urlscan.io logo urlscan.io
SecurityTrails logo

www.4xdirect.com Open in urlscan Pro
172.67.130.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.4xdirect.com//
Effective URL: https://www.4xdirect.com/
Submission: On August 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 13 domains to perform 28 HTTP transactions. The main IP is 172.67.130.23, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.4xdirect.com.
TLS certificate: Issued by WE1 on August 3rd 2024. Valid for: 3 months.
This is the only time www.4xdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 172.67.130.23 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.67.36.180 13335 (CLOUDFLAR...)
1 2600:9000:249... 16509 (AMAZON-02)
1 2 20.43.19.119 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
5 193.3.184.140 50214 (QWARTA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 142.132.138.215 24940 (HETZNER-AS)
28 10
11    172.67.130.23 (United States)

ASN13335 (CLOUDFLARENET, US)
www.4xdirect.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.67.36.180 (United States)

ASN13335 (CLOUDFLARENET, US)
www.vanguardngr.com
1    2600:9000:2490:1000:1d:b722:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.images.express.co.uk
2    20.43.19.119 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.tbs-sct.gc.ca
www.tbs-sct.canada.ca
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    193.3.184.140 (Russian Federation)

ASN50214 (QWARTA, RU)
www.acint.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.132.138.215 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.138.132.142.clients.your-server.de
www.acint.net
Apex Domain
Subdomains		 Transfer
11 4xdirect.com
www.4xdirect.com
206 KB
7 acint.net
www.acint.net — Cisco Umbrella Rank: 20891
24 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
1 gstatic.com
fonts.gstatic.com
51 KB
1 canada.ca
www.tbs-sct.canada.ca
28 KB
1 tbs-sct.gc.ca
www.tbs-sct.gc.ca
224 B
1 express.co.uk
cdn.images.express.co.uk — Cisco Umbrella Rank: 59252
32 KB
1 vanguardngr.com
www.vanguardngr.com — Cisco Umbrella Rank: 294273
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
0 mbfbank.to Failed
mbfbank.to Failed
0 arabianbusiness.com Failed
www.arabianbusiness.com Failed
0 ngrguardiannews.com Failed
www.ngrguardiannews.com Failed
0 warwick.ac.uk Failed
warwick.ac.uk Failed
28 13
Domain Requested by
11 www.4xdirect.com 1 redirects www.4xdirect.com
7 www.acint.net 1 redirects www.4xdirect.com
www.acint.net
2 www.youtube.com www.4xdirect.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.tbs-sct.canada.ca www.4xdirect.com
1 www.tbs-sct.gc.ca 1 redirects
1 cdn.images.express.co.uk www.4xdirect.com
1 www.vanguardngr.com www.4xdirect.com
1 fonts.googleapis.com www.4xdirect.com
0 mbfbank.to Failed www.4xdirect.com
0 www.arabianbusiness.com Failed www.4xdirect.com
0 www.ngrguardiannews.com Failed www.4xdirect.com
0 warwick.ac.uk Failed www.4xdirect.com
28 13

This site contains links to these domains. Also see Links.

Domain
bitcoinevolution.com
bitcoinera.com
www.reform-ireland.org
wordpress.org
themes4wp.com
Subject Issuer Validity Valid
4xdirect.com
WE1		 2024-08-03 -
2024-11-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
vanguardngr.com
WE1		 2024-08-03 -
2024-11-01		 3 months crt.sh
cdn.images.express.co.uk
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-27		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.acint.net
E5		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.4xdirect.com/
Frame ID: 449B17025A13A1D90CC37886F11F2D18
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/tU7GkMOjcZE
Frame ID: CC85E319F524E24A8E1914140588F1C2
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/wlWZ20lqcdg
Frame ID: 511BBA05A95206695F8933746489AA25
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 873F3A37E841068384F77D597C030ADC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

4X Direct

Page URL History Show full URLs

  1. http://www.4xdirect.com// HTTP 307
    https://www.4xdirect.com// HTTP 301
    https://www.4xdirect.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

28
Requests

79 %
HTTPS

44 %
IPv6

13
Domains

13
Subdomains

10
IPs

5
Countries

365 kB
Transfer

633 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.4xdirect.com// HTTP 307
    https://www.4xdirect.com// HTTP 301
    https://www.4xdirect.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www2.warwick.ac.uk/about/campus/tour/su/students_union.jpg HTTP 301
  • https://warwick.ac.uk/about/campus/tour/su/students_union.jpg
Request Chain 12
  • https://www.arabianindustry.com/static/content/images/larger1/14176-404834.jpg HTTP 301
  • https://www.arabianbusiness.com/static/content/images/larger1/14176-404834.jpg
Request Chain 13
  • https://www.tbs-sct.gc.ca/rpp/2007-2008/NEB-ONE/images/fig6-eng.jpg HTTP 301
  • https://www.tbs-sct.canada.ca/rpp/2007-2008/NEB-ONE/images/fig6-eng.jpg
Request Chain 21
  • https://www.acint.net/mc/?dp=10 HTTP 302
  • https://www.acint.net/mc/?dp=10&tc=1

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.4xdirect.com/
Redirect Chain
  • http://www.4xdirect.com//
  • https://www.4xdirect.com//
  • https://www.4xdirect.com/
49 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
468dbc94cf52002acf99c23638b5dfac51ff0fab34097a3c7d195564b0c0dc67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af4191cee7f9701-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Aug 2024 03:14:43 GMT
link
<https://www.4xdirect.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDLT51QOZ%2FzZm1lvf7Ov0xe3ze60t53nsRdsBUlDNfoHd7UywVxWbnTLqQz%2BGn1MOfFAb%2FtYBSSGbZeN02WWlnZZ%2BpZiekmARzz8I6E5mV1%2Bf8oAIWi%2FIK%2FUH0LanEatCIlJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af41919cc719701-AMS
content-type
text/html; charset=UTF-8
date
Wed, 07 Aug 2024 03:14:43 GMT
location
https://www.4xdirect.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0WT6U43J75PmcCGxvSANC6KcPjpTb4umVlpjvdjgt0MThZTHU8If72R7Qoe5W9yXMRGIrQieMuMs1%2FB2tiPJ6n%2F9wTq896C0zEcXssgzNq2H9f7Ss7Uq8mPCPwSoSW4yDM0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
x-turbo-charged-by
LiteSpeed
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
518aa2ebb0b7849f44bd59944e36722c00a0f326510009416ef50d7868a0938c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 03:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Aug 2024 03:14:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Aug 2024 03:14:43 GMT
bootstrap.css
www.4xdirect.com/wp-content/themes/bulk/css/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/wp-content/themes/bulk/css/bootstrap.css?ver=3.3.7
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 23:39:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
128567
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M8CuxmX5JyH8qtHR2393cAlB16FA%2Fl6UFI8k4B6dTmjhX7n4yA9LjCnaukmPRemWob4b%2Bux4TbiZNtp%2Bcbc%2BRRV18Y2M0hPZ4pbtK6cmogjlLBS0Ji04H2s6LXmY%2Fjpn3LJW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8af4191fa8369701-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 12 Aug 2024 15:31:56 GMT
style.css
www.4xdirect.com/wp-content/themes/bulk/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/wp-content/themes/bulk/style.css?ver=6.5.5
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2a2c996f4802936d9d7fe3450ff64bc762309a8b310fce6dfb002742e6a8cd

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 23:39:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
128567
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpZIGjKVvAXpWp1XOik4UvHi12wjOj4aLdtw729QuUSuxHdvm%2F%2BQQ3h13FUa6d%2BdMyE4WVL5KJ5FtjeOXIQ6vsEketYZwEF8vtk%2F0kq29f2BHhKQ2mMlS9ehiJ63X03Wk9K6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8af4191fa8379701-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 12 Aug 2024 15:31:56 GMT
font-awesome.min.css
www.4xdirect.com/wp-content/themes/bulk/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/wp-content/themes/bulk/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 23:39:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suVOBL5uturUXNZDvcGnp2NDx7zhwPLI2f9kMaFmN0CD0QL%2FY4SDhxOQHpHEoZh7xxzeELri1A40Oy9DQDa1JOPCOtBy1BWfrbT2ArEqFTFQSaB0Dj%2BQcgeJ4JCwbycZbFfH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8af4191fa8399701-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 14 Aug 2024 03:14:44 GMT
jquery.min.js
www.4xdirect.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 17 Feb 2024 04:55:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkeQvQ1JxP0ubuji5TiNjRalBTOu2H5wpqFLJYEUWkrW%2BbqK1zmqKLCJ5dx5RXW%2BbMHwpodjZSfG%2Bv0MWPTStXg3n7RhV5mQmANAXbXPPdeVkUGiOzCaQLcplpvsA8Gk0xVM"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
8af4191fa83a9701-AMS
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
www.4xdirect.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 09 Jun 2023 15:19:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulpocCqMBT4AVnK53SyFMyY6o2ITYTbkboOK9nY24J3y0OEJBHbQ7F%2B%2Fkib7V4JcEszRVVILuRQO5P6Btwly6Zbe1c14gdEvZY30jOH8eohIYoqUzBv5tdn98CqxiosxRbEw"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
8af4191fa83b9701-AMS
alt-svc
h3=":443"; ma=86400
blog.jpg
www.4xdirect.com/wp-content/uploads/2018/03/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.4xdirect.com/wp-content/uploads/2018/03/blog.jpg
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab845bee6ab6324348d8cfc1f99d5a6664574715f3f1506d20d459661cee316

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 23:39:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znAI7fYC0%2BJ6tM5DEjIdxPtyHeNDlFBBCFLSk42gSiyVuM6Z%2B1ERJsGEvSQTZo0hcS8NPFKeTuXaFimm7eHeZgQFUrzLrMMYgCQI6k9JnP3jfZGmyub2%2B6x0l%2BhSgMwc16M2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8af4191fc8469701-AMS
alt-svc
h3=":443"; ma=86400
content-length
125982
expires
Wed, 14 Aug 2024 03:14:44 GMT
Kola-nut.jpg
www.vanguardngr.com/wp-content/uploads/2012/05/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vanguardngr.com/wp-content/uploads/2012/05/Kola-nut.jpg
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.36.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88cf6b3b1d6b1a9ea507e80f620b113621d86b8a973df53791d230a738fa1252
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 22 Apr 2019 12:15:18 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
etag
W/"e4a2c403a5beab702459938848f58b70"
x-cache-status
REVALIDATED
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
8af419200f8f0bb9-AMS
alt-svc
h3=":443"; ma=86400
248445_1.jpg
cdn.images.express.co.uk/img/dynamic/1/285x214/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.images.express.co.uk/img/dynamic/1/285x214/248445_1.jpg
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:1d:b722:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4cdbc64aba7e8dc40b8363b1f425000ce1d980b8dd72f3605ab9b7031187ff3

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:45 GMT
via
1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
32662
last-modified
Thu, 22 Jul 2021 17:04:51 GMT
server
AmazonS3
etag
"7fa4245da736bc148a697b74fc288730"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=300
accept-ranges
bytes
x-amz-cf-id
wR6KVqk4wazLeIYHqm4YyBJJ3MD1YHO3DNuTL9n02HPkRdpFhdoYxA==
students_union.jpg
warwick.ac.uk/about/campus/tour/su/
Redirect Chain
  • https://www2.warwick.ac.uk/about/campus/tour/su/students_union.jpg
  • https://warwick.ac.uk/about/campus/tour/su/students_union.jpg
0
0
Gnassingbe-1.jpg
www.ngrguardiannews.com/wp-content/uploads/2015/04/ 		0
0
acd70c8f-e512-4d31-8750-0d64ea0a1af9
https://www.4xdirect.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.4xdirect.com/acd70c8f-e512-4d31-8750-0d64ea0a1af9
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
14176-404834.jpg
www.arabianbusiness.com/static/content/images/larger1/
Redirect Chain
  • https://www.arabianindustry.com/static/content/images/larger1/14176-404834.jpg
  • https://www.arabianbusiness.com/static/content/images/larger1/14176-404834.jpg
0
0
fig6-eng.jpg
www.tbs-sct.canada.ca/rpp/2007-2008/NEB-ONE/images/
Redirect Chain
  • https://www.tbs-sct.gc.ca/rpp/2007-2008/NEB-ONE/images/fig6-eng.jpg
  • https://www.tbs-sct.canada.ca/rpp/2007-2008/NEB-ONE/images/fig6-eng.jpg
27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tbs-sct.canada.ca/rpp/2007-2008/NEB-ONE/images/fig6-eng.jpg
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
HTTP/1.1
Server
20.43.19.119 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68cf0c578f60da1e9af14fb7b0950e752a90b32b717850857c707c8be0d25d0b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.tbs-sct.gc.ca/ https://tbs-sct.gc.ca/ https://www.tbs-sct.canada.ca/
Public-Key-Pins pin-sha256="K5cLRLJx5XMmt3FZ4juyw6w77/ZS+AP52Q/mK+UO3P0="; pin-sha256="CzdPous1hY3sIkO55pUH7vklXyIHVZAl/UnprSQvpEI="; pin-sha256="ntPCN1f+CZzlQhaIE331czBRcAjdmi504yTaH4mK2Gw="; max-age=2592000; report-uri="https://domain.com/report"
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 03:14:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors https://www.tbs-sct.gc.ca/ https://tbs-sct.gc.ca/ https://www.tbs-sct.canada.ca/
X-Original-Host
www.tbs-sct.gc.ca
Arr-Disable-Session-Affinity
true
Content-Length
27473
X-XSS-Protection
1; mode=block
Public-Key-Pins
pin-sha256="K5cLRLJx5XMmt3FZ4juyw6w77/ZS+AP52Q/mK+UO3P0="; pin-sha256="CzdPous1hY3sIkO55pUH7vklXyIHVZAl/UnprSQvpEI="; pin-sha256="ntPCN1f+CZzlQhaIE331czBRcAjdmi504yTaH4mK2Gw="; max-age=2592000; report-uri="https://domain.com/report"
Pragma
no-cache
Last-Modified
Tue, 01 Sep 2020 12:54:30 GMT
ETag
"0471785f80d61:0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,PUT,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://www.youtube.com
Cache-Control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept

Redirect headers

Location
https://www.tbs-sct.canada.ca/rpp/2007-2008/NEB-ONE/images/fig6-eng.jpg
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
Keep-Alive
Content-Length
0
Call-Us-Now.jpg
mbfbank.to/wp-content/uploads/2014/09/ 		0
0
bootstrap.min.js
www.4xdirect.com/wp-content/themes/bulk/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/wp-content/themes/bulk/js/bootstrap.min.js?ver=3.3.7
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 12 Oct 2023 23:39:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4JPsGai90vltNOtlYvhyFflxwDaSfwU6nsrH6rNot5F272nhRgG9JARNFNRo%2FvOPfhIk%2BhAj4%2BBh5zIYaUD8Rm7HUKPJF4YszPaAPx7XS1BWj9cxs6AcOxjoCb7UgbqNXep"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
8af4192239949701-AMS
alt-svc
h3=":443"; ma=86400
customscript.js
www.4xdirect.com/wp-content/themes/bulk/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/wp-content/themes/bulk/js/customscript.js?ver=1.0.10
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1cf57eaf7b7443eb3f78a753575fa5922c67affbcf2371a3047afbfd2e3c8c8

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 12 Oct 2023 23:39:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWNIVg%2FtMGXVC2OLY3FoePzZ%2Fr%2Bls7Z1v5Ba14YQU4NQ9jSEc0sARsu8H6qYS9bzNbJK3SjliCOj59dLjygcwGuMtoE6nM0jSSorw7K8Wv8XKbhsoeuE9OMn9TarsYrD9NJT"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
8af4192249999701-AMS
alt-svc
h3=":443"; ma=86400
tU7GkMOjcZE
www.youtube.com/embed/ Frame CC85 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/tU7GkMOjcZE
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.4xdirect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 03:14:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
wlWZ20lqcdg
www.youtube.com/embed/ Frame 511B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/wlWZ20lqcdg
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.4xdirect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 03:14:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
aci.js
www.acint.net/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/aci.js
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.184.140 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
openresty /
Resource Hash
d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 22:00:10 GMT
server
openresty
etag
"65a84dea-2238"
content-type
application/x-javascript
cache-control
max-age=43200
content-length
8760
expires
Wed, 07 Aug 2024 15:14:44 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.4xdirect.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 14:44:54 GMT
x-content-type-options
nosniff
age
44990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 14:44:54 GMT
/
www.acint.net/mc/ Frame 873F
Redirect Chain
  • https://www.acint.net/mc/?dp=10
  • https://www.acint.net/mc/?dp=10&tc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/mc/?dp=10&tc=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.138.132.142.clients.your-server.de
Software
openresty /
Resource Hash

Request headers

Referer
https://www.4xdirect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 07 Aug 2024 03:14:44 GMT
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server
openresty

Redirect headers

content-length
154
content-type
text/html
date
Wed, 07 Aug 2024 03:14:44 GMT
location
/mc/?dp=10&tc=1
server
openresty
oci.js
www.acint.net/ 		31 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/oci.js?t=1723000484416
Requested by
Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.184.140 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
openresty /
Resource Hash
65c9b3d926d559f829e2411f4a10ecc7f0a3c5e97a862c45a913eecf71b49497

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 22:00:10 GMT
server
openresty
etag
W/"65a84dea-7dac"
content-type
application/x-javascript
/
www.acint.net/hit/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/hit/?v=0.7.0&uid=ba09919a-c805-4fca-b947-7575fa2f9e0c&dp=10&tz=%2B02%3A00&nc=718123&u=https%3A%2F%2Fwww.4xdirect.com%2F&r=&rs=1600x1200&t=4X%20Direct&oE=1&oP=1&dT=2024-08-07T05%3A14%3A44.413&fu=15a40a4f-dc61-4974-b999-a6738b115acb
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.184.140 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 19 Apr 2000 11:43:00 GMT
date
Wed, 07 Aug 2024 03:14:44 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-length
43
content-type
image/gif
wp-emoji-release.min.js
www.4xdirect.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.4xdirect.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:14:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 07 Jun 2024 12:41:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJONtvVBui%2FjDpjN04IRtUPMViTPEVS2KcrdDJMBI%2BcJnYU0nBIwPTju2t%2B0smAqhFIh0ZmgAYa0O4MpfuLg3TmIwZr0PAgVQhOorakaFWGFsPvxJLrX60U8Vz6b%2B8K7gKxj"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
8af41924bb269701-AMS
alt-svc
h3=":443"; ma=86400
/
www.acint.net/oci/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/oci/?v=0.7.0&uid=ba09919a-c805-4fca-b947-7575fa2f9e0c&dp=10&tz=%2B02%3A00&nc=301345&oid=2a258eafbc4f0c4193f219e83f3d9353
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.184.140 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 19 Apr 2000 11:43:00 GMT
date
Wed, 07 Aug 2024 03:14:44 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-length
43
content-type
image/gif
/
www.acint.net/ping/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/ping/?v=0.7.0&uid=ba09919a-c805-4fca-b947-7575fa2f9e0c&dp=10&tz=%2B02%3A00&nc=368305&dT=2024-08-07T05%3A14%3A47.416
Requested by
Host: www.4xdirect.com
URL: https://www.4xdirect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.184.140 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.4xdirect.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 19 Apr 2000 11:43:00 GMT
date
Wed, 07 Aug 2024 03:14:47 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-length
43
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
warwick.ac.uk
URL
https://warwick.ac.uk/about/campus/tour/su/students_union.jpg
Domain
www.ngrguardiannews.com
URL
https://www.ngrguardiannews.com/wp-content/uploads/2015/04/Gnassingbe-1.jpg
Domain
www.arabianbusiness.com
URL
https://www.arabianbusiness.com/static/content/images/larger1/14176-404834.jpg
Domain
mbfbank.to
URL
https://mbfbank.to/wp-content/uploads/2014/09/Call-Us-Now.jpg

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _wpemojiSettings function| jQuery object| _acic object| _acil object| _aci_ocic object| AciOciApp object| twemoji object| wp

96 Cookies

Domain/Path Name / Value
pixel.dsp.onetarget.ru/sape Name: USER_ID
Value: a325bd67-d632-476d-9f0b-560586adef57
pixel.dsp.onetarget.ru/sape Name: SAPE_USER_ID
Value: 0300007FA4E6B2660C06B90802336006
kimberlite.io/rtb Name: da
Value: kFeECwAAAAE
kimberlite.io/rtb Name: as
Value: OFrH4Way5qWE8n8IZrLmpg
.vanguardngr.com/ Name: __cf_bm
Value: HHFrAtSnwFKDOQcHK.fXwmIbxgacv_7Mz9ZIi3KNBGY-1723000484-1.0.1.1-s1IAgAAIO0OSJSJfhiOm6uFm3Tm6BeOAfXo2YiHnwig16ysFepckCpHDXIbZ9psnYI0i2AgWz3afl3cHmFN6.Q
.youtube.com/ Name: YSC
Value: zDZfBr1eCiA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: nRKlIFa2lpo
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgFg%3D%3D
www.4xdirect.com/ Name: fid
Value: 15a40a4f-dc61-4974-b999-a6738b115acb
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAABmay5qQsmF+LCLptAhCX2EzCeRMj+AYjW7Kkm+OHZRqs
.acint.net/ Name: cSyncDp14v6
Value: 1723000484
.acint.net/ Name: cSyncDp17v2
Value: 1723000484
.acint.net/ Name: cSyncDp45v5
Value: 1723000484
.acint.net/ Name: cSyncDp53v5
Value: 1723000484
.acint.net/ Name: cSyncDp62v2
Value: 1723000484
.acint.net/ Name: cSyncDp67v3
Value: 1723000484
.acint.net/ Name: cSyncDp68v3
Value: 1723000484
.acint.net/ Name: cSyncDp71v2
Value: 1723000484
.acint.net/ Name: cSyncDp80v2
Value: 1723000484
.acint.net/ Name: cSyncDp85v2
Value: 1723000484
.acint.net/ Name: cSyncDp95v4
Value: 1723000484
.acint.net/ Name: cSyncDp98v3
Value: 1723000484
.acint.net/ Name: cSyncDp104v2
Value: 1723000484
.acint.net/ Name: cSyncDp107v2
Value: 1723000484
.acint.net/ Name: cSyncDp110v3
Value: 1723000484
.acint.net/ Name: cSyncDp125v4
Value: 1723000484
.acint.net/ Name: cSyncDp126v3
Value: 1723000484
.acint.net/ Name: cSyncDp127v2
Value: 1723000484
.acint.net/ Name: cSyncDp129v2
Value: 1723000484
.acint.net/ Name: cSyncDp136v3
Value: 1723000484
.acint.net/ Name: cSyncDp146v2
Value: 1723000484
.acint.net/ Name: cSyncDp148v2
Value: 1723000484
.acint.net/ Name: cSyncDp149v3
Value: 1723000484
.acint.net/ Name: cSyncDp151v2
Value: 1723000484
.acint.net/ Name: cSyncDp251v2
Value: 1723000484
.acint.net/ Name: cSyncDp186v2
Value: 1723000484
.acint.net/ Name: cSyncDp217v2
Value: 1723000484
.acint.net/ Name: cSyncDp226v1
Value: 1723000484
.acint.net/ Name: cSyncDp235v2
Value: 1723000484
.acint.net/ Name: cSyncDp239v2
Value: 1723000484
.acint.net/ Name: cSyncDp243v2
Value: 1723000484
.acint.net/ Name: cSyncDp260v2
Value: 1723000484
.acint.net/ Name: cSyncDp244v2
Value: 1723000484
.acint.net/ Name: cSyncDp248v2
Value: 1723000484
.acint.net/ Name: cSyncDp261v1
Value: 1723000484
.acint.net/ Name: cSyncDp289v2
Value: 1723000484
.acint.net/ Name: cSyncDp293v1
Value: 1723000484
.acint.net/ Name: cSyncDp296v2
Value: 1723000484
.acint.net/ Name: cSyncDp312v1
Value: 1723000484
.acint.net/ Name: cSyncDp331v1
Value: 1723000484
.upravel.com/ Name: session_tptc
Value: 1723000484641
.upravel.com/ Name: user_id
Value: 09ae150c-603c-4f96-bfc8-7267053d19de
.acint.net/ Name: cSyncDp14v4
Value: 1723000484
.utraff.com/ Name: preutid
Value: 1
.adhigh.net/ Name: gi_u
Value: u8NRJODZBjXF.AikABlGRKtTzcQ
www.4xdirect.com/ Name: _ac_oid
Value: 2a258eafbc4f0c4193f219e83f3d9353%3A1723004084764
.adhigh.net/ Name: sape_sync
Value: L7to
.acint.net/ Name: cSyncDp7v3
Value: 1723000484
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDGWay5qS6lAWNPiDsAoF7Yn//750/j47hLn1tk1mWxp2O
.acint.net/ Name: cSyncDp241v2
Value: 1723000484
.otm-r.com/ Name: mpid
Value: NjZiMmU2YTQwMTExZmQxMw==
.adriver.ru/ Name: cid
Value: Ayf66Gmb_emdq9KWikieyZA
.uuidksinc.net/ Name: jcsuuid
Value: t9YaPLzgvypDcBdvIbzW
.buzzoola.com/ Name: uuid
Value: 7503d602-fe3b-484c-4748-bea953a1600f
.rutarget.ru/ Name: userId
Value: EVcWsCK9SlEm
.mts.ru/ Name: dspid
Value: f354e3d9-517e-4095-bfe6-90010df133d9
ads.adlook.me/ Name: adlm_userId
Value: 93f3f65b25e74ea8926965599a77408e
ads.adlook.me/ Name: adlk_cmatch
Value: sape%3A0300007FA4E6B2660C06B90802336006
.bumlam.com/ Name: suuid3
Value: IiQzMjFkM2M5Ni01NDZiLTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
sync.gonet-ads.com/ Name: chk
Value: 1
.gonet-ads.com/ Name: pid
Value: M2Y0MzAxYWVkM2UwODI2MA
.ohmy.bid/ Name: uid
Value: e0db8f9f-ff8e-4296-8b90-9257c0fe5f05.66b2e6a5.5b6a763ddbc57c32
.agency2.ru/ Name: uuid
Value: f48a3363-2000-4e0e-a9ae-2014c57012aa
sync.opendsp.ru/ Name: chk
Value: 1
.yandex.ru/ Name: yuidss
Value: 4275416091723000485
.yandex.ru/ Name: i
Value: 7oCTDR9C4c9j2Keg/HccETgpzRCjq6NiYDtJzwZvCF+/wFDyFvbCvCl1UMucgy+YB8tCSCJ29RYkkY90PoUrP1rnKtE=
.yandex.ru/ Name: yandexuid
Value: 8527315121723000485
.yandex.ru/ Name: yashr
Value: 8659760341723000485
.yandex.ru/ Name: bh
Value: EkEiTm90KUE7QnJhbmQiO3Y9Ijk5IiwgIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNyIsICJDaHJvbWl1bSI7dj0iMTI3IioCPzA6ByJMaW51eCJgpc3LtQY=
.mts.ru/ Name: ma_last_sync
Value: 1723000485331
.mts.ru/ Name: ma_id
Value: 6185438431723000485331
.bidvol.com/ Name: bvuid
Value: ks8h0ua8ot
.opendsp.ru/ Name: pid
Value: NDhkYWI2MmNmNDBjNWQ1YQ
sync.programmatica.com/ Name: chk
Value: 1
.programmatica.com/ Name: pid
Value: NmMyNzczZDUyMzBiMTg5ZQ
.adx.com.ru/ Name: user
Value: 66b2e6a57011cb0001cd0479
kimberlite.io/ Name: u
Value: ZrLmpX9P11w~pv1B8bqCXOxRi1O3jzrmNJqRs28
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
sync.dsp.solta.io/ Name: chk
Value: 1
.dsp.solta.io/ Name: pid
Value: NzJhYmZkODk2MzU1ZWU5YQ
.weborama.fr/ Name: AFFICHE_W
Value: YhctO3KriYdi71
.sbermarketing.ru/ Name: dmpuid
Value: lIMfG9jFTHurxP22lX7yhg
.adspector.io/ Name: preadspector
Value: 1
.ymmobi.com/ Name: ym_user_cookie
Value: ym_user_1c556f86-fbe4-4ad1-b867-2d3e3c0fc208
.dmg.digitaltarget.ru/ Name: viuserid
Value: VbYQF432-GhAA1i7WnnS

10 Console Messages

Source Level URL
Text
security warning URL: https://www.4xdirect.com/
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://cdn.images.express.co.uk/img/dynamic/1/285x214/248445_1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www2.warwick.ac.uk/about/campus/tour/su/students_union.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ngrguardiannews.com/wp-content/uploads/2015/04/Gnassingbe-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arabianindustry.com/static/content/images/larger1/14176-404834.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://mbfbank.to/wp-content/uploads/2014/09/Call-Us-Now.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/(Line 410)
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://cdn.images.express.co.uk/img/dynamic/1/285x214/248445_1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/(Line 410)
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www2.warwick.ac.uk/about/campus/tour/su/students_union.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/(Line 410)
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www.ngrguardiannews.com/wp-content/uploads/2015/04/Gnassingbe-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/(Line 410)
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://www.arabianindustry.com/static/content/images/larger1/14176-404834.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.4xdirect.com/(Line 410)
Message:
Mixed Content: The page at 'https://www.4xdirect.com/' was loaded over HTTPS, but requested an insecure element 'http://mbfbank.to/wp-content/uploads/2014/09/Call-Us-Now.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.images.express.co.uk
fonts.googleapis.com
fonts.gstatic.com
mbfbank.to
warwick.ac.uk
www.4xdirect.com
www.acint.net
www.arabianbusiness.com
www.ngrguardiannews.com
www.tbs-sct.canada.ca
www.tbs-sct.gc.ca
www.vanguardngr.com
www.youtube.com
mbfbank.to
warwick.ac.uk
www.arabianbusiness.com
www.ngrguardiannews.com
142.132.138.215
172.67.130.23
172.67.36.180
193.3.184.140
20.43.19.119
2600:9000:2490:1000:1d:b722:f80:93a1
2a00:1450:4001:81c::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:830::2003
468dbc94cf52002acf99c23638b5dfac51ff0fab34097a3c7d195564b0c0dc67
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
518aa2ebb0b7849f44bd59944e36722c00a0f326510009416ef50d7868a0938c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
65c9b3d926d559f829e2411f4a10ecc7f0a3c5e97a862c45a913eecf71b49497
68cf0c578f60da1e9af14fb7b0950e752a90b32b717850857c707c8be0d25d0b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ab845bee6ab6324348d8cfc1f99d5a6664574715f3f1506d20d459661cee316
88cf6b3b1d6b1a9ea507e80f620b113621d86b8a973df53791d230a738fa1252
a4cdbc64aba7e8dc40b8363b1f425000ce1d980b8dd72f3605ab9b7031187ff3
acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285
b1cf57eaf7b7443eb3f78a753575fa5922c67affbcf2371a3047afbfd2e3c8c8
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57
ed2a2c996f4802936d9d7fe3450ff64bc762309a8b310fce6dfb002742e6a8cd