe55.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 6 KB
7 KB 25ms
24ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55cf07ebb581389d8b09876614dbbe55.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 560f31523e89b638075a88c6435155ba2f94b97359d9fb661444a766c01b3029

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 723074
edge-cache-tag: 428732779541356950576201499255762322831,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 23
expiration: expiry-date="Tue, 22 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55cf07ebb581389d8b09876614dbbe55.jpg
content-length: 6572
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sat, 22 May 2021 10:52:21 GMT
server: nginx
x-timer: S1623434036.162487,VS0,VE0
etag: "371e08bb51b821d136d0d24f029f5b89"
x-served-by: cache-wdc5551-WDC, cache-dca17768-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
H2 200 d46af9fc9a462b0904026156648340b7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 22 KB
22 KB 26ms
26ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d46af9fc9a462b0904026156648340b7.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64a3a49e4b9194026ea605e85e67e7806516a345165f196a38bc9e13b525c38a

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 455744
edge-cache-tag: 397103231213453212343237091208528336369,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 35
expiration: expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d46af9fc9a462b0904026156648340b7.jpg
content-length: 22182
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Fri, 28 May 2021 12:41:19 GMT
server: nginx
x-timer: S1623434036.162903,VS0,VE0
etag: "bed387ef9d02a33d25df7ccb7f3d6fc5"
x-served-by: cache-wdc5583-WDC, cache-dca17734-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
H2 200 dcb98c725ae99aff14e03fb7d8b52a63.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 6 KB
6 KB 30ms
29ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dcb98c725ae99aff14e03fb7d8b52a63.jpg
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4699bb1f70cfbbd1a9d98526a14fa8702eb974764ee6ff4f841a844205af6414

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 230212
edge-cache-tag: 404831583409700041557647922694396936280,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 97
expiration: expiry-date="Wed, 16 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dcb98c725ae99aff14e03fb7d8b52a63.jpg
content-length: 5892
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Sun, 16 May 2021 13:07:13 GMT
server: nginx
x-timer: S1623434036.162888,VS0,VE1
etag: "08e0a4505b56adf18dca27a23438a644"
x-served-by: cache-wdc5549-WDC, cache-dca17743-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2

200

362358.gif Show response
idsync.rlcdn.com/ Frame 9C34
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCLTGjoYGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJDuHbJ9eo7cF0LFZZ5W8Oc&google_cver=1

42 B
317 B

26ms
24ms

Document
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJDuHbJ9eo7cF0LFZZ5W8Oc&google_cver=1
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: idsync.rlcdn.com
:scheme: https
:path: /362358.gif?google_gid=CAESEJDuHbJ9eo7cF0LFZZ5W8Oc&google_cver=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: rlas3=7ktaflc7pxd5JdLo1wCfzC9T3o4w/OgrCGbbKy4lFII=; pxrc=CLTGjoYGEgUI6AcQABIGCLrqARAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=7ktaflc7pxd5JdLo1wCfzC9T3o4w/OgrCGbbKy4lFII=; Path=/; Domain=rlcdn.com; Expires=Sat, 11 Jun 2022 17:53:56 GMT; Secure; SameSite=None pxrc=CLTGjoYGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Tue, 10 Aug 2021 17:53:56 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Fri, 11 Jun 2021 17:53:56 GMT
content-length: 42
via: 1.1 google
alt-svc: clear

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJDuHbJ9eo7cF0LFZZ5W8Oc&google_cver=1
date: Fri, 11 Jun 2021 17:53:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame 0D01 507 B
1 KB 269ms
195ms Document
text/html 99.86.241.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34t5n633mvo80i&pctry=FR&referrer=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-67.vie50.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: 80a65ac4fbd69783b6dd5fd1da694137f12889438e78098d6b67a3fe4d454539

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34t5n633mvo80i&pctry=FR&referrer=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 507
date: Fri, 11 Jun 2021 17:53:56 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=44d84a50-dcb7-4328-b772-ef66d2fd159b:1623434036.33; Domain=rezync.com; Expires=Wed, 08-Dec-2021 10:53:56 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVykELgjAYgOG_Et_ZgziLEDoERgjtE0UQvUjpoJmb5WblZP-9dXtfeFZonmwSV8mkhkhPM_OgHbg7BdEKHVev2RW0JNRbuSNEvMe9z8F6oJhSfJQN7_5yc3MK4_yRxvkdi6Ouz8hx8X1qkvBSJgRNouuyClBkSy2yLxYDT_tTQHvqTPahppqpoQew9geyHzIA.E6U0tA.9KME5TFM0FETJyi00awWtPP7fEk; Expires=Wed, 08-Dec-2021 17:53:56 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 96296f2b3ee1b7cbc3fb127d3383661e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: qpWQ6cNgRu4ftsPvFMKHZD8T574A2n95p9SLQPkmXMjCHg68Zx1lgw==

GET
H2 200 narr
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/ Frame B164 0
38 B 100ms
33ms Image
text/plain 54.76.227.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D473%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.227.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-227-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:56 GMT
content-length: 0

GET
H/1.1

200
OK

/
io.narrative.io/ Frame B164
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac34t5n633mvo80i&ret=img&ref=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer
https://io.narrative.io/?io.narrative.guid.v2=fdff1cf0-cadd-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac34t5n633mvo80i&ret=img&ref=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpog...

35 B
319 B

33ms
32ms

Image
image/gif

54.229.111.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=fdff1cf0-cadd-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac34t5n633mvo80i&ret=img&ref=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.111.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-111-52.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=4mark&t_u=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&t_d=jovnaolhpoghawer%20%7C%20vaegaweraw3r&t_t=jovnaolhpoghawer%20%7C%20vaegaweraw3r&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:56 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=fdff1cf0-cadd-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac34t5n633mvo80i&ret=img&ref=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer
Date: Fri, 11 Jun 2021 17:53:56 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

GET
H2 200 7cf5b981137589359070d3a233bf906a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 9 KB
10 KB 25ms
24ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cf5b981137589359070d3a233bf906a.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ee2b0bd78c689a50355199b5df527a4816f99cdc5ce3871656fdb6867b655df

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 2547847
edge-cache-tag: 574918199290536714353604569645295250117,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 21
expiration: expiry-date="Wed, 26 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7cf5b981137589359070d3a233bf906a.jpg
content-length: 9580
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sun, 25 Apr 2021 07:26:08 GMT
server: nginx
x-timer: S1623434036.201035,VS0,VE0
etag: "2310926839410441cfecc11241f3fe23"
x-served-by: cache-wdc5569-WDC, cache-dca17773-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 26

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fcfd14183c4523f06a8a5cf87470bfa.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: be898880f54a6d13ae605c2f851c98ac5940d197cdafb604172eb04e46545235

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 1234528
edge-cache-tag: 484118877866796086668316190833527273798,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 39
expiration: expiry-date="Fri, 28 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5fcfd14183c4523f06a8a5cf87470bfa.jpg
content-length: 9676
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 27 Apr 2021 08:17:54 GMT
server: nginx
x-timer: S1623434036.201511,VS0,VE0
etag: "eb8621a0ab28c2c0dfa47b0a1da32004"
x-served-by: cache-wdc5539-WDC, cache-dca17750-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/WST/909598062__WuWyI7XO.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 49e7fb5874a634dd52f963b5c0bb41e39fc6ac418227183bb03090610f570901

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 2230661
edge-cache-tag: 344553765742927069872278399413239753281,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 36
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/WST/909598062__WuWyI7XO.jpg
content-length: 11522
x-request-id: 7b73cd3d52d2c73df4a075eb94dca8ed
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Fri, 16 Apr 2021 08:23:08 GMT
server: nginx
x-timer: S1623434036.201998,VS0,VE0
etag: "9de079a0286771f37770d01e7f6b1f37"
x-served-by: cache-wdc5520-WDC, cache-dca17753-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 55cf07ebb581389d8b09876614dbbe55.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 6 KB
7 KB 30ms
29ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55cf07ebb581389d8b09876614dbbe55.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 560f31523e89b638075a88c6435155ba2f94b97359d9fb661444a766c01b3029

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 723074
edge-cache-tag: 428732779541356950576201499255762322831,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 23
expiration: expiry-date="Tue, 22 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55cf07ebb581389d8b09876614dbbe55.jpg
content-length: 6572
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sat, 22 May 2021 10:52:21 GMT
server: nginx
x-timer: S1623434036.202157,VS0,VE0
etag: "371e08bb51b821d136d0d24f029f5b89"
x-served-by: cache-wdc5551-WDC, cache-dca17768-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

GET
H2 200 d46af9fc9a462b0904026156648340b7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 22 KB
22 KB 28ms
27ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d46af9fc9a462b0904026156648340b7.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64a3a49e4b9194026ea605e85e67e7806516a345165f196a38bc9e13b525c38a

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 455744
edge-cache-tag: 397103231213453212343237091208528336369,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 35
expiration: expiry-date="Mon, 28 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d46af9fc9a462b0904026156648340b7.jpg
content-length: 22182
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Fri, 28 May 2021 12:41:19 GMT
server: nginx
x-timer: S1623434036.202140,VS0,VE0
etag: "bed387ef9d02a33d25df7ccb7f3d6fc5"
x-served-by: cache-wdc5583-WDC, cache-dca17734-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dcb98c725ae99aff14e03fb7d8b52a63.jpg
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4699bb1f70cfbbd1a9d98526a14fa8702eb974764ee6ff4f841a844205af6414

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 230212
edge-cache-tag: 404831583409700041557647922694396936280,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 97
expiration: expiry-date="Wed, 16 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dcb98c725ae99aff14e03fb7d8b52a63.jpg
content-length: 5892
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Sun, 16 May 2021 13:07:13 GMT
server: nginx
x-timer: S1623434036.202225,VS0,VE0
etag: "08e0a4505b56adf18dca27a23438a644"
x-served-by: cache-wdc5549-WDC, cache-dca17743-DCA, cache-hhn11528-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 358 B
788 B 106ms
54ms XHR
text/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: cdd03ee801bc0be53a653f590abab5c62ca4c39bc0db85aadd0255ab5ef98dd5

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:56 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.4mark.net
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 358
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 118ms
117ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34v0c1c3fk53tc&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=4mark&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=3668931

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 122ms
121ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34v0c1c3fk53tc&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=4mark&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=3668931

Requested by

Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 17:53:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

sync.gif
links.services.disqus.com/api/
Redirect Chain

http://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d

43 B
375 B

98ms
49ms

Image
image/gif

151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:56 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 41 B
470 B 53ms
52ms XHR
text/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: b30ee506cc3db8bf6f1676547777cc5560f868a194d265a9c9a3025d97eec430

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:56 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.4mark.net
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 41
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 42 B
471 B 65ms
49ms XHR
text/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: fc0b5d644cb205147eeaaba7ab07067f2b65a7e9c97c2f3f12b5da19af4530f9

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:56 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.4mark.net
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ Frame 4628 4 KB
2 KB 24ms
24ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront), 1.1 varnish
age: 1245211
x-amz-meta-mtime: 1580720676
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-hhn11581-HHN
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1623434036.409674,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: ll5VX_qDxgpQA9XC-ohxfWN-gQbkl6EsMi-VmbuzplryZtTQxqOSyw==
x-cache-hits: 143209

GET
H2 200 st Show response
imprammp.taboola.com/ Frame CC2B 0
67 B 33ms
32ms Document
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=9AE8885C704426079771969272979&cicmp=1337627&cijs=1&dast=V7t_8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLlgEYfD1YY3GI0ms8FuuZvNlrPdaLXazJaQMIvFYjSZrYZTMNjC53R3t4EETafD57rXi15uw8tzumteltvT4_LcRU7P4_W5a_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCSOBDE4bP7zS7TPwAAHgpAAAAEMEIAsgyoRAAAAABGAAAAAEgABBILSwAc7hZNAAAC8vhrCA9OAAAADupknrZZ_v___2MA8t6bZAAo0jZuDHoAHnwAHoQAAAAuhmi1WlI_ilfqiQosixgBAAAASJlJyB1N6oTKour____fCuAKACAgj7-GkC_r5qSYNQwAAABgbIEeFr_f7LBr_G6X_f________-b_Z8BoAkN6YWnAWmEI6nxjFwrrP0CAgCwvRsAwJsAXMwB2AEAAADc_f___-cBAACA7VGyvVbj2aOs9xls4XO6u-s3YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDjEg6pz6XxenY8NOJkrBpO5YjhXLEarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.4mark.net
URL: http://www.4mark.net/story/3165183/jovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=9AE8885C704426079771969272979&cicmp=1337627&cijs=1&dast=V7t_8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLlgEYfD1YY3GI0ms8FuuZvNlrPdaLXazJaQMIvFYjSZrYZTMNjC53R3t4EETafD57rXi15uw8tzumteltvT4_LcRU7P4_W5a_xuvxwAAAAAHgCIWqIhdnwb2iMAAAAAJHhGrhUoAir-LQQuAAAAADAACMTCNQCSOBDE4bP7zS7TPwAAHgpAAAAEMEIAsgyoRAAAAABGAAAAAEgABBILSwAc7hZNAAAC8vhrCA9OAAAADupknrZZ_v___2MA8t6bZAAo0jZuDHoAHnwAHoQAAAAuhmi1WlI_ilfqiQosixgBAAAASJlJyB1N6oTKour____fCuAKACAgj7-GkC_r5qSYNQwAAABgbIEeFr_f7LBr_G6X_f________-b_Z8BoAkN6YWnAWmEI6nxjFwrrP0CAgCwvRsAwJsAXMwB2AEAAADc_f___-cBAACA7VGyvVbj2aOs9xls4XO6u-s3YYvRajLZLIez5WIyGI6Go9H-BHA5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlOyHC0maxGu9VushxORqPZZrJBilatZqPNYLiaTWa73Wo4GC5HI6RozWI2mSxmo-VuM1hORoPhZDjEg6pz6XxenY8NOJkrBpO5YjhXLEarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tempest.services.disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tempest.services.disqus.com/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish
x-served-by: cache-fra19148-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1623434036.438651,VS0,VE9
content-length: 0

GET
H2

200

52154.gif
idsync.rlcdn.com/ Frame 0D01
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=1216095245932084365
https://p.rfihub.com/cm?pub=39342&in=1&userid=44d84a50-dcb7-4328-b772-ef66d2fd159b%3A1623434036.33&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc34t5n633mvo80i
https://idsync.rlcdn.com/501709.gif?partner_uid=c34t5n633mvo80i
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1216095245932084365

42 B
315 B

21ms
21ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1216095245932084365
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34t5n633mvo80i&pctry=FR&referrer=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:56 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: 6992c650-3ee8-48f2-a9ea-013dcfbb3136
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=1216095245932084365
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

397676.gif
idsync.rlcdn.com/ Frame 0D01
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=44d84a50-dcb7-4328-b772-ef66d2fd159b%3A1623434036.33&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597495802323350
https://idsync.rlcdn.com/501709.gif?partner_uid=c34t5n633mvo80i
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=8xWmlemM670wM4H1kf4qbQIPQNNSoWYU

42 B
315 B

21ms
21ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=8xWmlemM670wM4H1kf4qbQIPQNNSoWYU
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34t5n633mvo80i&pctry=FR&referrer=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=8xWmlemM670wM4H1kf4qbQIPQNNSoWYU
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3441
date: Fri, 11 Jun 2021 17:53:56 GMT
content-length: 221
content-type: text/html; charset=utf-8

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 26ms
25ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2adde87326f606755a71137887168a87aa80c19e6c3fe306ccef8328d1caaf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 17:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7919
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 11 Jun 2021 17:53:56 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 4429 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 11 Jun 2021 17:28:24 GMT
expires: Sat, 11 Jun 2022 17:28:24 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E622 783 B
532 B 15ms
15ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

68ca4859fce4c6d10cb920d1a8d9027f2a24031b7617167f86e53c3f93c3b829

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ahFGKycvbVyYUJR1jzd14g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=Fn6Rcqr_0-6DTCVTSu7X5EgEYo8O3tK4oqN3IMxvuYaQXPde9TH9xc5To5-5zpJ96E-cE9fRznbm46yk9N5lA_XHjQ6MuaxZXrgZC3SFmjFxU1f_CJg32W1an1aoqLF4JLoJcPLQZifmqfyVJLhZ5c5UcWOGshmG0u2kFpVBgmg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

expires: Fri, 11 Jun 2021 17:53:56 GMT
date: Fri, 11 Jun 2021 17:53:56 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ahFGKycvbVyYUJR1jzd14g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4429 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jun 2022 17:28:58 GMT

POST
H2 204 bulk Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 1C86 0
293 B 34ms
34ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 11 Jun 2021 17:53:56 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623434037.941440,VS0,VE9
x-served-by: cache-fra19148-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://tempest.services.disqus.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=2919333470408819&bg=!YWKlYibNAAY6sG-_OrA7ACkAdvg8WnmlQ2Tj0uJKXlcFnPbxXVPNINh4jVcpLxpSaZYVyaNqIXz0RgIAAAA9UgAAAApoAQeZAnGdYBPWk2XGOnOUg6rwvR5btY4IfbZ3pKo6huY-tE37Z88MbHo1cb35oVVUdd12fvtlMnj1skU2Jxzx0_OjlqbEvV_MkWGPF5Ynxedc_f-0PFiCpEzk2EJW19F9W7F5He4gO1SjGJhK-72x3se5h4s_e4xt2LwX4xHm_yEaV7rpUOa2VrhPt6DXuL2bWVKna8B5YoM0uOt8k2tdsSPO2iVDBmPafs8NttTluiL-kgYDTbuGhvidl2XzksJaw0dX1QjAurxHz7Svb5wk13oUw0-Pw5d3rAM3SQAAqc6XMWp28xWaKKiRYbSWZQXrX8gxzE6TYBv3fCWH5q4AbfOGSgZBURq2CQK_nmHpLzME7GcwK3z6AAF4mXw74B24MRceYtAs1TVhhLr08E0m9kOH3gF3u-7fTmzYTe8zwvogNnu-lkx34-TP42T7_6LrAzsNgBGSDPOFYqpApWvYsC5pFB7YFinC4ZM2om2yB1QWzNRL8_U6rsUV7vNRXJsoLQVWF2nBZP2fzYIjrij5_OhvJjWVnwDzTPwMZnsqByAFV5lb7fiKjQKZRUOPrABhHtStwWZ55kcU28CTKQPSVC8CkF7sFL-Ww19rP2kJ-BdH3SjcnVa003hI-g2GW3FuMIqP3mpyTlLrsym2aEbZmTgr4EBxPROx69783gFcBSjZiTOLn4n9OBhEIhDx8DNTe5zE_6iIekD4vm-RhtRPuDO_RdpI5A7j-MSFyMp7T7Z70k2SbaLRJyOCNmrc9qgdXfnbrGJyU1oVmW5vhT-MefuYJO5ietzZp3IXkjn-fl6CW3BxxwDKrcLsBdn3LOu32lOVONsa

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4mark.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 4628 0
79 B 33ms
33ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623434037.156534,VS0,VE9
x-served-by: cache-fra19148-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://tempest.services.disqus.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 1C86 254 B
694 B 24ms
24ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 8065
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: tWySuz9/OdKJ2pOdhX4bufkG4hc0iRD2sCTyBdIQ3Z6MYBWEmIXnvI7/5D8r6Y/LoGLokVnv66I=
x-served-by: cache-fra19148-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1623434037.490491,VS0,VE0
date: Fri, 11 Jun 2021 17:53:57 GMT
x-amz-request-id: 2ARVV0EZA7M16CA8
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 57
x-cache-hits: 3283

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 4628 254 B
325 B 25ms
24ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=4mark&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%232a80b9&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.4mark.net%2Fstory%2F3165183%2Fjovnaolhpoghawer&typeface=sans-serif&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 8065
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: tWySuz9/OdKJ2pOdhX4bufkG4hc0iRD2sCTyBdIQ3Z6MYBWEmIXnvI7/5D8r6Y/LoGLokVnv66I=
x-served-by: cache-fra19148-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1623434038.549171,VS0,VE0
date: Fri, 11 Jun 2021 17:53:57 GMT
x-amz-request-id: 2ARVV0EZA7M16CA8
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 57
x-cache-hits: 3284

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame F7AC 14 KB
4 KB 20ms
20ms Document
text/html 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure5x/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4mark.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4mark.net/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
date: Thu, 10 Jun 2021 19:06:11 GMT
etag: W/"60257012-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: eWvIja5wBlnnth-gMnbYETUUtmbShiMo6j1BFlZIU4R0xWMOBpu4wA==
age: 82066

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame F7AC 16 KB
6 KB 21ms
20ms Script
application/javascript 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 21:47:25 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 10267592
etag: W/"60257012-40f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
x-robots-tag: noindex, nofollow
content-length: 5630
x-amz-cf-id: ewwHOqzn6z55ZfT5qCKstXOcGjd1k6XDNePnY7XuttIgY6yAeG5O-g==
expires: Sat, 12 Feb 2022 21:47:25 GMT

GET
H2 200 st.5583d3f0facb4d4a55d1a93224fb446d.js Show response
ws.sharethis.com/secure5x/js/ Frame F7AC 132 KB
32 KB 24ms
24ms Script
application/javascript 2600:9000:211a:4000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/st.5583d3f0facb4d4a55d1a93224fb446d.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:14:23 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 3904774
etag: W/"60257012-20eab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: EhOqJMU5N79SnHy0-nA7f3a4GJQ5FV1rujKJnL6m6_O-UhHOusYsgA==
expires: Wed, 27 Apr 2022 13:14:23 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 8866
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32b7dd62-9391-43cf-8213-e782bd3834ec
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32b7dd62-9391-43cf-8213-e782bd3834ec&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3D32b7dd62-9391-...

0
52 B

40ms
33ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32b7dd62-9391-43cf-8213-e782bd3834ec&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3D32b7dd62-9391-43cf-8213-e782bd3834ec&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623434038.361215,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19148-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=32b7dd62-9391-43cf-8213-e782bd3834ec&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3D32b7dd62-9391-43cf-8213-e782bd3834ec&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18432

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 8866 43 B
106 B 44ms
39ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 8866 0
239 B 31ms
27ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

200

rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 8866
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=87fa10bb-4d79-51a2-b56e-b0e3d5ad13d5

0
255 B

31ms
30ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=87fa10bb-4d79-51a2-b56e-b0e3d5ad13d5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17863

Redirect headers

location: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=87fa10bb-4d79-51a2-b56e-b0e3d5ad13d5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame 8866 43 B
427 B 488ms
99ms Image
image/gif 35.153.224.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-224-87.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 8866
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=RpAxCraeMY3T&ev=1&orig=trc&pid=562107

0
246 B

31ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=RpAxCraeMY3T&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19178

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=RpAxCraeMY3T&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-kbvks
expires: -1

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 8866
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1216095245932084365&orig=trc

0
256 B

32ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1216095245932084365&orig=trc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Fri, 11 Jun 2021 17:53:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16013

Redirect headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:57 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.230:80
AN-X-Request-Uuid: 170e47f4-b297-4acd-bb6c-c16d8e321ef6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1216095245932084365&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 8866
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK2PgWOJk-xC5o7neh3KfNs&google_cver=1

0
242 B

32ms
32ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK2PgWOJk-xC5o7neh3KfNs&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 11 Jun 2021 17:53:57 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623434038.955180,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19148-FRA

Redirect headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK2PgWOJk-xC5o7neh3KfNs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 8866 42 B
412 B 37ms
33ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3:$UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:56 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:353
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8866
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5
tbl-x-upstream: 10.41.14.127:10213
date: Fri, 11 Jun 2021 17:53:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16014

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 8866
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c276a701-c2b7-49d7-958b-350822c9cd09

0
204 B

33ms
33ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c276a701-c2b7-49d7-958b-350822c9cd09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 11 Jun 2021 17:53:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623434038.012209,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19148-FRA

Redirect headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c276a701-c2b7-49d7-958b-350822c9cd09
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 8866
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

37ms
36ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:58 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:58 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 8866 49 B
406 B 271ms
99ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-zvtlc
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 8866 43 B
696 B 95ms
26ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 8866 0
59 B 147ms
30ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:57 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8866
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4f08d9e8-b53a-4c84-b83e-655c648f57fd

0
256 B

60ms
57ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4f08d9e8-b53a-4c84-b83e-655c648f57fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21335

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4f08d9e8-b53a-4c84-b83e-655c648f57fd
cache-control: no-cache
date: Fri, 11 Jun 2021 17:53:58 GMT
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2875
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 11 Jun 2021 00:00:00 GMT

GET

gdpr_consent=
sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/ Frame 8866
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/6/2.gif?puid=dadc7bc0-8577-4708-a379-c2dd9c4e9a63&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZY6ZnVZRjdBpibTppSqbHYT-c9FBPIPS5rkAkg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZY6ZnVZRjdBpibTppSqbHYT-c9FBPIPS5rkAkg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fp...
https://id5-sync.com/cq/464/124/5/3.gif?puid=7ea4cdcb-2d6a-476e-bf34-d3c44ea94999&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/4/4.gif?puid=e_dff3debe-5825-47f0-833b-ebcd3e3bb2f3&gdpr=1&gdpr_consent=
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
https://id5-sync.com/c/464/9/3/5.gif?puid=jYf2FCQs5bCOgqCGAMNc5s_KW23OgEJ1IXZZgOcDsas&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESED3fTS7P7aHtIiAm0w6WH08&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1216095245932084365&opid=apx&ops=&utidl=tech:goo:CAESED3fTS7P7aHtIiAm0w6WH08&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A18027972446&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 8866
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=aYYWKXFoCiK471LwNqPDYA

0
246 B

30ms
30ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=aYYWKXFoCiK471LwNqPDYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17704

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=aYYWKXFoCiK471LwNqPDYA
date: Fri, 11 Jun 2021 17:53:58 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 8866 35 B
380 B 376ms
93ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:34 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 8866
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a551a1b0-3f37-40da-86fb-45f13f77362d&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fe9ac2b9-2d22-44ec-9cee-051ae2583d67

0
255 B

31ms
30ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fe9ac2b9-2d22-44ec-9cee-051ae2583d67
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Fri, 11 Jun 2021 17:53:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17533

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fe9ac2b9-2d22-44ec-9cee-051ae2583d67
date: Fri, 11 Jun 2021 17:53:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 1C86 2 KB
1 KB 44ms
42ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cZudbZahPOBsYvDOdnPtkk7eaBsnPiYA
content-encoding: gzip
etag: "be95692a7dfb1dc3e8629518230a5ec3"
age: 8531
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 899
x-amz-id-2: OG8ePuiocJutgam2H5hObi7DKciJh/x2ywyv4MORhgU4yG32TiOqKgQBNe50BZFIFEjb8DQXDAA=
x-served-by: cache-fra19148-FRA
last-modified: Wed, 09 Jun 2021 22:03:44 GMT
server: AmazonS3
x-timer: S1623434038.928179,VS0,VE0
date: Fri, 11 Jun 2021 17:53:57 GMT
vary: Accept-Encoding
x-amz-request-id: RGJG3VVQ49GFMTX8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 57
x-cache-hits: 1097899

POST
H3-29 200 rs Show response
ad4m.at/ Frame C887 1 KB
2 KB 24ms
23ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e444cb91672436a10b38e90f6c3cb59603a88dae5f2139be5a7a0a3437cbea5

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hgqmv7d5htjw7t5gawkag8w7xqc0r8gg5gjt5svf9re7my7cfj29x2600t4d4f3dvmaqvcftycrs6xsw5yn1q7kqg8d2zrkj98v9r95vb2pvdjtqvxnmhy6yvtb8mkaj9za1rh2waaj8ze3jg3x33a3hzp4t6843x5vmyd9yrrg1ga77m1m2fdf37dn66shvwrwpnrvvcvd8kfk56g79yrxg5xx0fjctyn1szbnawefc5ry6t577e6nz81vt5ajynw0hy09nsmghtmj86fg5dtzwkmqnf3xjz3w4bbqqew5x0cd2vqgxtn44ja57wq6cv6xhhv05zdk40fdpxhap50n4tpxgtsp0j55fsqjh4ztv00d82eyt47jk9s54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%26client%3Dca-pub-2246361437356141%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 17:53:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-backend-server: rs-1tg8
cf-request-id: 0a9dcea2a100004e19e0b9c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JBH0OIeBv6r6oNHqJGzflJwuz0Wqh4mce4DRZ5PreFdseDg%2FoPLDdbkaMn2bXHqsXMswfDudEnsN08CSbK4peKaMC9ME9qcnOEByzcpk9OEFPd5JEWf17fRjipKXSPvP"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 65dcb3b10a424e19-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 2301 9 KB
4 KB 36ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5a93bf4acd353cd98e53c7c17d8ce1c19a6f8814e0959e07dfc13e4d8afcc6d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:57 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a9dcea2bf00004abc290de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65dcb3b12bc64abc-FRA
content-encoding: br

GET
H2 200 / Show response
pips.taboola.com/ Frame 1C86 64 B
248 B 20ms
6ms XHR
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:57 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19172-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://tempest.services.disqus.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ Frame 1C86 0
155 B 568ms
106ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=90d2b8a3-1131-4635-b3c1-d7e05fecf4dd-tuct7bd28b3&uad=2fdc9dff64e35c1da87224be72196d266a5a59834b754e4e186adb6e48c6938f
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 17:53:58 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame 2301 59 KB
7 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 804968
cf-polished: origSize=60706
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 0a9dcea2e500004e19eb105000000001
cf-ray: 65dcb3b16b5b4e19-FRA
expires: Fri, 11 Jun 2021 18:53:57 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 2301 18 KB
19 KB 38ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Fri, 11 Jun 2021 17:53:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 163057
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UyhRPxWLzFSCNlrGuaU1AmZVc66ckyfiq2dkOcMzqZs09xFMcK033SWjozGW1eUYo6oWBm_kmbpz-aZEXg6aFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
cf-request-id: 0a9dcea2ee00004abcdc8a6000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wJpuWcNBna4XuvRsmC%2FKsuKOhlDo25Nr147AxSQefZLiCeGYFe1j%2FMr5lJ9hlaAL9KiSwWIsprrrzBnWo0kEBiOO4dB4cpY7UQi8hxol58agE284wbOnmj%2FRWEdjWmAAv7Rc13JWkg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sat, 12 Jun 2021 17:53:58 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 65dcb3b17cbc4abc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 2301 2 KB
2 KB 27ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Fri, 11 Jun 2021 17:53:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 159388
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-Uzreu9CvGthlP_pIs-Z_vTmQCgPXelW6kYRYNzLetN9fW6t8dmxsqwdbh84J2GiBSUNEQWqlNPgHKTIMIx9kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
cf-request-id: 0a9dcea2ee00004abc3b911000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F84%2BhWHYd4eN24fU60lnFSzl5x6Wj15CtPSraVdhXPqwtcMLKCWprBtzE0VkyrrPdrgri6FC7YrePikoL6f5pFA6NPc2gstJYCmnkp3AS5PCwe6l92934eDS4l7szweIg3MBv6epHw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sat, 12 Jun 2021 17:53:58 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 65dcb3b17cba4abc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2301 43 B
702 B 125ms
61ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:58 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 2301 38 KB
39 KB 46ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Fri, 11 Jun 2021 17:53:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 161770
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-Uzr0EZTIv6pOlWGMgCnZcV3MGJplnutecQHagh-_nZW8krEyfduo6riFvizPc2l-swXADlCTT4PS9XPCIAGK_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
cf-request-id: 0a9dcea2ee00004abc1f296000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fGNd0YhdEVtZi5%2Bj1fvFlnG86lflh%2B5yIKLSCrrPnPZ7JOUk%2FGmJA9c3DKgMU5SOooqVWCHGtEbKrn89oGzYF4Luad0cKNdMNuTV%2BDsz9vORn6hjZXuVBF6uofvU6o9KfClbHC4eNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sat, 12 Jun 2021 17:53:58 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 65dcb3b17cb74abc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 2301 113 KB
113 KB 28ms
21ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Fri, 11 Jun 2021 17:53:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 156222
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UwTiWM0sSDXjOVudxEcMPfTJw3f31CFwdTo34aMqGsdDgCq7w-tbTAMmQZI5dJkrVqWCh5VQKcA7lEEeFr0QZg5kNjhzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
cf-request-id: 0a9dcea2ed00004abce8b22000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Gr7YKcuUWc%2BSYGRTldUz3tELwZfuZQBu5Q50IwgR8CyGFeo3t2okhYOm%2FoX1Tr%2Bsu6rgfgxnoNSPcQXv8pzHRQJvRykQz1ALu92qXXQncr%2BwvpSenlVs8sPYxpHKtuyI7WVEhVn2TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sat, 12 Jun 2021 17:53:58 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 65dcb3b17cb44abc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2301 43 B
702 B 182ms
57ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:58 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 2301 38 KB
38 KB 35ms
29ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Fri, 11 Jun 2021 17:53:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154599
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-Uz_yiSFar8GZ6iwTnaXe11d2dRzGawI2yk4fU5eaGHJ-7skv4UDSnWWd_OoQfdMsc8UCaeD-u6eGKdm9hcKt1M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
cf-request-id: 0a9dcea2ee00004abcf79c4000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7HtFXWKWpg0mjaZaObNX87rp7r8gEfwd8zEdy2LUY8OScK8%2B4HAjQoNltmw0op%2Bm9%2BZ%2FKIha3dlpjEidsaOR9RM08H%2BI2%2FB7PmonvDpHh%2FVpy2n%2BbYlvSvb1Pz5K2mr4lnWrT6P20w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sat, 12 Jun 2021 17:53:58 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 65dcb3b17cb04abc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 2301 84 KB
84 KB 35ms
29ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Fri, 11 Jun 2021 17:53:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1630591
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
cf-request-id: 0a9dcea2ee00004abcd78b3000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=m9%2FKyDX3bZvcMjpuCcpSJAgUob69xweYYaPOQVLn87x8rDLsuV4c2mHBk2PjwRX%2B8a5nUJESSoEX0%2Bxp2YwnqBiHJzz6eDOHxIdjks8QtLtjrs9DnWQpDlMrt60eWbY%2BpaQAZtxsZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sat, 12 Jun 2021 17:53:58 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 65dcb3b17cbd4abc-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 2301 12 KB
12 KB 209ms
105ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 70682e1c1254bd646729e3f4ff25bb349579af42f61b56574818f7285f837ee1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:58 GMT
Last-Modified: Fri, 11 Jun 2021 17:53:58 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 3AED
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb2ef676-3640-4b82-83c0-e7f9b0123c2f
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb2ef676-3640-4b82-83c0-e7f9b0123c2f&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3Dbb2ef676-3640-...

0
52 B

34ms
34ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb2ef676-3640-4b82-83c0-e7f9b0123c2f&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3Dbb2ef676-3640-4b82-83c0-e7f9b0123c2f&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623434038.385842,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19148-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb2ef676-3640-4b82-83c0-e7f9b0123c2f&tbid=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5&query=taboola_hm%3Dbb2ef676-3640-4b82-83c0-e7f9b0123c2f&isDirect=0
tbl-x-upstream: 10.41.14.57:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18134

GET
H2

200

rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 3AED
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=5b41a688-9af3-51a2-a934-fe63c9f75d55

0
256 B

31ms
30ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=5b41a688-9af3-51a2-a934-fe63c9f75d55
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17863

Redirect headers

location: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=5b41a688-9af3-51a2-a934-fe63c9f75d55
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame 3AED 43 B
428 B 296ms
98ms Image
image/gif 35.153.224.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-224-87.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:58 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 3AED
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kPyjJ0gD9idX&ev=1&orig=trc&pid=562107

0
247 B

31ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kPyjJ0gD9idX&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.104:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19178

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kPyjJ0gD9idX&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-t5mf7
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3AED
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=22827ccd-7c2f-48f6-b3ed-baf5b26ce699-tuct7bd28b5
tbl-x-upstream: 10.41.22.84:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21335

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3AED
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4f08d9e8-b53a-4c84-b83e-655c648f57fd

0
256 B

37ms
37ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4f08d9e8-b53a-4c84-b83e-655c648f57fd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 20096

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4f08d9e8-b53a-4c84-b83e-655c648f57fd
cache-control: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2397
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 11 Jun 2021 00:00:00 GMT

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 3AED
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ETwYeMU5AkKeHyj8NqPDYA

0
246 B

31ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ETwYeMU5AkKeHyj8NqPDYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17704

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ETwYeMU5AkKeHyj8NqPDYA
date: Fri, 11 Jun 2021 17:53:58 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 3AED 35 B
380 B 382ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:34 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 3AED
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=ba4ca459-0781-446d-ad6c-963759838fcc&ssp=taboola&user_group=1
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fe9ac2b9-2d22-44ec-9cee-051ae2583d67

0
256 B

31ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fe9ac2b9-2d22-44ec-9cee-051ae2583d67
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.104:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18134

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=fe9ac2b9-2d22-44ec-9cee-051ae2583d67
date: Fri, 11 Jun 2021 17:53:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 sd
u.openx.net/w/1.0/ Frame 3AED 43 B
106 B 25ms
23ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:58 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 3AED 0
239 B 250ms
249ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 3AED
Redirect Chain

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1216095245932084365&orig=trc

0
256 B

34ms
34ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1216095245932084365&orig=trc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Fri, 11 Jun 2021 17:53:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19630

Redirect headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:58 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 9e000732-0e9f-4f88-b193-80d5efdcdbdc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1216095245932084365&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 3AED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK2PgWOJk-xC5o7neh3KfNs&google_cver=1

0
55 B

37ms
37ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK2PgWOJk-xC5o7neh3KfNs&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 11 Jun 2021 17:53:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623434038.145752,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19148-FRA

Redirect headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEK2PgWOJk-xC5o7neh3KfNs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3AED 42 B
237 B 249ms
248ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3:$UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:56 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:375
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 3AED
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c276a701-c2b7-49d7-958b-350822c9cd09

0
54 B

32ms
32ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c276a701-c2b7-49d7-958b-350822c9cd09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 11 Jun 2021 17:53:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623434038.244162,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19148-FRA

Redirect headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=c276a701-c2b7-49d7-958b-350822c9cd09
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 3AED 43 B
687 B 36ms
35ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3&us_privacy=&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:58 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 3AED 49 B
333 B 99ms
98ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-t5mf7
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 3AED 43 B
438 B 53ms
53ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 17:53:57 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame 3AED 0
22 B 30ms
29ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:57 GMT
content-length: 0
content-type: text/html

GET

gdpr_consent=
sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/ Frame 3AED
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/6/2.gif?puid=dadc7bc0-8577-4708-a379-c2dd9c4e9a63&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZY6ZnVZRjdBpibTppSqbHYT-c9FBPIPS5rkAkg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZY6ZnVZRjdBpibTppSqbHYT-c9FBPIPS5rkAkg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fp...
https://id5-sync.com/cq/464/124/5/3.gif?puid=7ea4cdcb-2d6a-476e-bf34-d3c44ea94999&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/4/4.gif?puid=e_dff3debe-5825-47f0-833b-ebcd3e3bb2f3&gdpr=1&gdpr_consent=
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
https://id5-sync.com/c/464/9/3/5.gif?puid=y9S5glO2BK8usxAodgStCt_Y-Mk5GyD90tylyl3ljLI&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESED3fTS7P7aHtIiAm0w6WH08&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1216095245932084365&opid=apx&ops=&utidl=tech:goo:CAESED3fTS7P7aHtIiAm0w6WH08&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A18027972446&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

0
0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 4628 2 KB
1 KB 28ms
27ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210610-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cZudbZahPOBsYvDOdnPtkk7eaBsnPiYA
content-encoding: gzip
etag: "be95692a7dfb1dc3e8629518230a5ec3"
age: 8531
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 899
x-amz-id-2: OG8ePuiocJutgam2H5hObi7DKciJh/x2ywyv4MORhgU4yG32TiOqKgQBNe50BZFIFEjb8DQXDAA=
x-served-by: cache-fra19148-FRA
last-modified: Wed, 09 Jun 2021 22:03:44 GMT
server: AmazonS3
x-timer: S1623434038.110608,VS0,VE0
date: Fri, 11 Jun 2021 17:53:58 GMT
vary: Accept-Encoding
x-amz-request-id: RGJG3VVQ49GFMTX8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 11
x-cache-hits: 1097901

GET
H2 200 / Show response
pips.taboola.com/ Frame 4628 64 B
122 B 6ms
5ms XHR
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:53:58 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19172-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://tempest.services.disqus.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ Frame 4628 0
155 B 1280ms
87ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=97acf11b-317a-4b80-9e49-98d592c52838-tuct7bd28b3&uad=2fdc9dff64e35c1da87224be72196d266a5a59834b754e4e186adb6e48c6938f
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 17:53:59 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2301 60 KB
60 KB 3345ms
107ms Script
application/javascript 13.225.222.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.222.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-222-42.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 16:21:09 GMT
via: 1.1 ab00cdb05d9e58b648b9b6b09875b196.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:27:08 GMT
server: AmazonS3
age: 5604
etag: "4f1db9fdf90b4f2a5576501528dc54bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: JFK51-C1
accept-ranges: bytes
content-length: 61124
x-amz-cf-id: s9CYVhzbx6cuEvZzbi6Lga8CXBBF4YvrBi_FZuyi8-u_xlA3v-3iSg==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 2301 79 B
374 B 3171ms
41ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ZWH54EKGXrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiJhw.5B0KB.D9JtJ9Xvj_UaHzCpxv5icCmVWN9e4WX3NlY5DtFrfs.2Dg&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221623434038%22%2C%22%22%2C%22%22%2C%22%22%2C%221778954038%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=22439a37cd9e9a9f1bdf5285ec438d75&userIP=82.102.18.114&doAffectv=1&wgtime=1623434038
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: d1e797c515a409448d82f20dc32e107fdaa19937330cfa859b6233e82cb2312a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 17:54:01 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 2301 85 KB
85 KB 88ms
32ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidApEhYf9muK2PaAHRH4tktMA2TMt4T1Eoneid__suite_Netmix_Reach13&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=&g=7a0ccfac837dd20299d492f8d804fc46%2F11709051360443653047&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22wkfm5843vha2v54btjbamvhs7j441v5kfkgxyk3m6hda2qmbbmq3aqecxj2cza466w462ch86mwwwz6my1t8n8bd28h05vrqxqqyw673zkxtrfrmra6kyaxbys5kdpcdsgxtpg11jdwqs8ag7rnm2dk7pkgxc571p4fgefq80mzgf0ncn29nnv4dg3mgavrh2mvd8rpeg52rn63brvdc3dqxdr298rrhzdfda7d8hc7s8hq0tdsy4y6srkg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8F3vM6PDYP3YBNuB1fAP9IGg-AyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTIyNDYzNjE0MzczNTYxNDGgAcKu6N0DyAEJqQKonzCULVm0PqgDAaoE5gFP0H5wRx8FVVVtuaQPaf-HutbJFNpWy2G8XSNHqScZ9rA3Wtk2VkzJ_U863dROnTXyKp-ZNCfbJlts9EPPAy6zo4QCINsLUu316oc7sJU1yz2BpwvJgPK9HaICaDO80mLpPsKpjfF-xRBry6O0SKUNWivnSEOljHnOrNxZQza6VPoRQh2ZW1p2-pel4V-zGjbmaTyEFPawtYhdRWj8bEjdLAWXTBS9qMG2f0uu-1-bIyuTz8588YE-Vpv3262Jmq9poOwOCxLZnE4L4Puy6YkWZhFZOpXpsWyX0uzo-ISkGWu1yrYrgIAGwO-JyvO-hoCOAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0OUn0UEZzdyZ-w67rk2WTI57ATxA%2526client%253Dca-pub-2246361437356141%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 17:53:58 GMT
Last-Modified: Fri, 11 Jun 2021 17:53:58 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 2301 63 B
270 B 131ms
44ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ZWH538FHg4i.uJtHoqvynx9MsFyxYM914Ve_clrAU.0Y.KI.2X_DK1civtMtVjm6jNpp0iJ3A0KFgBFY5BNlr95xU..3At
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 17:54:01 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 135ms
37ms Preflight 52.209.181.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.209.181.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 11 Jun 2021 17:54:02 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2301 16 B
232 B 77ms
77ms Fetch
application/json 52.209.181.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.181.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Jun 2021 17:54:02 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 2301 44 KB
45 KB 108ms
40ms Script
application/javascript 13.225.74.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 11:10:51 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 25008
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: GZNIS7fjkLS3vQeMwVW-WLHzlBcjA-dbL8gPOvuT8bMHdrfRgW0EyA==

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 2301 18 B
205 B 54ms
26ms Script
application/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1623434042470
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 17:54:02 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 1b9a9257e3a7b5f8a9b06cf08b646681
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame 2301 0
75 B 30ms
28ms Script
application/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16234340381392_5318b1580b&programId=12607&expiry=1778954038&acc=wg&scriptTag=&type=postview&indicator=e5ac9fe9715a5705db8acd899076e7ed&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: f9982ce25661ece8aa05f5e185d63828
server: Google Frontend
date: Fri, 11 Jun 2021 17:54:02 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMOjMzEtCV-MMaCQzsiCMAAABG4AAAAB&google_gid=CAESEBE-y1mpqjjJbhwuz3iLm1E&google_cver=1&google_push=AYg5qPImLYHtanZcBLRDMRaIpiGO8mJaCtoxP3vYEdNd08UM3z8BKhpUhJ78J17Fyq1y-wISzn61VlD0r1wRKsL8t8MzEh97aQ8

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rlcdn.com/	1970-01-19 20:23:38	Name: pxrc Value: CLTGjoYGEgUI6AcQABIGCLrqARAAEgYI6uoBEAA=
.google.com/	1970-01-19 23:20:45	Name: NID Value: 216=Fn6Rcqr_0-6DTCVTSu7X5EgEYo8O3tK4oqN3IMxvuYaQXPde9TH9xc5To5-5zpJ96E-cE9fRznbm46yk9N5lA_XHjQ6MuaxZXrgZC3SFmjFxU1f_CJg32W1an1aoqLF4JLoJcPLQZifmqfyVJLhZ5c5UcWOGshmG0u2kFpVBgmg
.disqus.com/	1970-01-20 03:42:50	Name: disqus_unique Value: 34t5n633mvo80i
disqus.com/	1970-01-19 18:57:15	Name: __jid Value: 34t5n5e25i74pr
.4mark.net/	1970-01-20 12:28:26	Name: _ga Value: GA1.2.1135266042.1623434035
.4mark.net/	1970-01-20 04:18:50	Name: __gads Value: ID=d0ef379b5c3842b9-22847346ddc800ad:T=1623434034:RT=1623434034:S=ALNI_Mb3qELc839VdAkog25A5JzO3mHchg
.4mark.net/	1970-01-19 18:57:14	Name: _gat Value: 1
.4mark.net/	1970-01-19 18:58:40	Name: _gid Value: GA1.2.431473814.1623434035
.rlcdn.com/	1970-01-20 03:42:50	Name: rlas3 Value: 7ktaflc7pxd5JdLo1wCfzC9T3o4w/OgrCGbbKy4lFII=
.doubleclick.net/	1970-01-20 04:18:50	Name: IDE Value: AHWqTUkfXHRy7mLoDSCWEWEUHoz4IXKTHjD7Djn6FLj6qt34biX6hOjEu032-FX_29Q
live.rezync.com/	1970-01-19 23:16:26	Name: sd-session-id Value: .eJwVykELgjAYgOG_Et_ZgziLEDoERgjtE0UQvUjpoJmb5WblZP-9dXtfeFZonmwSV8mkhkhPM_OgHbg7BdEKHVev2RW0JNRbuSNEvMe9z8F6oJhSfJQN7_5yc3MK4_yRxvkdi6Ouz8hx8X1qkvBSJgRNouuyClBkSy2yLxYDT_tTQHvqTPahppqpoQew9geyHzIA.E6U0tA.9KME5TFM0FETJyi00awWtPP7fEk
.rezync.com/	1970-01-19 23:16:00	Name: zync-uuid Value: 44d84a50-dcb7-4328-b772-ef66d2fd159b:1623434036.33

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
15.taboola.com
4mark.disqus.com
a.disquscdn.com
a.sportradarserving.com
accounts.google.com
ad4m.at
ad4mat.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
analytics-wg.webgains.io
analytics.webgains.io
ap1.pbase.com
api.webgains.io
apis.google.com
as.ad4m.at
assets.ad4m.at
bh.contextweb.com
bttrack.com
c.disquscdn.com
c.sharethis.mgr.consensu.org
cdn.shopify.com
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
count-server.sharethis.com
diapi.webgains.com
dis.criteo.com
disqus.com
diytransport.com
e.dlx.addthis.com
e1.emxdgt.com
ejp.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
forms.idoc.idaho.gov
glitter.services.disqus.com
googleads.g.doubleclick.net
gum.criteo.com
i2.wp.com
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
io.narrative.io
ipsnoticias.net
jadserve.postrelease.com
l.sharethis.com
links.services.disqus.com
live.rezync.com
match.adsrvr.org
match.taboola.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
odr.mookie1.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
penzu.com
pips.taboola.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
prod.perf-serving.com
realearnmoney.com
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
s.c.appier.net
sb.scorecardresearch.com
simage2.pubmatic.com
ssl.gstatic.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.crwdcntrl.net
sync.taboola.com
tempest.services.disqus.com
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
u.openx.net
uberant.com
vidstat.taboola.com
w-it.m-t.io
w.sharethis.com
ws.sharethis.com
www.4mark.net
www.awin1.com
www.cpdn.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.mactel.ca
www.posts123.com
www.sabaiydee.com
x.bidswitch.net
cm.g.doubleclick.net
sync.crwdcntrl.net
104.111.239.217
129.67.193.7
13.225.222.42
13.225.74.66
13.32.2.89
141.226.224.32
141.226.228.48
142.250.181.226
142.250.186.98
151.101.112.134
151.101.112.64
151.101.12.64
151.101.13.44
151.101.192.134
162.0.209.115
162.144.0.108
164.165.7.69
172.105.221.240
178.250.2.151
179.43.113.26
18.193.144.52
18.195.155.181
18.195.240.234
18.198.109.212
185.33.221.15
185.64.189.110
185.64.189.115
185.86.139.115
192.0.77.2
192.132.33.46
193.0.160.129
198.148.27.139
199.232.137.44
199.232.198.49
2001:4de0:ac18::1:a:3b
2600:1901:0:76b9::
2600:9000:206e:1000:c:a9b7:ddc0:93a1
2600:9000:211a:4000:3:c04e:c780:93a1
2600:9000:211a:8e00:6:8656:f5c0:93a1
2600:9000:211a:c400:3:c04e:c780:93a1
2606:4700:20::681a:bd1
2606:4700:3032::ac43:aa7a
2606:4700:3035::ac43:8768
2606:4700::6810:a00d
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200d
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2013
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9b
2a02:2638:1::13
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::300
2a04:4e42:600::268
3.124.251.221
3.127.166.11
3.209.191.86
34.232.169.188
34.98.64.218
34.98.67.61
35.153.224.87
35.196.153.42
35.227.252.103
35.244.174.68
46.236.13.147
5.175.3.206
5.175.5.64
52.209.181.46
52.39.107.107
54.229.111.52
54.76.227.154
69.16.238.134
69.173.144.165
72.251.249.9
76.223.111.131
81.29.72.47
88.212.252.22
99.86.241.13
99.86.241.67
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
0547893c70d3047b075ad887fff14ea6efaeaca85a5d39f4056c6c804ae6519c
0932077174a2d9a267a1458d40842414ee1f7c8e91b9230a9f32343b39b6587d
095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b
0a0c09e1e97f172c235c9dcb12dbcd2c20b6bd1bce3a0fe453b245139ededbac
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bae6cd2133098c754007d9037e7079d685dfd82fcce02f25605753058585dea
0e430441e9833f9e3b9219b4837068670afbb50171678365b95f45de9291b632
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92
1816d947d4d4bafd1c4f03793110f64a56b2885ee29fc9fae3c226cea8bc2757
1a1c450df47bd35d38d3d744036a9de016b30f360535979ace68cc2f14cc7be5
1ab2153b514db5c1ac3b5b0f4461f5c488f5cb7c8b4544af6e1c7a2af3404e8f
1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb
1c5d4409cbfbad0acc97ba77ec5c9828bc0eaad3430b4474b963c5f4ba091029
1ce894f9a8a3a86374b21b089508ae83f240f907c60d5d23b545103c1d6d75be
1d6f6b8d7034c7f39754966e0c701d53f46ebf89e60bcb2fad0c714531b3bf64
1e10af313c557dc0079253e5a343699e49106acfe441fe006c742c1b0ce51a0d
1e73bd64edcf6b9b779802e3124b7c484db59493c8252fff3c2af5f8a0375434
1e9604b3045b0059b1cb7b8a936ca4be4744bbcc8259e3bed441f80970f1f9a0
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
21a5dd93a5bf922d40803eaa54f2190fae4bb77a04894577b6939196612118e8
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2893f77eba4141e525b48695ade3adbe09acc35f2d91cf3f7bd9cf7404d9dd34
2a26cfdb9775a00de1ff890c8d1cc78036be9cafa7ef4a659182259edd4413f9
2adde87326f606755a71137887168a87aa80c19e6c3fe306ccef8328d1caaf1d
2c0f435fca8cf8a0382da15ab8e1f25e0d3bfb6939c2c7f8b4f8fcf8d5a1e819
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3822b897f1eb08ba5e7afa130a0866d2616b80db9de763b21bc555c4aec1d52d
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3ebc7c8375b9ed4fdbb6c795d8662c7e79dab5ec054abf49018da33e4f1b91dc
3f2edf41a656bd4427e323267e8e4ffed4eb9005b2496152a2b38297bd9c3c99
3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c
40b10336dfd25f2124f44e5c6e0003c3ea4c8b250f198791a052aa999bcf02e1
4699bb1f70cfbbd1a9d98526a14fa8702eb974764ee6ff4f841a844205af6414
47c1ac2e88d06479a7bda88be7c0c01bf368aaa0bed4d894e6c2c179b0ce6357
481e97c1373314243ac83c1b1c9f466b9ce65b95f5fd4b82538f032d976820a6
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
48503c9b016f1f748ae2793d7ef479cbc0a635759b45de7d734f00e58104102d
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49e7fb5874a634dd52f963b5c0bb41e39fc6ac418227183bb03090610f570901
4b3e60fd6e52b6e4e0a3235609611b8bfa0d5c91c7c578ea1673857b94a45fdd
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413
4e444cb91672436a10b38e90f6c3cb59603a88dae5f2139be5a7a0a3437cbea5
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
560f31523e89b638075a88c6435155ba2f94b97359d9fb661444a766c01b3029
58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb
592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8
59433eae456916d07b9af106cd6e5a39e9ca36b2e23e3836c4557e33a8476a56
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
62a89e4c058b477bee9ff0f6a980d054ea7c5b46e225b4d24a6acde4bce4fb9a
64a3a49e4b9194026ea605e85e67e7806516a345165f196a38bc9e13b525c38a
65868622f5681b69bdab392fc96d26b6b57e966b4085e260a4d7dab6edc24acd
664151db09e75d1bfa1da782f064245566b25b3a73f48ada211cce019a994f04
666a5547987058503dbeb6d0ee50c8980d261ade81d690b7117b62768eb38c2c
68ca4859fce4c6d10cb920d1a8d9027f2a24031b7617167f86e53c3f93c3b829
6a200162853df13c7ca4889afc5f882617a2e42b4927f401064fc836bae58710
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f628aa75039a3417d1d1e439acbc5b0338500d14e44fd354b8ea14b17916e43
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70381620e4caa586c0338ab6a56b589a17d39434418c709dc7e97d18bf440674
70682e1c1254bd646729e3f4ff25bb349579af42f61b56574818f7285f837ee1
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
72f2fa29869b9acbc03be0f6a199288e9686424280520995ddd8834156ff1310
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
7546ccfc4a0a0ab6088d710363e10d4b9566385016a1c43a883f0255da5b76ee
78ae44d17ca7fbcc352d2b4d6c0a0bb3ac42fcf8652b5a68d4e1cb1b43b8ae96
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
7ee2b0bd78c689a50355199b5df527a4816f99cdc5ce3871656fdb6867b655df
80a65ac4fbd69783b6dd5fd1da694137f12889438e78098d6b67a3fe4d454539
823b8ca58a18d79fe2253acdb7e6e944b02e8f5e55d28ed47f43d38748e5cc5c
828d2a6cc1c1fce8b6069844f92eddf8ea4e4a177e29c142b325f4ad06cde380
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8afdde25674d742bf5bb60d7325fc5d48ed80ffc6613c78167d7030ed7863089
8beb64042187cc51fd691d55ff0221b6e9abf5ac8abe9dd494797d694f8b49b5
8c07db0f8c47b64b9ff91a2201556577db2737e2db7f0b0b4f1cbe5920a03a81
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8e1162f5e5da23ed608b602c882b8ed5295b6c1cdfc8c9c4af858d95c9b38a84
8eaa72192e6e1be9d875588d1b485a7ea34d52793f76680c30e6645a1614b9e7
93eecd05275c8a2511850e68ee31978b955f9b3685124433e5a53c939d506c96
95902542c04c4db487ed6aaa02f166006b7fb7580d68f0975e4cfb6dbf7ffb83
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
9a84baeb6a4010282cee438ffc78a344f3ef1c861c58c73d5b0fa877a347af82
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dc03012086ebf3cf2d0a97afe111b567678711ae1ab60e58bdedb16a4fbf143
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a93bf4acd353cd98e53c7c17d8ce1c19a6f8814e0959e07dfc13e4d8afcc6d
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
a5ff475f9c22440bd946ea12b2365c8ef0b90dcec2007e55510b476d41e7b597
a9d250db6b377dcc698f55167295d617b6eee4d5936121ff91eca5e7e140c361
ab4e83dddf1e6412217bd98e9dc449eadcf689d3198d7a52c4248f6a8b4e8192
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ad3dfa52f49c4d1fa322fc1371f0f617ccaf991456640e5ffeffee9cf6c03d8d
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afedf9c11d31c952d34d1ae8437f62fd4ba216e1c26cffcfec4a23b0c47db670
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7
b30ee506cc3db8bf6f1676547777cc5560f868a194d265a9c9a3025d97eec430
b3aab8e5f948e10663526612cd50c62e9a3c9090a22e6dec8c18539ec5c538a8
b7d94d734a63cd9e56bada53946280f54c159b740c38652f1f612593e7679f79
b7f115b1794b5c090c8632d5abe2a32bf54a0c4e0845eeb7b6e41ddd45bbced9
ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c
ba5fe7ace3d49a823dc7393554fe97845d73972c3d6f7d0d1a514894a79af1da
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb591573c6d393cd831d196e31a3b9dbeaa8d1d1c144e8e3c6940b32c607f991
bd259cf2645aec751e58b90c318412801ea956709108f34bfb81ed63453c421f
be898880f54a6d13ae605c2f851c98ac5940d197cdafb604172eb04e46545235
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a
c0a8afa7bc235a0c062ca0406d6ac37b86da87c63929147b51b8587b171d8936
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c218890ddb9bad5f574d6a00d9bba5b91234b684e78395f359c9f504ff33aea0
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c308c8fddf687a0c3d845d86333d3a596d62579f4551e41c6addccac8c73906c
c6d530197393988cfa840fdfe6f2cad81353a523398e861c0521b52f03b1b43b
c709936c5623073ed3d44f270c85f967b44822dcf9379c84ab8b956ae39d6916
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca24383d54a1679861156231bbb4b306904a955a142e16b4a3bf6d0267300deb
ca5d311b54c98942afc2e608f8e5ca14534f2367ebef046d0813cd025c9db5be
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cdd03ee801bc0be53a653f590abab5c62ca4c39bc0db85aadd0255ab5ef98dd5
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d1e797c515a409448d82f20dc32e107fdaa19937330cfa859b6233e82cb2312a
d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea
d336656fdf014272d55a63451cc0c1ca9c56a42fbbd8111b3bd8673a3b3fdc11
d3c7e6e1b0872579e08f4964fb77269d209344c634c21d557adb4499fa4ad436
d42a5154973ce1847b0f60cd27dbde653347daf6169ed714e2f4a71a87f33a0c
d4a48c00f72c626725c027ef33e9ab790172121d96a8e8bb3e95d8d868c6554f
d5e19c74e14510d16a8293f718ad7a29de78d80d3f902614678b48420951464f
d7e6804e0f55fa09ec9a6ea1bccd64ca993a297de1681f72e9bc761bb745861c
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
db6bb8deec411d8a3162980d195f6dac39c6bd7bf56d07422fa0d9884cd5ce38
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e194a07b3bf133d774beaa8077ad36cf5b73447aec78d1180d6facc0f2783da2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e71e2e3d169ca8921057cd600e8c0ed982c91cac1ac9c799389357ebc0e3511a
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e
eaf2805a9783713ad47e749e291c6f090dbc96fb43c854b04daf5d01baef00e5
ef1405f179fa8657a3f496b3007bcc32bc1ded77779fcaf2f61fc4d60d905b07
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2c65c21c546b55123d3d20906879b2b4864738989bf7b46f755f3eb7b7adb94
f3103d365a3d8a3a4a5c4f9cabd293a6f8f47b70c6eb863b480056f76b99c92c
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
f63eebfcadb7e00204c9d5100d6c791391ef0df2c17d8d38af013e4b9c864b0e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
f9d8263695a9bd12a3ec574db87a9390d616e2b00b397f2c02bfb1758269d665
fc0b5d644cb205147eeaaba7ab07067f2b65a7e9c97c2f3f12b5da19af4530f9

www.4mark.net Open in urlscan Pro 5.175.5.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

306 Requests

89 %HTTPS

37 %IPv6

67 Domains

105 Subdomains

82 IPs

10 Countries

5045 kBTransfer

9402 kBSize

12 Cookies

20 Outgoing links

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.4mark.net Open in urlscan Pro
5.175.5.64 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

89 %
HTTPS

37 %
IPv6

67
Domains

105
Subdomains

82
IPs

10
Countries

5045 kB
Transfer

9402 kB
Size

12
Cookies

306 HTTP transactions
2 data transactions