fatoreader.net Open in urlscan Pro
104.21.32.1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fatoreader.net/
Effective URL:
https://fatoreader.net/
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On December 22 via api (December 22nd 2024, 2:12:55 am UTC) from DE — Scanned from US

Summary HTTP 108 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 33 IPs in 2 countries across 26 domains to perform 108 HTTP transactions. The main IP is 104.21.32.1, located in and belongs to CLOUDFLARENET, US. The main domain is fatoreader.net.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.

This is the only time fatoreader.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 33	104.21.32.1 104.21.32.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:1408:c40... 2600:1408:c400:18e::1e80	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
5	172.217.197.155 172.217.197.155	15169 (GOOGLE) (GOOGLE)
1 3	44.207.80.215 44.207.80.215	14618 (AMAZON-AES) (AMAZON-AES)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
2	2600:1408:c40... 2600:1408:c400:5::17c7:3719	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	50.19.69.177 50.19.69.177	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.38.112 63.140.38.112	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.160.36.46 35.160.36.46	16509 (AMAZON-02) (AMAZON-02)
1	63.140.39.196 63.140.39.196	14618 (AMAZON-AES) (AMAZON-AES)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	52.85.151.110 52.85.151.110	16509 (AMAZON-02) (AMAZON-02)
2	51.8.207.171 51.8.207.171	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	63.140.38.183 63.140.38.183	14618 (AMAZON-AES) (AMAZON-AES)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f3:3800:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:250... 2600:9000:2509:8e00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.200.196.38 34.200.196.38	14618 (AMAZON-AES) (AMAZON-AES)
1	54.236.128.166 54.236.128.166	14618 (AMAZON-AES) (AMAZON-AES)
5	23.212.251.10 23.212.251.10	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1 1	2600:1f18:730... 2600:1f18:730:b120:4a50:823:1568:e10b	14618 (AMAZON-AES) (AMAZON-AES)
1	35.169.165.53 35.169.165.53	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.142.80 35.244.142.80	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	52.86.2.38 52.86.2.38	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1901:1:7... 2600:1901:1:7c5::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
108	33

33 104.21.32.1 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

fatoreader.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1408:c400:18e::1e80 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.197.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.207.80.215 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-80-215.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:5::17c7:3719 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn4pzx5r5auu7w4rx-hbp.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.69.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-69-177.compute-1.amazonaws.com

hbr.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.112 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-112.data.adobedc.net

hbr.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.36.46 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-36-46.us-west-2.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.39.196 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-196.data.adobedc.net

harvardbusinessrevie.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.151.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-110.iad89.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.8.207.171 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.183 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-183.data.adobedc.net

smetrics.hbr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f3:3800:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2509:8e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.196.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-196-38.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.128.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-128-166.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.212.251.10 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-251-10.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:4a50:823:1568:e10b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.165.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-165-53.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.86.2.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-2-38.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:7c5:: (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

pixels.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	fatoreader.net 2 redirects fatoreader.net	101 KB
12	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 623	42 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 www.linkedin.com — Cisco Umbrella Rank: 676 px4.ads.linkedin.com — Cisco Umbrella Rank: 7032	4 KB
6	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2701	10 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 l.clarity.ms — Cisco Umbrella Rank: 11866 c.clarity.ms — Cisco Umbrella Rank: 1269	31 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 458	179 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	140 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 8604778.fls.doubleclick.net — Cisco Umbrella Rank: 106013 Failed	208 KB
4	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3229 i.liadm.com — Cisco Umbrella Rank: 572 rp.liadm.com — Cisco Umbrella Rank: 966 rp4.liadm.com — Cisco Umbrella Rank: 5689	48 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 359 c.bing.com — Cisco Umbrella Rank: 205	17 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262 hbr.demdex.net — Cisco Umbrella Rank: 98362	2 KB
3	qualtrics.com zn4pzx5r5auu7w4rx-hbp.siteintercept.qualtrics.com — Cisco Umbrella Rank: 107382 siteintercept.qualtrics.com — Cisco Umbrella Rank: 935	28 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	328 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 265	579 B
2	spotify.com pixels.spotify.com — Cisco Umbrella Rank: 3212	271 B
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3917	475 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	216 B
2	omtrdc.net hbr.sc.omtrdc.net — Cisco Umbrella Rank: 184107 harvardbusinessrevie.tt.omtrdc.net — Cisco Umbrella Rank: 88730	1 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 3893	22 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1656	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1941	15 KB
1	hbr.org smetrics.hbr.org — Cisco Umbrella Rank: 99690	373 B
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 4115	56 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1608	490 B
108	26

	Domain	Requested by
33	fatoreader.net	2 redirects fatoreader.net
12	js-agent.newrelic.com	fatoreader.net
6	tags.srv.stackadapt.com	fatoreader.net
6	assets.adobedtm.com	fatoreader.net
5	analytics.tiktok.com	fatoreader.net analytics.tiktok.com
5	px.ads.linkedin.com	3 redirects fatoreader.net
5	securepubads.g.doubleclick.net	fatoreader.net
3	bat.bing.com	fatoreader.net
3	www.googletagmanager.com	fatoreader.net
3	dpm.demdex.net	1 redirects fatoreader.net
2	bam.nr-data.net	fatoreader.net
2	c.clarity.ms	1 redirects
2	pixels.spotify.com	fatoreader.net
2	api.sail-personalize.com	fatoreader.net
2	l.clarity.ms	fatoreader.net
2	www.facebook.com	fatoreader.net
2	siteintercept.qualtrics.com	fatoreader.net
2	www.clarity.ms	fatoreader.net
2	snap.licdn.com	fatoreader.net
2	connect.facebook.net	fatoreader.net
1	c.bing.com	1 redirects
1	cdn.pdst.fm	fatoreader.net
1	rp4.liadm.com	fatoreader.net
1	rp.liadm.com	1 redirects
1	i.liadm.com	fatoreader.net
1	ping.chartbeat.net	fatoreader.net
1	b-code.liadm.com	fatoreader.net
1	static.chartbeat.com	fatoreader.net
1	smetrics.hbr.org	fatoreader.net
1	ak.sail-horizon.com	fatoreader.net
1	px4.ads.linkedin.com	fatoreader.net
1	www.linkedin.com	1 redirects
1	harvardbusinessrevie.tt.omtrdc.net	fatoreader.net
1	cm.everesttech.net	1 redirects
1	hbr.sc.omtrdc.net	fatoreader.net
1	hbr.demdex.net	fatoreader.net
1	zn4pzx5r5auu7w4rx-hbp.siteintercept.qualtrics.com	fatoreader.net
0	8604778.fls.doubleclick.net Failed	fatoreader.net
108	38

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.instagram.com
hbr.org
www.harvardbusiness.org
hbphelp.zendesk.com
feeds.harvardbusiness.org
trademark.harvard.edu
hbsp.harvard.edu
www.hbs.edu

Subject Issuer	Validity	Valid
fatoreader.net WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2024-12-02` - `2025-12-01`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 08	`2024-12-15` - `2025-06-13`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-09`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-03-28`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2024-12-12` - `2026-01-10`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
smetrics.hbr.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-11` - `2025-07-09`	a year	crt.sh
api.sail-personalize.com Amazon RSA 2048 M02	`2024-03-25` - `2025-04-22`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2024-12-06` - `2025-12-29`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
cdn.pdst.fm WR3	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2024-08-09` - `2025-09-06`	a year	crt.sh
*.spotify.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-02-04`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://fatoreader.net/
Frame ID: C809FD0B47FE163AFBEAD876636351CB
Requests: 101 HTTP requests in this frame

Frame: https://fatoreader.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 6E3A91CB184B74685191DEABB085202C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 60F57DFAACC3CCC561495004E1551B65
Requests: 1 HTTP requests in this frame

Frame: https://hbr.demdex.net/dest5.html?d_nsid=0
Frame ID: B24F67A1758110C66E61DD46F16B7D3B
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-057o?duid=8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7&euns=0&s=&version=v3.6.0&cd=.fatoreader.net&pv=38cc04c5-2742-49d2-9e63-c81e8699d98d
Frame ID: 36696AF59C71F7C4EBE788BC75DBDB11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Harvard Business Review - Ideas and Advice for Leaders

Page URL History Show full URLs

http://fatoreader.net/ HTTP 307
https://fatoreader.net/ Page URL
https://fatoreader.net/cdn-cgi/phish-bypass?atok=mNPC6tDQ5T7RHZg08FNYWiDdIldxa8v4LsO4tcgfYDQ-173483... HTTP 301
https://fatoreader.net/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

108
Requests

94 %
HTTPS

34 %
IPv6

26
Domains

38
Subdomains

33
IPs

2
Countries

1325 kB
Transfer

4407 kB
Size

73
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/HarvardBiz

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HBR

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/harvard-business-review?trk=biz-companies-cym

Search URL Search Domain Scan URL

URL: https://www.instagram.com/harvard_business_review/?hl=en

Search URL Search Domain Scan URL

URL: https://hbr.org/email-newsletters?ab=HP-newsletter-tout-non-logged-text-1&movetile_dailyalert
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://hbr.org/2024/12/the-unitedhealthcare-ceo-shooting-should-be-a-turning-point-for-corporate-america
Title: Read More

Search URL Search Domain Scan URL

URL: https://hbr.org/topic/subject/managing-yourself
Title: Read More

Search URL Search Domain Scan URL

URL: https://hbr.org/2024/12/what-is-agentic-ai-and-how-will-it-change-work
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.harvardbusiness.org/accessibility-at-harvard-business-publishing
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.harvardbusiness.org/harvard-business-publishing-digital-accessibility-policy
Title: Digital Accessibility

Search URL Search Domain Scan URL

URL: https://hbphelp.zendesk.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: http://feeds.harvardbusiness.org/harvardbusiness/
Title: Your Newsreader

Search URL Search Domain Scan URL

URL: http://trademark.harvard.edu/pages/trademark-notice
Title: Trademark Policy

Search URL Search Domain Scan URL

URL: https://hbsp.harvard.edu/
Title: Higher Education

Search URL Search Domain Scan URL

URL: https://www.harvardbusiness.org/
Title: Corporate Learning

Search URL Search Domain Scan URL

URL: https://hbr.org/
Title: Harvard Business Review

Search URL Search Domain Scan URL

URL: http://www.hbs.edu/
Title: Harvard Business School

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fatoreader.net/ HTTP 307
https://fatoreader.net/ Page URL
https://fatoreader.net/cdn-cgi/phish-bypass?atok=mNPC6tDQ5T7RHZg08FNYWiDdIldxa8v4LsO4tcgfYDQ-1734833560-0.0.1.1-%2F HTTP 301
https://fatoreader.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://fatoreader.net/ HTTP 307
https://fatoreader.net/

Request Chain 29

https://fatoreader.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://fatoreader.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

Request Chain 35

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=7801965A577503E87F000101%40AdobeOrg&d_nsid=0&ts=1734833568325 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=7801965A577503E87F000101%40AdobeOrg&d_nsid=0&ts=1734833568325

Request Chain 46

https://8604778.fls.doubleclick.net/activityi;src=8604778;type=wcaun0;cat=hbr_a0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5310457097467.087 HTTP 302
https://8604778.fls.doubleclick.net/activityi;dc_pre=CK-e8NSmuooDFadTRwEd1OAK_A;src=8604778;type=wcaun0;cat=hbr_a0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5310457097467.087

Request Chain 55

https://cm.everesttech.net/cm/dd?d_uuid=86477013373299116194427181305440865999 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z2d1oQAAAGzAuQOF

Request Chain 59

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6373529%26time%3D1734833569024%26li_adsId%3D8fb15d1b-dafc-4438-9539-6aa139f54863%26url%3Dhttps%253A%252F%252Ffatoreader.net%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQIZN_DlI-USPgAAAZPsI39izhdZnVdA7sC0Z6hI0pcFC8MzfmVu-FYIqZPKNmQV2bM_Zw

Request Chain 75

https://rp.liadm.com/j?dtstmp=1734833570552&aid=a-057o&se=e30&duid=8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7&tv=v3.6.0&pu=https%3A%2F%2Ffatoreader.net%2F&wpn=lc-bundle&wpv=v3.6.0&refr=https%3A%2F%2Ffatoreader.net%2F&cd=.fatoreader.net&c=PHRpdGxlPkhhcnZhcmQgQnVzaW5lc3MgUmV2aWV3IC0gSWRlYXMgYW5kIEFkdmljZSBmb3IgTGVhZGVyczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkZpbmQgbmV3IGlkZWFzIGFuZCBjbGFzc2ljIGFkdmljZSBvbiBzdHJhdGVneSwgaW5ub3ZhdGlvbiBhbmQgbGVhZGVyc2hpcCwgZm9yIGdsb2JhbCBsZWFkZXJzIGZyb20gdGhlIHdvcmxkJ3MgYmVzdCBidXNpbmVzcyBhbmQgbWFuYWdlbWVudCBleHBlcnRzLiI-PHRpdGxlIGlkPSJsb2dvOlI1NXI2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-PHRpdGxlIGlkPSJsb2dvOlI5NXI2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-PGgxIGNsYXNzPSJGZWF0dXJlZF90aXRsZV9fTXNQUmQiPjxhIGhyZWY9Ii8yMDI0LzEyL3RoZS0xMC1tb3N0LXBvcHVsYXItaGJyLWFydGljbGVzLW9mLTIwMjQ_YWI9SFAtaGVyby1mZWF0dXJlZC10ZXh0LTEiIGNsYXNzPSJGZWF0dXJlZF9saW5rX192TTVUYSIgZGF0YS1lbGVtZW50LXR5cGU9ImZvci15b3UtZWxlbWVudC1ob3ZlciIgYXJpYS1sYWJlbD0iUmVhZCBtb3JlIGFib3V0IFRoZSAxMCBNb3N0IFBvcHVsYXIgSEJSIEFydGljbGVzIG9mIDIwMjQiPlRoZSAxMCBNb3N0IFBvcHVsYXIgSEJSIEFydGljbGVzIG9mIDIwMjQ8L2E-PC9oMT48aDEgY2xhc3M9IlRoZUxhdGVzdF90aXRsZV9fUU1LTDAiPlRoZSBMYXRlc3Q8L2gxPjx0aXRsZSBpZD0ibG9nbzpSZXY2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-&pv=38cc04c5-2742-49d2-9e63-c81e8699d98d HTTP 302
https://rp4.liadm.com/j?dtstmp=1734833570552&aid=a-057o&se=e30&duid=8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7&tv=v3.6.0&pu=https%3A%2F%2Ffatoreader.net%2F&wpn=lc-bundle&wpv=v3.6.0&refr=https%3A%2F%2Ffatoreader.net%2F&cd=.fatoreader.net&c=PHRpdGxlPkhhcnZhcmQgQnVzaW5lc3MgUmV2aWV3IC0gSWRlYXMgYW5kIEFkdmljZSBmb3IgTGVhZGVyczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkZpbmQgbmV3IGlkZWFzIGFuZCBjbGFzc2ljIGFkdmljZSBvbiBzdHJhdGVneSwgaW5ub3ZhdGlvbiBhbmQgbGVhZGVyc2hpcCwgZm9yIGdsb2JhbCBsZWFkZXJzIGZyb20gdGhlIHdvcmxkJ3MgYmVzdCBidXNpbmVzcyBhbmQgbWFuYWdlbWVudCBleHBlcnRzLiI-PHRpdGxlIGlkPSJsb2dvOlI1NXI2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-PHRpdGxlIGlkPSJsb2dvOlI5NXI2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-PGgxIGNsYXNzPSJGZWF0dXJlZF90aXRsZV9fTXNQUmQiPjxhIGhyZWY9Ii8yMDI0LzEyL3RoZS0xMC1tb3N0LXBvcHVsYXItaGJyLWFydGljbGVzLW9mLTIwMjQ_YWI9SFAtaGVyby1mZWF0dXJlZC10ZXh0LTEiIGNsYXNzPSJGZWF0dXJlZF9saW5rX192TTVUYSIgZGF0YS1lbGVtZW50LXR5cGU9ImZvci15b3UtZWxlbWVudC1ob3ZlciIgYXJpYS1sYWJlbD0iUmVhZCBtb3JlIGFib3V0IFRoZSAxMCBNb3N0IFBvcHVsYXIgSEJSIEFydGljbGVzIG9mIDIwMjQiPlRoZSAxMCBNb3N0IFBvcHVsYXIgSEJSIEFydGljbGVzIG9mIDIwMjQ8L2E-PC9oMT48aDEgY2xhc3M9IlRoZUxhdGVzdF90aXRsZV9fUU1LTDAiPlRoZSBMYXRlc3Q8L2gxPjx0aXRsZSBpZD0ibG9nbzpSZXY2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-&pv=38cc04c5-2742-49d2-9e63-c81e8699d98d&i6=MmEwNDpjNjA0OjYxNToxOjo0&n3pc=true

Request Chain 92

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E9DBE7CDD79D4A9E9E39DB88AD70F2FE&RedC=c.clarity.ms&MXFR=2AC2C625FB44620A0CDDD378FF446C41 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9DBE7CDD79D4A9E9E39DB88AD70F2FE&MUID=242756A6C8F665E2390C43FBC9186414

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

403

/ Show response
fatoreader.net/
Redirect Chain

http://fatoreader.net/
https://fatoreader.net/

4 KB
2 KB

210ms
80ms

Document
text/html

104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61e3f7479360b7c7a2d8940534d7e543315d5712bb396bec027ad3d06ac6d0e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-ray: 8f5c9699ba997ce0-LAX
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 22 Dec 2024 02:12:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5mfur1fsNfyyRPJ24bY2S77iRlWLiPT%2BKGNmm31w25pHckyMXh6qpIB0X1M2Q0PqUZEqzZUvGr1rlqxfu25vvXziomzaNyFZuxPpJ9u84b%2B6jsW4hIpXT8%2BM9OCtTsY2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://fatoreader.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 cf.errors.css
fatoreader.net/cdn-cgi/styles/ 23 KB
5 KB 75ms
74ms Stylesheet
text/css 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/cdn-cgi/styles/cf.errors.css

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"675fc4ac-5df3"
x-content-type-options: nosniff
cf-ray: 8f5c969a4af77ce0-LAX
expires: Sun, 22 Dec 2024 04:12:40 GMT
date: Sun, 22 Dec 2024 02:12:40 GMT
content-type: text/css
last-modified: Mon, 16 Dec 2024 06:11:56 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
fatoreader.net/cdn-cgi/images/ 452 B
634 B 62ms
61ms Image
image/png 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fatoreader.net/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "675fc4ac-1c4"
x-content-type-options: nosniff
cf-ray: 8f5c969aeafa7ce0-LAX
expires: Sun, 22 Dec 2024 04:12:40 GMT
accept-ranges: bytes
content-length: 452
date: Sun, 22 Dec 2024 02:12:40 GMT
content-type: image/png
last-modified: Mon, 16 Dec 2024 06:11:56 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 403 favicon.ico
fatoreader.net/ 4 KB
2 KB 67ms
67ms Other
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff2dc04d0673b8059c6aa31731e08146675d6b054d7d00743d326f4ec26cc17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEbsC0bdE08oAYg6KOaJTSLFGbBiRFgvhBnn50GkMesyu%2BkJ4iNRtlBQ85%2BoQPszmZsmdjson%2BiDsywk9GhXpXhgFfjff8VIDzLbmkbNpC8%2BSAHG5%2F8%2FKE5WW52Zw%2FjiLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c969b4afe7ce0-LAX
date: Sun, 22 Dec 2024 02:12:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3

200

Primary Request / Show response
fatoreader.net/
Redirect Chain

https://fatoreader.net/cdn-cgi/phish-bypass?atok=mNPC6tDQ5T7RHZg08FNYWiDdIldxa8v4LsO4tcgfYDQ-1734833560-0.0.1.1-%2F
https://fatoreader.net/

355 KB
58 KB

1107ms
1107ms

Document
text/html

104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70dd7ed0ad515aeccc6a5aae879f5dc29c2a93082465414db4f3025aca5aaacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fatoreader.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f5c96bbabd57ce0-LAX
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Sun, 22 Dec 2024 02:12:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permission-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAfCYDi0vV4qB6M%2F0w%2Fals4RjKIQLWSy%2F2j6oIvUL2516O0411FUexZgehDqDF3EhzE31u2tFj9cwoSc8VN0WGIPjIx%2FxtmMMHpqVovAICgbj21NNI84xC62DCemmptEig%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=7776000
vary: Accept-Encoding
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
x-amz-cf-id: VmiI2uSd-SVv1qdnIXJ0731i9RUPlRC6KPWvm--9WP7dM4fXRUx3Gw==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private, no-cache
cf-ray: 8f5c96bb3bd17ce0-LAX
content-length: 167
content-type: text/html
date: Sun, 22 Dec 2024 02:12:45 GMT
location: https://fatoreader.net/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 403 Dec24_20_2149812638-2-700x394.jpg
fatoreader.net/resources/images/article_assets/2024/12/ 5 KB
5 KB 70ms
68ms Image
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fatoreader.net/resources/images/article_assets/2024/12/Dec24_20_2149812638-2-700x394.jpg

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9eed5bfd92abcc50593dd6c0462c8b465af1f2aa8005857cafb1235e0ffd54f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2Fcn%2Bc1kwR3gGpscRWNJPjBaCokeQ7aJ7fDr5feiNphCVyXQKstMWMmeHVkaARaneT2rdT%2Fc0%2BjFFhKb6LsvLC7xXWXLGpWgwYQg9F4Ctk1N5%2FiR44akJBleKAcUa%2FAGTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c34c827ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 GT-America-Standard-Regular.ee9c3d0d.woff
fatoreader.net/assets/mfe-core/fonts/ 0
0 72ms
70ms Font
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/assets/mfe-core/fonts/GT-America-Standard-Regular.ee9c3d0d.woff

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://fatoreader.net
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4sW86gf4vlJzG5JR1%2F95hMzHWC5y6Mg5sWVLSG05pHVC08pj3%2BE9T72bwkGG9%2FlsYHRCUogMjBz3BKhKCK85RynCBWFFlcsAC%2FZRsvQJTHlwUcaJ1YOlozHHbIOZ5glXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c34c817ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 GT-America-Standard-Semibold.78dc2ebb.woff
fatoreader.net/assets/mfe-core/fonts/ 0
0 84ms
83ms Font
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/assets/mfe-core/fonts/GT-America-Standard-Semibold.78dc2ebb.woff

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://fatoreader.net
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FvaxCtgDhojG1o%2FtfaBzS1niu1A3DExGdXRn7FFMxnGPnbpiCO7LzV0GzbWvWNSXHpRIHyqPZebWlW%2Ftf5KCzv0kCirt5DZl%2BVQe5QYu%2B0benlV9z1ub9a5HbvERLcZHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c34c837ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 GT-America-Standard-Bold.449f1ad7.woff
fatoreader.net/assets/mfe-core/fonts/ 0
0 113ms
112ms Font
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/assets/mfe-core/fonts/GT-America-Standard-Bold.449f1ad7.woff

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://fatoreader.net
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pe%2FmDJH08SqX7QRZ1zWBlLO8ATc6lP9Q28J9x%2FY3lR7Go8CtdQRJ4Fhg1Q1PxWem%2Bv3FD0dB%2FaVbsNbecBEU4arPN4SxGwbjsdFgH8zc7FTSaPxrBE%2B8TiYffx8%2F6nm0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c34c867ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 tiempos-headline-semibold.b4e52635.woff2
fatoreader.net/assets/mfe-core/fonts/ 0
0 85ms
84ms Font
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/assets/mfe-core/fonts/tiempos-headline-semibold.b4e52635.woff2

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://fatoreader.net
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEJZu5bxL%2BP8Wz3EjiomD8IXWNSMq%2Bp4AMf6m9LeVQvdv79P6a5SpnX0AWdth%2Bzx1WETstGUTYHqjsCoZmG3TxzkMsAj2uy8bEi5GL8GpAeU7acOAGOI5tsCxiJPOcuQ6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c34c857ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 tiempos-headline-regular.710454d3.woff2
fatoreader.net/assets/mfe-core/fonts/ 0
0 71ms
71ms Font
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/assets/mfe-core/fonts/tiempos-headline-regular.710454d3.woff2

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://fatoreader.net
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZNfICMqgnnkJfTiEy60c2WGjxQBEBDwEFZpIgv1MzWawW85pWwhneZ3Yg%2B%2FmNHSYyCy9w0lhHUcsTddN32jpAMM2pCSMj81WpPGUCSGMl%2Bb6GDcrXmllCBao5nZ8moteQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c34c847ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 launch-67dbffcc16ef.min.js Show response
assets.adobedtm.com/c0857d0b892a/7e3e4b83f0c5/ 714 KB
163 KB 495ms
129ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/c0857d0b892a/7e3e4b83f0c5/launch-67dbffcc16ef.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

382e10274eedd2c1f8db059c7b0b041d98b0190b21f27a41284cbb598820042c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "3f13bd8c55242127e44a72a6a31886d7:1734640366.229988"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 03:12:47 GMT
accept-ranges: bytes
access-control-allow-origin: https://fatoreader.net
content-length: 166031
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: application/x-javascript
last-modified: Thu, 19 Dec 2024 20:32:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 103 KB
33 KB 376ms
131ms Script
text/javascript 172.217.197.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f155.1e100.net

Software

cafe /

Resource Hash

2dd6cd2c36a86f0cc63f4a52df9c999148c8a299990a610e81b5cadb6634d302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: br
etag: 809 / 20079 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 02:12:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33453
x-xss-protection: 0
server: cafe

GET
H3 403 b44169c02195e90a.css
fatoreader.net/_next/static/css/ 0
0 67ms
65ms Stylesheet
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/css/b44169c02195e90a.css

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcHnms7DvhP8EMakB5gJp61dFnYAyTDgr84V9epAFM2RGlz%2F3UAo%2BSuds%2BoX47lL1NiKye%2FKXiF2zcm38r%2F2bV17TsB%2FdFzfRF1g8H1G%2F3Cyo2%2Bd1CoMCLluSXp7IUy9FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c917ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 33c23937934257f8.css
fatoreader.net/_next/static/css/ 0
0 71ms
70ms Stylesheet
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/css/33c23937934257f8.css

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8SQE7tmdkBqdAvudAabyYrUgo%2BjMd86zPe41XcvwdsibL4FEXUznFkNODGwuMl3i2xI7vdhh9GickswMRby4Yl4Eymb1IxZjjX%2Bhm%2BR7KslipRecEKDRRV%2F5FI20YGjBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c927ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 webpack-f0188b8fa52a736d.js
fatoreader.net/_next/static/chunks/ 0
0 67ms
65ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/chunks/webpack-f0188b8fa52a736d.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7g%2FYw768ZoJDvR9Nmsk4MzPlLnjZhxqJMx5%2BB8N9tAXKhyGRu4kH0zBFOYzYJiKqvnby9fZo4IBCeg7IGtr5WZDf4kB3YWbrsGL%2BtBQKPhVG3Z3hbNSyAOQOa6%2Bd%2B9%2Bfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c937ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 framework-da48b539eb7829d3.js
fatoreader.net/_next/static/chunks/ 0
0 69ms
67ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/chunks/framework-da48b539eb7829d3.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0N8C%2BdevQ0Lp6do3zAwDqBe8l3WdkOgZ5AEx%2BA4gyFr4w2XCkiuqzhBEvDrhFSNWIVhETDTVwd%2BY20oUsABqChZ0KZgGsOk1qa0fhsl6bnRPJPm2kV%2B3sHgQdXJVHXfEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c947ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 main-9629d6934207ab09.js
fatoreader.net/_next/static/chunks/ 0
0 109ms
107ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/chunks/main-9629d6934207ab09.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=228uUPwzgcu137RdpDey25f9qyE%2Ff3hTAeauUfQUumPTfyD8rRw1ckmXhGAQVhb93vglSRuiTqe4CcdMk2cbY60IfmzYkfZQGr1n9sjpTQIfa8pixgaLmalZghnNt3gvFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c967ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 _app-c8b056a377e4217b.js
fatoreader.net/_next/static/chunks/pages/ 0
0 94ms
92ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/chunks/pages/_app-c8b056a377e4217b.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOyIdd6m2lQP5Zxc06c20irRkwRto4dkVD1jfF1YF8hgCnt5hgNTGHzNRUN%2FszyxEKwY1YfYIbnDDEtUkG5yZqtBRa6%2F5ABInVKo4DtSMKnHhXb1MfISkVLReSOgr9%2BW%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c957ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 fec483df-ff0d1084360f0cd1.js
fatoreader.net/_next/static/chunks/ 0
0 110ms
108ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/chunks/fec483df-ff0d1084360f0cd1.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GilS15SQOxDMhKk31CqWcDAMUch1MOnks0E860yMuLnA6GknDL35%2BJwt8mejTo5Ut1CSNz7Sc0vgQSYtYtnWC0u2v8ew1Grl%2BiMqeTOcV9%2Baiaq81JawFPxVcPRk2nZJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c997ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 29107295-6b3f9e4dfb41ae79.js
fatoreader.net/_next/static/chunks/ 0
0 121ms
119ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/chunks/29107295-6b3f9e4dfb41ae79.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KWZK9RzJ3OjiG56%2FIwKR62nnYDOEIvogJOHxE0LrFayiZrEJRtrMvJAsscFGMYvvYlds%2FhYd0A%2FcaJibDQaixPRdCa%2BxYMVNEfFSGt3nbQf06jGP2TAOvfXrKROCD6n%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c987ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 674-f11e74af6f8d414b.js
fatoreader.net/_next/static/chunks/ 0
0 74ms
72ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/chunks/674-f11e74af6f8d414b.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsB7OhJJezptD0qUWsxuoc5LbhTRjCsiWXGm0rizU7%2BrArorhtpTpAQlYv%2FFqpEPP9WvzwGinFSB7nG34r1DdGeoSnj8FmyvjEsXG9FHJv8A4Ayp46M0DH5ir%2BYF4D0oaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c9c7ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 index-19944d72c8b56722.js
fatoreader.net/_next/static/chunks/pages/ 0
0 67ms
66ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/chunks/pages/index-19944d72c8b56722.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4Nk3f6Jb04j5ZsOdppU02EjGKZjzH8OCzoYZiJxIEMdTApb0uhdieW528EowEkKNENb70uMoCLRAJxXfHsjWa9m3%2Fi%2BE%2FR%2BOtWGPiDDLjRZNzgAkcduEZG3sqg2Rr0T9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c9a7ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 _buildManifest.js
fatoreader.net/_next/static/ylHFgFuhAUkb5flk4wAJb/ 0
0 69ms
67ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/ylHFgFuhAUkb5flk4wAJb/_buildManifest.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MgZKHpYdJ6yCzL0FVUcQvPbSTqooo7krVlGiUQI4e%2BBktKeabuw95h9Hzhmq00e3QrLLXfGriKf0j01PaiT5j7zqCeGKXVaRW4K%2FfXh6KPNgBMHWl2SrLY06Mvr6eQYWeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c9b7ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 _ssgManifest.js
fatoreader.net/_next/static/ylHFgFuhAUkb5flk4wAJb/ 0
0 74ms
73ms Script
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/_next/static/ylHFgFuhAUkb5flk4wAJb/_ssgManifest.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXkJ3K99q1yd1S1BES5csz6NmXN5toZtreXQdAfUj1OYNWJ5iE5LyIXmkhxQEdn2ACM6at0%2F8nwZDKH2SbCub6wBv%2FHYIXBWnEwg3hIkyqEQTaK8mVtbSMvsfWJI4f0QkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c44c9d7ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 Nov25_27_BrianRea-383x215.jpg
fatoreader.net/resources/images/article_assets/2024/11/ 5 KB
5 KB 72ms
71ms Image
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fatoreader.net/resources/images/article_assets/2024/11/Nov25_27_BrianRea-383x215.jpg

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c41c11d31e0c209148802f2a36d8eec15668c13f1aa7ef6ca140f1d7504afcb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P80EKV26apx7DnRjCTvQdips2tJairyUdmIEfInJOC3yDtZNSTBZBcYqvR6c8Ioo4xQp43UZbj6O9TdT7d6IPGwFfYavxqVgwrIeRFx0nzwK%2Bb1iCZMUFRd3gCC84RzR5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c49c9e7ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 Nov24_29_2180447086-383x215.jpg
fatoreader.net/resources/images/article_assets/2024/11/ 5 KB
5 KB 72ms
71ms Image
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fatoreader.net/resources/images/article_assets/2024/11/Nov24_29_2180447086-383x215.jpg

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cacf4cf53ba91ff1053c4dca9c1a55b570d4ac9bb551e331e873e786a9a5793b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKIEXRlAKw0o7jjylEYk%2BRqo9DBQb7Mk0Yi5A6AAX0DBGeH6gKUsizSq0dSFzGaEjAUPSmYWw5oKQz8YzR2UhM0I4FJs5K505659oCOI45ZBA2k1PDj4CYstbyJwL6gBcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c49c9f7ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 R2501E_DAVEY-768x432.jpg
fatoreader.net/resources/images/article_assets/2024/11/ 3 KB
3 KB 67ms
67ms Image
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fatoreader.net/resources/images/article_assets/2024/11/R2501E_DAVEY-768x432.jpg

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997053b22ffadab9e026eb25f9d3502ecd22ef71c591347788c75904cfdd01a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6dp8k5fzWoEQiIITLO2Jc8Rdp7Ljgwi%2BLndnWRQkNdjKxHVcATYr3z6mxnrDxAkQC3JVKigl%2B9OsoZ6SyM%2FYBfd44Y5v4s71JOx3nRCZNSV2o5DuiSWhIv%2BZw4JKS60AA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c51ca67ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 CRE4283_IC-Banners_Unisys_logo_60.png
fatoreader.net/resources/images/editorial_assets/insightcenter/ 3 KB
3 KB 66ms
66ms Image
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fatoreader.net/resources/images/editorial_assets/insightcenter/CRE4283_IC-Banners_Unisys_logo_60.png

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092b21a2fa3807e0455f1a1b6d3b3f8db99c99ed2d6c7768bd4da504c4231ff3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zg4U6BLTzREHFKpYuykDk1i%2FL8PA6%2FJEoPxaF5Al8zdbJaEg%2FrQV7siObLm9OUueJu6A%2BSx%2FWbR95XQaQjRtLUrETOusz6AwIRtWITVkg9Vu8p96EockD1%2B22SGo%2Fpw%2BrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c52cad7ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 403 early-careerTRNSPT_600.png
fatoreader.net/resources/images/newsletters/ 4 KB
4 KB 65ms
64ms Image
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fatoreader.net/resources/images/newsletters/early-careerTRNSPT_600.png

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42723f131d2feeee28a8b4f3cbe2d529223629543dd0d0e46aae3140b516d0ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0QuzQk9T8FnGSKDCknpwx5nbZk%2FCfvlnFdRCF3nRypvTPXpQN6NlODo3EWDmlJk3RyRBNvMHkVsCmJHrGvKUpg84vw12wvZ4wzygb4Mth02le4cWBIxZjD5jJSRgdNVdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c54cb17ce0-LAX
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3

200

main.js Show response
fatoreader.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 6E3A
Redirect Chain

https://fatoreader.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://fatoreader.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

9 KB
5 KB

66ms
66ms

Script
application/javascript

104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a660c99225e6a9ce69e09b86813ffd17fe662440ecf334e5c0b695329e723e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r10kXOJooIBtvPsTHIj2MoY2xAah2pXp3JmDOCHDQ4uKUA2YBEyw0P7AzgdOaeiJABb%2FRbpkcOPN7wE10gW78bjzkYYv6hMSJ3p02GPNe4rmqaA06kQ2JM9zC1qIzlIbPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f5c96c6ecc97ce0-LAX
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zjl%2Bp4N2h6YpNvM2K34TbyxBiygV74DO9NldhX74TZwPreD8Hl%2FjF7OkQLDPZKxbyhqFoPqoXUUV%2BoNGAo1Y2Euu%2FrE%2BrkD9nroo2Sc8iuRh%2FqJXcQMFw8Bh%2BpzhHCDsCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c68cc67ce0-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Dec 2024 02:12:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 121ms
121ms Script
text/javascript 172.217.197.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f155.1e100.net

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: br
etag: 5395541545685299795
age: 82934
x-content-type-options: nosniff
expires: Sun, 21 Dec 2025 03:10:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 21 Dec 2024 03:10:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 62 B
72 B 128ms
127ms XHR
application/json 172.217.197.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fatoreader.net

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f155.1e100.net

Software

cafe /

Resource Hash

59759141306f013f99dd74e35a7548f32932b52f19d2a52f53590caf3663e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 02:12:47 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 48
date: Sun, 22 Dec 2024 02:12:47 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 121ms
120ms Other
text/plain 172.217.197.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f155.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 17118
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 21:27:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 21 Dec 2024 21:27:29 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

POST
H3 200 8f5c96bbabd57ce0 Show response
fatoreader.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6E3A 0
944 B 90ms
81ms XHR
text/plain 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fatoreader.net/cdn-cgi/challenge-platform/h/b/jsd/r/8f5c96bbabd57ce0
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lf2CNwLXmNzG6F5PB0VhHda8Vpe4AOpzEXEQNddFEEuty4qCJXRiw8xmt0nANAOUsEMTdGEEVbx%2Ft8IsOli2sNHMh0YsIubK%2FTTEaZRjlqiUs5ZX7765V%2F9VLhhbuoTpZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96c80cd37ce0-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 60F5 0
0 358ms
120ms Document
text/html 172.217.197.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f155.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fatoreader.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29117
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 01:37:53 GMT
expires: Sun, 22 Dec 2024 02:27:53 GMT
last-modified: Mon, 09 Dec 2024 20:44:42 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=7801965A577503E87F000101%40AdobeOrg&d_nsid=0&ts=1734833568325
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=7801965A577503E87F000101%40AdobeOrg&d_nsid=0&ts=1734833568325

362 B
909 B

122ms
122ms

XHR
application/json

44.207.80.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=7801965A577503E87F000101%40AdobeOrg&d_nsid=0&ts=1734833568325

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Server

44.207.80.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-80-215.compute-1.amazonaws.com

Software

Resource Hash

4f6a18fd5c067e6012bfb539f488621310978442ece0921fb7b0005855e633ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-2-v068-090c7171d.edge-va6.demdex.com 4 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: 588yXdAHTFM=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://fatoreader.net
content-length: 307
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=7801965A577503E87F000101%40AdobeOrg&d_nsid=0&ts=1734833568325
dcs: dcs-prod-va6-1-v068-09a049123.edge-va6.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: j7m2kfrfQQ4=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://fatoreader.net
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sun, 22 Dec 2024 02:12:48 GMT
vary: Origin

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP31dbb9c60e404ba1aa6e746d49be6f29/ 35 KB
13 KB 118ms
118ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EP31dbb9c60e404ba1aa6e746d49be6f29/AppMeasurement.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

7db8d077fc21c20f1449a2603d524e423cfa25d7df6d5fd845a8e5e883aa227e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "66aabcd8a7ba429711eebdad8acc3dd6:1729811534.672229"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 03:12:48 GMT
accept-ranges: bytes
access-control-allow-origin: https://fatoreader.net
content-length: 13011
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 23:12:14 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP31dbb9c60e404ba1aa6e746d49be6f29/ 3 KB
2 KB 124ms
123ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EP31dbb9c60e404ba1aa6e746d49be6f29/AppMeasurement_Module_ActivityMap.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

2a250e2f225e48cf583d54a0a42d623c700847de17323bf23ea372e5d9e89cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "ddda3fb3f27121fcba6a33a82f32d57c:1729811534.987187"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 03:12:48 GMT
accept-ranges: bytes
access-control-allow-origin: https://fatoreader.net
content-length: 1598
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Oct 2024 23:12:14 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 250ms
121ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-BaO23sPP' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-BaO23sPP' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8235, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Nu6hPSQ4g4IKA/IU2hAOYYAR1XFOuey2xaW2s6Fcgut5ZiI9OPijxM68PkVxiE53xhT1XWOLomZmmmkQzO7Oxw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 431 KB
136 KB 389ms
143ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J405XEHEZE

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f05aaa0b67e5beb1cca3c5f1d9d5eebc6af8cd90d8db8f6433c51e83933910c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 22 Dec 2024 02:12:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 138992
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 19 KB
7 KB 506ms
121ms Script
application/javascript 2600:1408:c400:5::17c7:3719
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: max-age=52189
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 7404
date: Sun, 22 Dec 2024 02:12:48 GMT
last-modified: Wed, 18 Dec 2024 08:42:17 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 RCcea2838afd024319a4807aa48014be74-source.min.js Show response
assets.adobedtm.com/c0857d0b892a/7e3e4b83f0c5/d0c7b9eff810/ 312 B
475 B 135ms
134ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/c0857d0b892a/7e3e4b83f0c5/d0c7b9eff810/RCcea2838afd024319a4807aa48014be74-source.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

f949d282a01968d36ec6c88447c6d7cd799fa7cc7fda85dbb96f7467919d731f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "eac8ab83466e3be2aa1d7bcbee1661cd:1734640367.635255"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 03:12:48 GMT
accept-ranges: bytes
access-control-allow-origin: https://fatoreader.net
content-length: 196
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/x-javascript
last-modified: Thu, 19 Dec 2024 20:32:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RCb2865ee3dc82458a9cf6645c0e09aef1-source.min.js Show response
assets.adobedtm.com/c0857d0b892a/7e3e4b83f0c5/d0c7b9eff810/ 312 B
476 B 127ms
127ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/c0857d0b892a/7e3e4b83f0c5/d0c7b9eff810/RCb2865ee3dc82458a9cf6645c0e09aef1-source.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

25a7d768f4555313b8c6acc7c3ff50db7932052fe291cbdb9258cdc64d7cb1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "eac8ab83466e3be2aa1d7bcbee1661cd:1734640367.635255"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 03:12:48 GMT
accept-ranges: bytes
access-control-allow-origin: https://fatoreader.net
content-length: 197
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/x-javascript
last-modified: Thu, 19 Dec 2024 20:32:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 / Show response
zn4pzx5r5auu7w4rx-hbp.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 9 KB
4 KB 387ms
82ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn4pzx5r5auu7w4rx-hbp.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_4PzX5r5aUU7W4rX

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f59b8e7e92547bc745c8ed1359d8bbabda843738684c484953cb7db41d20800a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2281-JFeq04Skgn84Q8+Slvtn74kYGKI"
age: 178221
x-content-type-options: nosniff
date: Sun, 22 Dec 2024 02:12:48 GMT
edge-control: max-age=604800
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8f5c96cc7fbe2517-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 274ms
91ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 24FC6569EDEA46D19BC735A39FE34DDF Ref B: LAX311000108033 Ref C: 2024-12-22T02:12:48Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Sun, 22 Dec 2024 02:12:47 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 RC98b579bdcfb84b49bb05b4b69d066cba-source.min.js Show response
assets.adobedtm.com/c0857d0b892a/7e3e4b83f0c5/d0c7b9eff810/ 2 KB
723 B 123ms
122ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/c0857d0b892a/7e3e4b83f0c5/d0c7b9eff810/RC98b579bdcfb84b49bb05b4b69d066cba-source.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

84f2f09c32656c826efaa6dae8e0bb1646195a3a4e085f385c0b13e961361d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "eac8ab83466e3be2aa1d7bcbee1661cd:1734640367.635255"
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 03:12:48 GMT
accept-ranges: bytes
access-control-allow-origin: https://fatoreader.net
content-length: 444
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/x-javascript
last-modified: Thu, 19 Dec 2024 20:32:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET

activityi;dc_pre=CK-e8NSmuooDFadTRwEd1OAK_A;src=8604778;type=wcaun0;cat=hbr_a0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5310457097467.087
8604778.fls.doubleclick.net/
Redirect Chain

https://8604778.fls.doubleclick.net/activityi;src=8604778;type=wcaun0;cat=hbr_a0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5310457097467.087
https://8604778.fls.doubleclick.net/activityi;dc_pre=CK-e8NSmuooDFadTRwEd1OAK_A;src=8604778;type=wcaun0;cat=hbr_a0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5310457097467.087

0
0

GET
H2 200 5795582.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 91ms
90ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5795582.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

942e56a2e0d4bf1d0c2105295856e6bb7792875b8669ee9b82371e5186a2ab59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3D82F1582CC41E5B1EDDCFA39A80FE0 Ref B: LAX311000108033 Ref C: 2024-12-22T02:12:48Z
x-cache: CONFIG_NOCACHE
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 173481989821205 Show response
connect.facebook.net/signals/config/ 70 KB
14 KB 263ms
263ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/173481989821205?v=2.9.179&r=stable&domain=fatoreader.net&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

286b4268471327416870e173704adaa3c9a245512a1c32a42afcea793c385de0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Z11PbnDD' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Z11PbnDD' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=80, mss=1232, tbw=74399, tp=72, tpl=0, uplat=145, ullat=0
pragma: public
x-fb-debug: yZH+1EaGiHM/aai8Sr8rikzcEQiEQzcwOxVywRwuq1AtFZx740HxE/oohm7mEnt71/ZfatXjGjvteOLikFcLVw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 5795582 Show response
www.clarity.ms/tag/uet/ 878 B
1 KB 406ms
116ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5795582
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 98455a72081915c5a220189d5bf1e9e9fb38e83978fb3c593062fba112f9cbf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 878
date: Sun, 22 Dec 2024 02:12:49 GMT
content-type: application/x-javascript
x-azure-ref: 20241222T021249Z-1868988d889k4bnhhC1LAXm4rg0000000swg00000000mhek

GET
H2 204 0
bat.bing.com/action/ 0
361 B 91ms
91ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5795582&tm=al001&Ver=2&mid=7e8f56ac-145f-46ab-855a-187a37b4a396&bo=1&sid=3d9b5af0c00a11efb1dfb525b99cff05&vid=3d9b9820c00a11efb04d4311950a1cfe&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Harvard%20Business%20Review%20-%20Ideas%20and%20Advice%20for%20Leaders&p=https%3A%2F%2Ffatoreader.net%2F&r=https%3A%2F%2Ffatoreader.net%2F&lt=1810&pt=1734833565924,1180,1180,4,68,68,68,68,68,68,,69,1176,1782,1181,1808,1808,1810,,,&pn=0,1&evt=pageLoad&sv=1&cdb=AQAQ&rn=787367

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F3988C31B8C4108A58EA2BA27E5B0D6 Ref B: LAX311000108033 Ref C: 2024-12-22T02:12:48Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 22 Dec 2024 02:12:48 GMT

GET
H2 200 8.372e3f9662e7442947d8.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 78 KB
22 KB 123ms
79ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/8.372e3f9662e7442947d8.chunk.js?Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&Q_BRANDID=fatoreader.net

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945b88ef669ded280836cf5628ff13bbe817e6616a37420897a24d767edb05c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"137ad-193d0d2dba0"
age: 438904
x-content-type-options: nosniff
date: Sun, 22 Dec 2024 02:12:48 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 18:55:00 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8f5c96cd486b2517-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 134ms
134ms Script
application/javascript 2600:1408:c400:5::17c7:3719
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: max-age=55329
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14634
date: Sun, 22 Dec 2024 02:12:48 GMT
last-modified: Mon, 02 Dec 2024 19:22:52 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 dest5.html
hbr.demdex.net/ Frame B24F 0
0 493ms
120ms Document
text/html 50.19.69.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hbr.demdex.net/dest5.html?d_nsid=0

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

50.19.69.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-69-177.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fatoreader.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 22 Dec 2024 02:12:49 GMT
dcs: dcs-prod-va6-1-v068-005801d3d.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 22 Nov 2024 12:59:45 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: jZQkpGBRRFs=

GET
H2 200 id Show response
hbr.sc.omtrdc.net/ 2 B
266 B 421ms
121ms XHR
application/x-javascript 63.140.38.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hbr.sc.omtrdc.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=7801965A577503E87F000101%40AdobeOrg&mid=86922859457916394854455040241810679345&ts=1734833568891

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.112 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-112.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://fatoreader.net/

Response headers

cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://fatoreader.net
p3p: CP="This is not a P3P policy"
content-length: 2
date: Sun, 22 Dec 2024 02:12:49 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=Z2d1oQAAAGzAuQOF
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=86477013373299116194427181305440865999
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z2d1oQAAAGzAuQOF

42 B
717 B

123ms
120ms

Image
image/gif

44.207.80.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z2d1oQAAAGzAuQOF

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Server

44.207.80.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-207-80-215.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-2-v068-0fd9206ef.edge-va6.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: xvXTDUrdSYA=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sun, 22 Dec 2024 02:12:49 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z2d1oQAAAGzAuQOF
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Sun, 22 Dec 2024 02:12:49 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

POST
H2 200 delivery Show response
harvardbusinessrevie.tt.omtrdc.net/rest/v1/ 363 B
851 B 557ms
136ms XHR
application/json 63.140.39.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://harvardbusinessrevie.tt.omtrdc.net/rest/v1/delivery?client=harvardbusinessrevie&sessionId=b3eed3b05acd48d2a99b19e272482893&version=2.11.4

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.196 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-196.data.adobedc.net

Software

jag /

Resource Hash

fa728669ff0d6c924e163ed4989d74fce23b5666d769cdcb5ce9581f1216a240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 041938e4-413e-4ec3-b26d-bdcad22577a2
cache-control: no-cache, no-store, max-age=0, no-transform, private
timing-allow-origin: *
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
access-control-allow-origin: https://fatoreader.net
date: Sun, 22 Dec 2024 02:12:49 GMT
x-xss-protection: 1; mode=block
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: jag

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 6 KB
2 KB 152ms
151ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_4PzX5r5aUU7W4rX&Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f44103b889a53af3d14f91ca9ca62074bc6f7f28bbe1b945b8a2f81ab3759cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://fatoreader.net/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Sun, 22 Dec 2024 02:12:49 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: dbc52914467a7cdb
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8f5c96cdd8ec2517-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://fatoreader.net
server: cloudflare

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
760 B 327ms
137ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6373529&time=1734833569024&url=https%3A%2F%2Ffatoreader.net%2F
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://fatoreader.net/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 000629d26aa41890fd8db1c408cf4fbf
x-msedge-ref: Ref A: 99EACA7E24A54D158402E6D7282432D8 Ref B: LAXEDGE1510 Ref C: 2024-12-22T02:12:49Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYp0mqkGJD9jbHECM9Pvw==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 22 Dec 2024 02:12:48 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6373529%26time%3D1734833569024%26li_adsId%3D8fb15d1b-dafc-4438-9539-6aa139f54863%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F&cookiesTest=true&liSync=true&e_ipv6=...

0
487 B

272ms
118ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQIZN_DlI-USPgAAAZPsI39izhdZnVdA7sC0Z6hI0pcFC8MzfmVu-FYIqZPKNmQV2bM_Zw
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3DA79CE19ECB405193C0C246A3285580 Ref B: LAX311000110017 Ref C: 2024-12-22T02:12:49Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYp0mqtazJAqTgLmr5xoA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 22 Dec 2024 02:12:49 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6373529&time=1734833569024&li_adsId=8fb15d1b-dafc-4438-9539-6aa139f54863&url=https%3A%2F%2Ffatoreader.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQIZN_DlI-USPgAAAZPsI39izhdZnVdA7sC0Z6hI0pcFC8MzfmVu-FYIqZPKNmQV2bM_Zw
x-msedge-ref: Ref A: B6F08E3E9EFE43FF927B18AE2F2B9AA7 Ref B: LAXEDGE1608 Ref C: 2024-12-22T02:12:49Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYp0mqpf5yzDn/xQL2uBQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 22 Dec 2024 02:12:48 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 283ms
119ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173481989821205&ev=PageView&dl=https%3A%2F%2Ffatoreader.net%2F&rl=https%3A%2F%2Ffatoreader.net%2F&if=false&ts=1734833569043&sw=1600&sh=1200&v=2.9.179&r=stable&a=adobe_launch&ec=0&o=12318&fbp=fb.1.1734833569042.524536135166216658&cdl=API_unavailable&it=1734833568738&coo=false&rqm=GET

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=24, mss=1232, tbw=8282, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 22 Dec 2024 02:12:49 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 329ms
165ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=173481989821205&ev=PageView&dl=https%3A%2F%2Ffatoreader.net%2F&rl=https%3A%2F%2Ffatoreader.net%2F&if=false&ts=1734833569043&sw=1600&sh=1200&v=2.9.179&r=stable&a=adobe_launch&ec=0&o=12318&fbp=fb.1.1734833569042.524536135166216658&cdl=API_unavailable&it=1734833568738&coo=false&rqm=FGET

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451053444418184686"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 22 Dec 2024 02:12:49 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 9v6U+sCfcWWuZFBG0EL0j95OD/QcayNX6WjPbc4XHP1cmI7Mj2jamIja+zUeCFMy64bhvSkdZrYZHwRYr8iSYg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451053444418184686", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=24, mss=1232, tbw=8602, tp=16, tpl=0, uplat=45, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 173 KB
56 KB 483ms
133ms Script
application/javascript 52.85.151.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-110.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ef66da786aac7a6ae7d165b5a6d9f7456ec786ddc04100449d53ab5cf796db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

vary: Accept-Encoding
cache-control: max-age=600; must-revalidate
content-encoding: gzip
etag: W/"baf420a4fb632cc24e50dcdb1d7e984d"
age: 593
via: 1.1 077b94dab77b8114aebf503be197d7d8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Rdj2T1Y_dhb7kYOhUBOpkxTcWeKyo87akpNTDW_5Q2LdI_xmknxUzg==
date: Sun, 22 Dec 2024 02:02:57 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 09:49:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.59/ 67 KB
28 KB 120ms
119ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.59/clarity.js
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

x-azure-ref: 20241222T021249Z-1868988d889k4bnhhC1LAXm4rg0000000swg00000000mhez
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD202F1480E82A"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: a27a1f0e-501e-0029-0158-5210af000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sun, 22 Dec 2024 02:12:49 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 19 Dec 2024 13:14:33 GMT

POST
H/1.1 204
No Content collect Show response
l.clarity.ms/ 0
278 B 406ms
118ms XHR
text/plain 51.8.207.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://fatoreader.net/

Response headers

Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
Access-Control-Allow-Origin: https://fatoreader.net
Date: Sun, 22 Dec 2024 02:12:49 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 s28659776340979
smetrics.hbr.org/b/ss/hbrmaindev/1/JS-2.27.0-LEWM/ 43 B
373 B 454ms
124ms Image
image/gif 63.140.38.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.hbr.org/b/ss/hbrmaindev/1/JS-2.27.0-LEWM/s28659776340979?AQB=1&ndh=1&pf=1&t=21%2F11%2F2024%2016%3A12%3A49%206%20600&sdid=2838442B8C4D1AF3-5C4F7E6049579FAA&mid=86922859457916394854455040241810679345&aamlh=7&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=Homepage%3A%20Harvard%20Business%20Review%20-%20Ideas%20and%20Advice%20for%20Leaders&g=https%3A%2F%2Ffatoreader.net&r=https%3A%2F%2Ffatoreader.net%2F&c.&getPercentPageViewed=5.0.2&handlePPVevents=n%2Fa&p_fo=3.0&cleanStr=2.0&inList=n%2Fa&getTimeSinceLastVisit=n%2Fa&formatTime=n%2Fa&getNewRepeat=n%2Fa&pt=3.0&getPreviousValue=3.0.1&apl=4.0&rfl=2.1&.c&cc=USD&ch=HBR.org%20Content&server=https%3A%2F%2Ffatoreader.net&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=Homepage&c2=https%3A%2F%2Ffatoreader.net&c6=Content%20Interaction&c7=Page%20View&c13=09%3A12%20PM&c14=Guest&c15=New%20Visitor&c24=Guest&v31=Guest&c32=2&v32=New&c33=2&v39=Homepage%3A%20Harvard%20Business%20Review%20-%20Ideas%20and%20Advice%20for%20Leaders&c40=D%3Dv1&v45=https%3A%2F%2Ffatoreader.net&c47=https%3A%2F%2Ffatoreader.net&c48=https%3A%2F%2Ffatoreader.net&c50=en&v66=12-21-2024&c74=MFE&v112=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&v250=HBR%20-%20Content%20%28MFE%29%3A%20Analytics%20%7C%20PLR%20Bottom%20%7C%20040%20%7C%20Global%20Variables%20%7C%20Page%20View&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=7801965A577503E87F000101%40AdobeOrg&AQE=1

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.183 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-183.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3725526722279735296-4618573684154976531
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 02:12:49 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Sun, 22 Dec 2024 02:12:49 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Dec 2024 02:12:49 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 476ms
124ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://fatoreader.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://fatoreader.net
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Sun, 22 Dec 2024 02:12:50 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 493ms
137ms Script
application/x-javascript 2600:9000:24f3:3800:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f3:3800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"665fad8c-9895"
age: 54173
cross-origin-resource-policy: cross-origin
via: 1.1 6d06c1cebf839017775983f86078f53a.cloudfront.net (CloudFront)
expires: Sun, 22 Dec 2024 11:09:57 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: I1yeS7S6UO5NOWFfLsm4w4GJYkdhH8fTUS7jb4D-27zp9egLRbuXLw==
date: Sat, 21 Dec 2024 11:09:57 GMT
content-type: application/x-javascript
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: IAD55-P2
vary: Accept-Encoding

GET
H2 200 a-057o.min.js Show response
b-code.liadm.com/ 136 KB
46 KB 482ms
134ms Script
application/javascript 2600:9000:2509:8e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057o.min.js
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2509:8e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dd15f550fd7daeef2fe3312ccf84f0d95de2fcadb3305816a2e5647feab9425a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 46365
via: 1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: VUMweQQSL3spapoxIwTt2wz_-XWhn385s101eZv9D5wW6_oTcTyEIQ==
date: Sat, 21 Dec 2024 13:20:05 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: IAD12-P2

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 256 B
475 B 127ms
126ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: cba0036349cc52d4cac5cc87e0ed383ae6f78bb8ac56d52152b6b954506240ab

Request headers

x-lib-version: v1.0.1
authorization: Bearer 097d0d60bb7516ff02c30739c6433625
Referer: https://fatoreader.net/
x-referring-url: https://fatoreader.net/
accept: application/json
content-type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-encoding: gzip
pragma: no-cache
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
access-control-allow-credentials: true
allowedorigins: *
expires: -1
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
content-length: 174
date: Sun, 22 Dec 2024 02:12:50 GMT
content-type: application/json
vary: Accept-Encoding

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
193 B 110ms
108ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fatoreader.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 30D080A5024C494EB1DF298938EB0AD8 Ref B: LAXEDGE1608 Ref C: 2024-12-22T02:12:49Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYp0mqvXmCX6/Yrtnpm8w==
x-li-proto: http/2
access-control-allow-origin: https://fatoreader.net
x-cache: CONFIG_NOCACHE
date: Sun, 22 Dec 2024 02:12:49 GMT
vary: Origin

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 387ms
118ms Image
image/gif 34.200.196.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=hbr.org&p=%2F&u=DmXsKCDdaUjwBI9u-&d=fatoreader.net&g=50184&g0=Change%20this%20to%20your%20Section%20name&g1=Change%20this%20to%20your%20Author%20name&nc=1&c=0&x=0&m=0&y=38597&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&v=https%3A%2F%2Ffatoreader.net%2F&PA=https%3A%2F%2Ffatoreader.net%2F&b=4369&t=CFxWkSNdwwcDexDkDCtDnZs9gUx3&V=147&i=Harvard%20Business%20Review%20-%20Ideas%20and%20Advice%20for%20Leaders&tz=600&sn=1&sv=9LfvHBOhMtsJk4qrCYkQ9mKO5a-&sr=https%3A%2F%2Ffatoreader.net%2F&sd=1&im=06032c03&_
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.200.196.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-196-38.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Sun, 22 Dec 2024 02:12:50 GMT
pragma: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin

GET
H/1.1 200
OK a-057o
i.liadm.com/s/c/ Frame 3669 0
0 541ms
129ms Document
text/html 54.236.128.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-057o?duid=8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7&euns=0&s=&version=v3.6.0&cd=.fatoreader.net&pv=38cc04c5-2742-49d2-9e63-c81e8699d98d

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.128.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-128-166.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fatoreader.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 645
Content-Type: text/html; charset=UTF-8
Date: Sun, 22 Dec 2024 02:12:50 GMT
Request-Time: 11
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
trace-id: 6844c87eeb1a22bf

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 15 KB
4 KB 453ms
132ms Script
application/javascript 23.212.251.10
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2DV602QV140ORDILH20&lib=ttq
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.10 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-251-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: be7d214deb426cbcb17e072483207f82451a1ff1e9f558d1d664b4b626dc95f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: gzip
expires: Sun, 22 Dec 2024 02:12:50 GMT
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=8
x-cache: TCP_MISS from a23-220-107-17.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 02:12:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 121eb1b2
x-tt-trace-host: 015e6b1ec32ce4ad0b9c9f17bdfcd0e1c77295801f1aab44c0f0e50f06d991aa0976817aa0bf443acaada9ec140951eaaf1b48b6c2e80c993d27d1e0e84aa81dc82cb4afbbe3de7d70129967c835b66a561f67038b42d50be98e87d1d5fe3a58a1
x-origin-response-time: 8,23.220.107.17
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241222021250C3024A5131181A0D6852-11E84B3263E376FB-00
content-length: 3003
x-tt-logid: 20241222021250C3024A5131181A0D6852
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
93 KB 141ms
140ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1062985444

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d1798fa5ef3dd7a5027c97abd0af8025fc9cf3b6dd5e6caa14da5e62fc6b857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 22 Dec 2024 02:12:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 02:12:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94955
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1734833570552&aid=a-057o&se=e30&duid=8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7&tv=v3.6.0&pu=https%3A%2F%2Ffatoreader.net%2F&wpn=lc-bundle&wpv=v3.6.0&refr=https%3A%2F%2F...
https://rp4.liadm.com/j?dtstmp=1734833570552&aid=a-057o&se=e30&duid=8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7&tv=v3.6.0&pu=https%3A%2F%2Ffatoreader.net%2F&wpn=lc-bundle&wpv=v3.6.0&refr=https%3A%2F%2...

13 B
368 B

421ms
122ms

XHR
application/json

35.169.165.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1734833570552&aid=a-057o&se=e30&duid=8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7&tv=v3.6.0&pu=https%3A%2F%2Ffatoreader.net%2F&wpn=lc-bundle&wpv=v3.6.0&refr=https%3A%2F%2Ffatoreader.net%2F&cd=.fatoreader.net&c=PHRpdGxlPkhhcnZhcmQgQnVzaW5lc3MgUmV2aWV3IC0gSWRlYXMgYW5kIEFkdmljZSBmb3IgTGVhZGVyczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkZpbmQgbmV3IGlkZWFzIGFuZCBjbGFzc2ljIGFkdmljZSBvbiBzdHJhdGVneSwgaW5ub3ZhdGlvbiBhbmQgbGVhZGVyc2hpcCwgZm9yIGdsb2JhbCBsZWFkZXJzIGZyb20gdGhlIHdvcmxkJ3MgYmVzdCBidXNpbmVzcyBhbmQgbWFuYWdlbWVudCBleHBlcnRzLiI-PHRpdGxlIGlkPSJsb2dvOlI1NXI2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-PHRpdGxlIGlkPSJsb2dvOlI5NXI2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-PGgxIGNsYXNzPSJGZWF0dXJlZF90aXRsZV9fTXNQUmQiPjxhIGhyZWY9Ii8yMDI0LzEyL3RoZS0xMC1tb3N0LXBvcHVsYXItaGJyLWFydGljbGVzLW9mLTIwMjQ_YWI9SFAtaGVyby1mZWF0dXJlZC10ZXh0LTEiIGNsYXNzPSJGZWF0dXJlZF9saW5rX192TTVUYSIgZGF0YS1lbGVtZW50LXR5cGU9ImZvci15b3UtZWxlbWVudC1ob3ZlciIgYXJpYS1sYWJlbD0iUmVhZCBtb3JlIGFib3V0IFRoZSAxMCBNb3N0IFBvcHVsYXIgSEJSIEFydGljbGVzIG9mIDIwMjQiPlRoZSAxMCBNb3N0IFBvcHVsYXIgSEJSIEFydGljbGVzIG9mIDIwMjQ8L2E-PC9oMT48aDEgY2xhc3M9IlRoZUxhdGVzdF90aXRsZV9fUU1LTDAiPlRoZSBMYXRlc3Q8L2gxPjx0aXRsZSBpZD0ibG9nbzpSZXY2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-&pv=38cc04c5-2742-49d2-9e63-c81e8699d98d&i6=MmEwNDpjNjA0OjYxNToxOjo0&n3pc=true
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Server: 35.169.165.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-165-53.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

x-pixel-event-id: 64ef13ee-f800-44a5-9cf1-3240076ce77c
access-control-max-age: 86400
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: null
content-length: 13
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: application/json

Redirect headers

access-control-max-age: 86400
access-control-expose-headers: *
location: https://rp4.liadm.com/j?dtstmp=1734833570552&aid=a-057o&se=e30&duid=8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7&tv=v3.6.0&pu=https%3A%2F%2Ffatoreader.net%2F&wpn=lc-bundle&wpv=v3.6.0&refr=https%3A%2F%2Ffatoreader.net%2F&cd=.fatoreader.net&c=PHRpdGxlPkhhcnZhcmQgQnVzaW5lc3MgUmV2aWV3IC0gSWRlYXMgYW5kIEFkdmljZSBmb3IgTGVhZGVyczwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkZpbmQgbmV3IGlkZWFzIGFuZCBjbGFzc2ljIGFkdmljZSBvbiBzdHJhdGVneSwgaW5ub3ZhdGlvbiBhbmQgbGVhZGVyc2hpcCwgZm9yIGdsb2JhbCBsZWFkZXJzIGZyb20gdGhlIHdvcmxkJ3MgYmVzdCBidXNpbmVzcyBhbmQgbWFuYWdlbWVudCBleHBlcnRzLiI-PHRpdGxlIGlkPSJsb2dvOlI1NXI2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-PHRpdGxlIGlkPSJsb2dvOlI5NXI2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-PGgxIGNsYXNzPSJGZWF0dXJlZF90aXRsZV9fTXNQUmQiPjxhIGhyZWY9Ii8yMDI0LzEyL3RoZS0xMC1tb3N0LXBvcHVsYXItaGJyLWFydGljbGVzLW9mLTIwMjQ_YWI9SFAtaGVyby1mZWF0dXJlZC10ZXh0LTEiIGNsYXNzPSJGZWF0dXJlZF9saW5rX192TTVUYSIgZGF0YS1lbGVtZW50LXR5cGU9ImZvci15b3UtZWxlbWVudC1ob3ZlciIgYXJpYS1sYWJlbD0iUmVhZCBtb3JlIGFib3V0IFRoZSAxMCBNb3N0IFBvcHVsYXIgSEJSIEFydGljbGVzIG9mIDIwMjQiPlRoZSAxMCBNb3N0IFBvcHVsYXIgSEJSIEFydGljbGVzIG9mIDIwMjQ8L2E-PC9oMT48aDEgY2xhc3M9IlRoZUxhdGVzdF90aXRsZV9fUU1LTDAiPlRoZSBMYXRlc3Q8L2gxPjx0aXRsZSBpZD0ibG9nbzpSZXY2OiI-SGFydmFyZCBCdXNpbmVzcyBSZXZpZXcgTG9nbzwvdGl0bGU-&pv=38cc04c5-2742-49d2-9e63-c81e8699d98d&i6=MmEwNDpjNjA0OjYxNToxOjo0&n3pc=true
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://fatoreader.net
content-length: 0
date: Sun, 22 Dec 2024 02:12:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
99 KB 130ms
130ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-366722478

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dffe342141b4e8faa8069eb2dff5c163fcce0cb38dfdb02fd7cae8d6efcb2342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 22 Dec 2024 02:12:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 02:12:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 22 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101187
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 22 KB
22 KB 217ms
62ms Script
text/javascript 35.244.142.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag: "4eddeec95afda969b3d1b2fb970c1eb1"
age: 3385
x-goog-stored-content-encoding: identity
expires: Sun, 22 Dec 2024 02:16:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22096
date: Sun, 22 Dec 2024 01:16:26 GMT
last-modified: Tue, 25 Jun 2024 13:55:49 GMT
content-type: text/javascript
x-guploader-uploadid: AFiumC6pks3pQUu0Mfe0Qi8a-dM7Y203aqpbElXrSCVaB1Jx9kZm-waEcKoBH_M1lqOwnus
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1719323749654301
content-length: 22096
server: UploadServer

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 403ms
121ms Script
text/javascript 52.86.2.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.2.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-2-38.compute-1.amazonaws.com
Software: /
Resource Hash: b18ef6f1f3778862e9b4b004fba59fd32379debec9df10f6b654ff3fb9fe42a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: text/javascript

GET
H2 200 main.MWE1OTI4NzI4MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 347 KB
96 KB 143ms
143ms Script
application/javascript 23.212.251.10
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.10 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-251-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

x-cache: TCP_MEM_HIT from a23-220-107-17.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
x-tt-trace-id: 00-241219132429E89A9C6B1CAA72AAAA13-5A8C9071547AE98A-00
content-length: 97362
date: Sun, 22 Dec 2024 02:12:50 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241219132429E89A9C6B1CAA72AAAA13
server: nginx
x-akamai-request-id: 121eb347
x-tt-trace-host: 0161a9e58687385cc190b25eac9d377c1e34eb8e4b1cce0a00dbf0a0da344cee3cfff19430d1255b1908f8575940e30d697cd7847aff8eff20323c49465b298df9cab11a5ffba81de15dc2388218f0250a3bd3024227a50b96befb703fc225f8a1

OPTIONS
H2 200 ingest
pixels.spotify.com/v1/ Frame 0
0 250ms
108ms Preflight 2600:1901:1:7c5::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.spotify.com/v1/ingest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fatoreader.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: https://fatoreader.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 22 Dec 2024 02:12:50 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

POST
H2 200 ingest Show response
pixels.spotify.com/v1/ 52 B
271 B 117ms
116ms Fetch
application/json 2600:1901:1:7c5::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pixels.spotify.com/v1/ingest

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

fd5decc96384d509c6b1e3cbd28018d78fc4c0856f78fa9a075c528ff0c0ae84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://fatoreader.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
grpc-status: 0
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding: gzip,x-snappy-framed
access-control-allow-origin: https://fatoreader.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: application/json
vary: Accept-Encoding
grpc-encoding: identity
server: envoy

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 129ms
128ms Script
application/javascript 23.212.251.10
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.10 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-251-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

x-cache: TCP_HIT from a23-220-107-17.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-24111505024497C041E7630B74133A00-3B6BCAAE6C5DB6DB-00
content-length: 39364
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024111505024497C041E7630B74133A00
server: nginx
x-akamai-request-id: 121eb759
x-tt-trace-host: 0142821e461e423bd8be453b6473e823f1589134bfe58036dd30fd44fea4e52ba47f106dd2f512bbacd11c1497a88fdd44b43f64163e8760cdfde5c4366deac7d4b1c839cad7a9d3cca95b90d328f611834f019da73c60dece32fb8e00dd329378

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 161ms
160ms Ping
text/plain 23.212.251.10
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.10 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-251-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fatoreader.net/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 02:12:51 GMT
server-timing: inner; dur=23, cdn-cache; desc=MISS, edge; dur=10, origin; dur=27
x-cache: TCP_MISS from a23-220-107-17.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 02:12:51 GMT
x-akamai-request-id: 121eb786
access-control-allow-headers: Authorization,*
x-tt-trace-host: 015e6b1ec32ce4ad0b9c9f17bdfcd0e1c77295801f1aab44c0f0e50f06d991aa09a4a474e03940f1ee0baa79b10578e613620f415226136686a27632c78db23eb782f057c3bf59c6f5140300699b4f81bad7c5fa20fe70af944f5895947f0b1b70
x-origin-response-time: 27,23.220.107.17
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412220212512F491A06E93EB9708658-4F41DCA760E52026-00
content-length: 0
x-tt-logid: 202412220212512F491A06E93EB9708658
server: nginx

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 120ms
119ms Stylesheet
text/css 52.86.2.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.2.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-2-38.compute-1.amazonaws.com
Software: /
Resource Hash: 7b8112efa2e817f2534339b1a48bf487e65a54d6e3c17ac91c61b7bfb396dc5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 355ms
119ms Fetch
image/jpeg 52.86.2.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.2.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-2-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: image/jpeg

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
0 355ms
355ms Fetch
image/jpeg 52.86.2.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.2.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-2-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: image/jpeg

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
716 B 149ms
147ms Ping
text/plain 23.212.251.10
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.10 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-251-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fatoreader.net/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 22 Dec 2024 02:12:51 GMT
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=9, origin; dur=16
x-cache: TCP_MISS from a23-220-107-17.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Sun, 22 Dec 2024 02:12:51 GMT
x-akamai-request-id: 121eb964
access-control-allow-headers: Authorization,*
x-tt-trace-host: 015e6b1ec32ce4ad0b9c9f17bdfcd0e1c77295801f1aab44c0f0e50f06d991aa098e6bfa0a8acff1455be0f639ed6da55854d7e9337ddd5f9c9d9dee071c210624a2badacdf1fde00366cbaad2b81313f9afca199563c4ed12d64f3e8df4979ad2
x-origin-response-time: 17,23.220.107.17
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24122202125183D15E63349F5870465C-1214FB5B6924DB23-00
content-length: 0
x-tt-logid: 2024122202125183D15E63349F5870465C
server: nginx

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
286 B 120ms
120ms XHR
text/plain 52.86.2.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=YvNmZXfQ1nonpADoKNOzow&is_js=true&landing_url=https%3A%2F%2Ffatoreader.net%2F&t=Harvard%20Business%20Review%20-%20Ideas%20and%20Advice%20for%20Leaders&tip=n4JS-JJFh4d3N5MuhsL9_Xvp-jQkACXI_aM9fIzNxrQ&host=https%3A%2F%2Ffatoreader.net&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd91dd84340a5315dcb747b2ecda36f7582a2f5cef4&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKINGcs0buF5CUQNN4YmnkIk9TX4HbLs5a9t3dtOVGqLwmENYBGAQgo-uduwYwAToExbdv9kIEi5u2bA.Sez3uix8y3xt35nML0nNA5jRVQwSTyJ5u3LZ8PhZxeA&sa-user-id-v2=s%253AHdhDQKUxXct0ey7No291gqL1zvQ.MlSPk5v4MUDwGgUiktoyvpGG0YaMjUPMN%252BkYvU00tEs&sa-user-id=s%253A0-1dd84340-a531-5dcb-747b-2ecda36f7582.fuHu9M0%252Br4TjuQnvOw1gr0O4MU1Ifg9Nborqwd%252F2Sgg
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.2.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-2-38.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

access-control-allow-methods: GET
access-control-allow-origin: https://fatoreader.net
content-length: 94
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
309 B 120ms
120ms XHR
text/plain 52.86.2.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=D_TorA2PnPxFCN1bWvN5RQ&is_js=true&landing_url=https%3A%2F%2Ffatoreader.net%2F&t=Harvard%20Business%20Review%20-%20Ideas%20and%20Advice%20for%20Leaders&tip=n4JS-JJFh4d3N5MuhsL9_Xvp-jQkACXI_aM9fIzNxrQ&host=https%3A%2F%2Ffatoreader.net&sa_conv_data_css_value=%270-1dd84340-a531-5dcb-747b-2ecda36f7582%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd91dd84340a5315dcb747b2ecda36f7582a2f5cef4&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKINGcs0buF5CUQNN4YmnkIk9TX4HbLs5a9t3dtOVGqLwmENYBGAQgo-uduwYwAToExbdv9kIEi5u2bA.Sez3uix8y3xt35nML0nNA5jRVQwSTyJ5u3LZ8PhZxeA&sa-user-id-v2=s%253AHdhDQKUxXct0ey7No291gqL1zvQ.MlSPk5v4MUDwGgUiktoyvpGG0YaMjUPMN%252BkYvU00tEs&sa-user-id=s%253A0-1dd84340-a531-5dcb-747b-2ecda36f7582.fuHu9M0%252Br4TjuQnvOw1gr0O4MU1Ifg9Nborqwd%252F2Sgg
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.2.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-2-38.compute-1.amazonaws.com
Software: /
Resource Hash: 4aab4c858fedf03d74da68ccd042f6c9768c6423f8faf15ff8aec81409db9365

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

access-control-allow-methods: GET
access-control-allow-origin: https://fatoreader.net
content-length: 116
date: Sun, 22 Dec 2024 02:12:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 async-api.8f89c105-1.231.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 189ms
60ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.8f89c105-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

67f99ac35e1f837e5571b596248acd66df2dddedb17e20ba4527c825ec957ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "c795d925c282d627e664bd4811db2c5f"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 1330
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 20:57:47 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 5
vary: Accept-Encoding

GET
H2 200 lazy-loader.67423d16-1.231.0.min.js Show response
js-agent.newrelic.com/ 928 B
665 B 187ms
59ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.67423d16-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 367
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 20:58:30 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 5
vary: Accept-Encoding

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E9DBE7CDD79D4A9E9E39DB88AD70F2FE&RedC=c.clarity.ms&MXFR=2AC2C625FB44620A0CDDD378FF446C41
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9DBE7CDD79D4A9E9E39DB88AD70F2FE&MUID=242756A6C8F665E2390C43FBC9186414

42 B
464 B

115ms
114ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9DBE7CDD79D4A9E9E39DB88AD70F2FE&MUID=242756A6C8F665E2390C43FBC9186414
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "9270eb7934bdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Sun, 22 Dec 2024 02:12:52 GMT
content-type: image/gif
last-modified: Tue, 10 Dec 2024 13:00:24 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9DBE7CDD79D4A9E9E39DB88AD70F2FE&MUID=242756A6C8F665E2390C43FBC9186414
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ED45FF0A2C62457E925DBC33BBD1307E Ref B: LAX311000111031 Ref C: 2024-12-22T02:12:52Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Sun, 22 Dec 2024 02:12:52 GMT
x-powered-by: ASP.NET

GET
H2 200 nr-768.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 183ms
61ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-768.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7c3f2fd93cfda0e0d1c97653f365b33676a10d53bfffa631e8d626d9d635c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "b4b84a4b4f36d13ffaa93c062b2d3e17"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 9064
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 21:02:06 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 1
vary: Accept-Encoding

GET
H3 403 favicon.ico
fatoreader.net/ 4 KB
2 KB 65ms
64ms Other
text/html 104.21.32.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fatoreader.net/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9bccae1f94ae8ba96028a4206e702fb01c007c8ea78643318968196dff1db48

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBwRVGVsRiXTlNr%2FBGNEcXqqreJ11VREcRUP%2Bzu0qJwPPNa%2FjLyRrzG50L4wYu8fzuPMHwoGyCNjQ7wAed01OOs%2BW5pMr7NhItf0boat2aS7TlMITyzNI%2BMkZ0RXlcQxsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f5c96e31da57ce0-LAX
date: Sun, 22 Dec 2024 02:12:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 862.04af29e3-1.231.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 61ms
60ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/862.04af29e3-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03c8ef299748fad241484cddf509b6e90b394949882a72f9174dc97da671f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "8ff6f8d3b9281c2834e211ce2228757e"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 3791
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 20:57:07 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 6
vary: Accept-Encoding

GET
H2 200 page_view_event-aggregate.8cf0450e-1.231.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 59ms
58ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.8cf0450e-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c52fb85b7798d62e60aee232ae9b2a224c88d52cd6405bac28a3a2a18d11642

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "927ef57448f4e9500b6ddd704625d0b2"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 4291
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 21:34:42 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 6
vary: Accept-Encoding

GET
H2 200 page_view_timing-aggregate.a30a53ff-1.231.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 66ms
64ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.a30a53ff-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

53350e307f02d76f2b5b69ad7ec7f53e6d32e84d2718f03ddd4b8fcd752f454b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "81350454b5ae22caf77cada88c68cd10"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 4850
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 21:34:57 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 6
vary: Accept-Encoding

GET
H2 200 metrics-aggregate.78efb4d5-1.231.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 65ms
64ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.78efb4d5-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e54f6dd45ddca0b2de26ce3ba1622eb755f28fd5c4a36b4cc95ee1df44430c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "25879f97e7abf9cd89e027ff5a41ed81"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 1648
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 20:58:43 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 6
vary: Accept-Encoding

GET
H2 200 jserrors-aggregate.0b4d6623-1.231.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 69ms
68ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.0b4d6623-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "105c0b07033e97d2ad5192f22cd2b7be"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 2863
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 20:58:04 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 5
vary: Accept-Encoding

GET
H2 200 ajax-aggregate.b0da4738-1.231.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 73ms
72ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.b0da4738-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "9a50be0680ff4e93b2870bc5fa243b5e"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 2249
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 20:57:29 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 6
vary: Accept-Encoding

GET
H2 200 session_trace-aggregate.0938abd3-1.231.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 71ms
70ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.0938abd3-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

981a6fc6c212bbebf95cb8ba05a6cf43caedfdc678afe6b9ec26085b500d57ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "e48f352e197fb565313a4b08e8d2220a"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 3396
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 21:35:56 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 5
vary: Accept-Encoding

GET
H2 200 page_action-aggregate.42c392aa-1.231.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 73ms
72ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.42c392aa-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "127fe6773a93cca9c6fdbb5ff34d7655"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 1036
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 21:34:17 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 5
vary: Accept-Encoding

GET
H2 200 spa-aggregate.19ebdf8d-1.231.0.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 73ms
73ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.19ebdf8d-1.231.0.min.js

Requested by

Host: fatoreader.net
URL: https://fatoreader.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1233d721917f7d6b0cb2ef684806bb7337e1101a736c33b09f23ff7130ea37ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "b29b6d7f913058268f8d081edc70f25c"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 6902
date: Sun, 22 Dec 2024 02:12:52 GMT
last-modified: Wed, 18 Oct 2023 21:36:19 GMT
content-type: application/javascript
x-served-by: cache-bur-kbur8200094-BUR
x-cache-hits: 6
vary: Accept-Encoding

GET
H/1.1 200 e93df31780 Show response
bam.nr-data.net/1/ 87 B
579 B 508ms
335ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/e93df31780?a=8171118&sa=1&pl=1734833565924&v=768.2acc9fa&t=Unnamed%20Transaction&be=3858&fe=2511&f=%5B%22err%22,%22xhr%22,%22stn%22%5D&perf=%7B%22timing%22:%7B%22of%22:1734833565924,%22n%22:0,%22u%22:1180,%22ue%22:1180,%22dl%22:1181,%22di%22:1808,%22ds%22:1808,%22de%22:1810,%22dc%22:6359,%22l%22:6360,%22le%22:6370,%22r%22:4,%22re%22:68,%22f%22:68,%22dn%22:68,%22dne%22:68,%22c%22:68,%22ce%22:68,%22rq%22:69,%22rp%22:1176,%22rpe%22:1782%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&jsonp=NREUM.setToken
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 300735ac477bb7e09ce2725f0031b085e5c86f09903d053ac8e44596731d8780

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

access-control-expose-headers: Date
timing-allow-origin: *
Connection: keep-alive
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: *
Content-Length: 87
date: Sun, 22 Dec 2024 02:12:52 GMT
content-type: text/javascript
x-served-by: cache-bur-kbur8200035-BUR

GET
H/1.1 403 e93df31780
bam.nr-data.net/1/ 0
0 464ms
344ms Script
application/json 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/e93df31780?a=1758282152&sa=1&v=1.231.0&t=Unnamed%20Transaction&rst=6623&ck=0&s=9a69ec3c29af2f7f&ref=https://fatoreader.net/&be=1175&fe=5194&dc=634&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1734833565924,%22n%22:0,%22u%22:1180,%22r%22:4,%22ue%22:1180,%22re%22:68,%22f%22:68,%22dn%22:68,%22dne%22:68,%22c%22:68,%22s%22:68,%22ce%22:68,%22rq%22:69,%22rp%22:1175,%22rpe%22:1782,%22di%22:1808,%22ds%22:1808,%22de%22:1810,%22dc%22:6359,%22l%22:6361,%22le%22:6370%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1577&fcp=1577&jsonp=NREUM.setToken
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://fatoreader.net/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: *
Content-Length: 2
date: Sun, 22 Dec 2024 02:12:52 GMT
content-type: application/json; charset=UTF-8
x-served-by: cache-lax-kwhp1940127-LAX

POST
H/1.1 204
No Content collect Show response
l.clarity.ms/ 0
278 B 118ms
117ms XHR
text/plain 51.8.207.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: fatoreader.net
URL: https://fatoreader.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://fatoreader.net/

Response headers

Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
Access-Control-Allow-Origin: https://fatoreader.net
Date: Sun, 22 Dec 2024 02:12:53 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 8604778.fls.doubleclick.net
URL: https://8604778.fls.doubleclick.net/activityi;dc_pre=CK-e8NSmuooDFadTRwEd1OAK_A;src=8604778;type=wcaun0;cat=hbr_a0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5310457097467.087

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-21 02:37:05	Name: _li_ss Value: CjYKBQgKENMZCgYI3QEQ0xkKBgilARDTGQoGCOEBENMZCgYIgQEQ0xkKBgiiARDTGQoFCH4Q0xk
.liadm.com/j	1970-01-21 11:29:53	Name: lidid Value: 0093b963-ccc7-4a21-9fe2-1720ea0bc027
.fatoreader.net/	1970-01-21 01:55:19	Name: __cf_mw_byp Value: mNPC6tDQ5T7RHZg08FNYWiDdIldxa8v4LsO4tcgfYDQ-1734833560-0.0.1.1-/
.fatoreader.net/	1970-01-21 10:39:29	Name: cf_clearance Value: SwERtZ2X41E46Aikun3Ae23JaLFvCQsRtzIo5gRFnY8-1734833568-1.2.1.1-gxELK53dVWtryHbjJhAMt8qx_ulUZ61TG56iNP3blV.ysfiGuG7mxEdDHg59z1qxypZZe3cvWONmSQPBjwwpzCZRk35ZPpd7LSTp1RIrsS3v4y6JtnDKc0z4ZKpvloU7e3Ff7LMnnLN1Zsw3QjPfuIojA2GZ2zRtNWAVml8kSze7.io5PCpPE.K7hKUbYqa6fc7YqeXWgzzi_j3AqxIgBGv8IXZWVI3tImf3Ov_mlfKa6uZEzrPqlrRXJt41I31QNXQCisu7r6SjK18aRcOO8q1xqfcJImFsaJB9xwb7p1aHLlF2_2QZYW4r1kGnG0tsfi04IHTwPsXd0MKiNdVpGfPYh9KG06hvcSs_C.zzNDXzBO7iWrxlBwDL0.XrQqf2
.fatoreader.net/	1970-01-21 04:03:29	Name: s_nr90 Value: 1734833568370-New
.fatoreader.net/	1970-01-21 11:29:53	Name: s_tslv Value: 1734833568375
.fatoreader.net/	1970-01-21 01:53:55	Name: s_inv Value: 0
.fatoreader.net/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-21 06:13:05	Name: demdex Value: 86477013373299116194427181305440865999
.fatoreader.net/	1970-01-21 01:55:19	Name: _uetsid Value: 3d9b5af0c00a11efb1dfb525b99cff05
.fatoreader.net/	1970-01-21 11:15:29	Name: _uetvid Value: 3d9b9820c00a11efb04d4311950a1cfe
.bing.com/	1970-01-21 11:15:29	Name: MUID Value: 242756A6C8F665E2390C43FBC9186414
.bat.bing.com/	1970-01-21 02:03:58	Name: MR Value: 0
.fatoreader.net/	1969-12-31 23:59:59	Name: AMCVS_7801965A577503E87F000101%40AdobeOrg Value: 1
.doubleclick.net/	1970-01-21 01:53:54	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 06:13:05	Name: receive-cookie-deprecation Value: 1
.fatoreader.net/	1970-01-21 04:03:29	Name: _fbp Value: fb.1.1734833569042.524536135166216658
fatoreader.net/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Ffatoreader.net%2F~1734833569062
www.clarity.ms/	1970-01-21 10:39:29	Name: CLID Value: 78256a093f6b420cb1977f69107573d2.20241222.20251222
.fatoreader.net/	1970-01-21 10:39:29	Name: _clck Value: 1w2ravc%7C2%7Cfrx%7C0%7C1817
.linkedin.com/	1970-01-21 04:03:29	Name: li_sugr Value: 854fb2b6-d9d9-46a0-b47a-da9e815f1051
.linkedin.com/	1970-01-21 10:39:29	Name: bcookie Value: "v=2&be4f7d67-3f7a-47cd-8e70-0af342e9501e"
.linkedin.com/	1970-01-21 01:55:19	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3557:u=1:x=1:i=1734833569:t=1734919969:v=2:sig=AQFMkBSlYc2DnGHrC1qGAwex8bGesj6Z"
.linkedin.com/	1970-01-21 02:37:05	Name: UserMatchHistory Value: AQJ4z-JNBm9Q1gAAAZPsI35v-WUXGQVPmaZ_VvpVu34vQZs-46ePbZKTY3UCgtv8_1oyGUM3Y3hOQQ
.linkedin.com/	1970-01-21 02:37:05	Name: AnalyticsSyncHistory Value: AQJn83E07G_7yQAAAZPsI35v6Nau7gInl1O_xFIteR-mvfIvSZo_-UBa9Zn5R1JosC6HxrcRb7KlbpIK14Ooig
.fatoreader.net/	1970-01-21 11:29:53	Name: mbox Value: session#b3eed3b05acd48d2a99b19e272482893#1734835430\|PC#b3eed3b05acd48d2a99b19e272482893.34_0#1798078370
.fatoreader.net/	1970-01-21 01:53:55	Name: s_ppn Value: Homepage%3A%20Harvard%20Business%20Review%20-%20Ideas%20and%20Advice%20for%20Leaders
.fatoreader.net/	1970-01-21 01:53:55	Name: s_ppurl Value: https%3A%2F%2Ffatoreader.net
.fatoreader.net/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.fatoreader.net/	1969-12-31 23:59:59	Name: s_tp Value: 38597
.fatoreader.net/	1969-12-31 23:59:59	Name: s_ppv Value: Homepage%253A%2520Harvard%2520Business%2520Review%2520-%2520Ideas%2520and%2520Advice%2520for%2520Leaders%2C3%2C3%2C1200%2C1%2C32
.dpm.demdex.net/	1970-01-21 06:13:05	Name: dpm Value: 86477013373299116194427181305440865999
.fatoreader.net/	1970-01-21 11:29:53	Name: AMCV_7801965A577503E87F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C20080%7CMCMID%7C86922859457916394854455040241810679345%7CMCAAMLH-1735438368%7C7%7CMCAAMB-1735438368%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1734840769s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20087%7CvVersion%7C5.5.0
.fatoreader.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.www.linkedin.com/	1970-01-21 10:39:29	Name: bscookie Value: "v=1&20241222021249015e8960-fb76-453b-8929-9ae6027e1cfaAQEPvsvU8QHttB-GhkVUUHnR1EbjvPa9"
fatoreader.net/	1970-01-21 01:53:55	Name: sailthru_pageviews Value: 1
.fatoreader.net/	1970-01-21 01:55:19	Name: _clsk Value: 110mv5c%7C1734833569819%7C1%7C0%7Cl.clarity.ms%2Fcollect
.fatoreader.net/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .fatoreader.net
.fatoreader.net/	1970-01-21 11:29:53	Name: _lc2_fpi Value: 8a1961e5251f--01jfp270kn9d37kqkppdmkc5w7
fatoreader.net/	1970-01-21 10:39:29	Name: sailthru_visitor Value: 45919afe-7f14-46c8-ba37-5a2d1053eacd
.tiktok.com/	1970-01-21 11:15:29	Name: _ttp Value: 2qYJRuOGQYT2ta1ysmog8SXSgC6
.liadm.com/	1970-01-21 11:29:53	Name: lidid Value: 0093b963-ccc7-4a21-9fe2-1720ea0bc027
fatoreader.net/	1970-01-21 10:39:29	Name: __pdst Value: 59d83652a7bb4feab0d265a486a86321
.adsrvr.org/	1970-01-21 10:39:29	Name: TDID Value: 350f2a11-9de9-479e-9b9b-209e0c243a19
tags.srv.stackadapt.com/	1970-01-21 10:39:29	Name: sa-user-id Value: s%3A0-1dd84340-a531-5dcb-747b-2ecda36f7582.fuHu9M0%2Br4TjuQnvOw1gr0O4MU1Ifg9Nborqwd%2F2Sgg
.srv.stackadapt.com/	1970-01-21 10:39:29	Name: sa-user-id Value: s%3A0-1dd84340-a531-5dcb-747b-2ecda36f7582.fuHu9M0%2Br4TjuQnvOw1gr0O4MU1Ifg9Nborqwd%2F2Sgg
tags.srv.stackadapt.com/	1970-01-21 10:39:29	Name: sa-user-id-v2 Value: s%3AHdhDQKUxXct0ey7No291gqL1zvQ.MlSPk5v4MUDwGgUiktoyvpGG0YaMjUPMN%2BkYvU00tEs
.srv.stackadapt.com/	1970-01-21 10:39:29	Name: sa-user-id-v2 Value: s%3AHdhDQKUxXct0ey7No291gqL1zvQ.MlSPk5v4MUDwGgUiktoyvpGG0YaMjUPMN%2BkYvU00tEs
tags.srv.stackadapt.com/	1970-01-21 10:39:29	Name: sa-user-id-v3 Value: s%3AAQAKINGcs0buF5CUQNN4YmnkIk9TX4HbLs5a9t3dtOVGqLwmENYBGAQgo-uduwYwAToExbdv9kIEi5u2bA.Sez3uix8y3xt35nML0nNA5jRVQwSTyJ5u3LZ8PhZxeA
.srv.stackadapt.com/	1970-01-21 10:39:29	Name: sa-user-id-v3 Value: s%3AAQAKINGcs0buF5CUQNN4YmnkIk9TX4HbLs5a9t3dtOVGqLwmENYBGAQgo-uduwYwAToExbdv9kIEi5u2bA.Sez3uix8y3xt35nML0nNA5jRVQwSTyJ5u3LZ8PhZxeA
.fatoreader.net/	1970-01-21 11:15:29	Name: _tt_enable_cookie Value: 1
.fatoreader.net/	1970-01-21 11:15:29	Name: _ttp Value: EoRKjweOL3vg6XO4mlljwA3Z7wj.tt.1
fatoreader.net/	1970-01-21 10:39:29	Name: sa-user-id Value: s%253A0-1dd84340-a531-5dcb-747b-2ecda36f7582.fuHu9M0%252Br4TjuQnvOw1gr0O4MU1Ifg9Nborqwd%252F2Sgg
fatoreader.net/	1970-01-21 10:39:29	Name: sa-user-id-v2 Value: s%253AHdhDQKUxXct0ey7No291gqL1zvQ.MlSPk5v4MUDwGgUiktoyvpGG0YaMjUPMN%252BkYvU00tEs
fatoreader.net/	1970-01-21 10:39:29	Name: sa-user-id-v3 Value: s%253AAQAKINGcs0buF5CUQNN4YmnkIk9TX4HbLs5a9t3dtOVGqLwmENYBGAQgo-uduwYwAToExbdv9kIEi5u2bA.Sez3uix8y3xt35nML0nNA5jRVQwSTyJ5u3LZ8PhZxeA
.adsrvr.org/	1970-01-21 10:39:29	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCMao-rmFjtE9EAUYBSABKAIyCwiAnZTmm47RPRAFOAE.
.rkdms.com/	1970-01-21 10:39:29	Name: sc Value: 13%3A122496
.rkdms.com/	1970-01-21 10:39:29	Name: sessionid Value: h-7df1d9ff8f984f7baffcbda3bb852958_t-1734833571
.adnxs.com/	1970-01-21 11:29:53	Name: receive-cookie-deprecation Value: 1
.rezync.com/	1970-01-21 11:15:29	Name: zync-uuid Value: 07105e16-17d6-4169-a460-0bb3774b3422:1734833571.3630912
.zemanta.com/	1970-01-21 10:39:29	Name: zuid Value: PM65wW38v2aW0W6gUv3D
.outbrain.com/	1970-01-21 10:39:29	Name: obuid Value: ef106594-d133-4d01-a73f-6932053d3aa0
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2MTC2MDcwNzYwMRfiM9Q1sDAodfcxz0jPsDABAHY6vmYlAAAA
.rfihub.com/	1970-01-21 11:15:29	Name: rud Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2MTC2MDcwNzYwMRfiM9Q1sDAodfcxz0jPsDABAHY6vmYlAAAA
.rfihub.com/	1970-01-21 11:15:29	Name: eud Value: H4sIAAAAAAAA_1XIsQ2AMAwEwAmoMoeRP-_4CdskgoUoKZmUElHeXUUueDuRBh1pgew2It18TkoxGbXuEGMjm7Ay6R31LsuX3eP5u70GvBFyWgAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4HAc4RK7kYmNWHl2_0su-PhQBu2yRC17s9y8m1I2M-KBmJMcws2iL8QBCLvLYToAAAA
live.rezync.com/	1970-01-21 11:15:29	Name: sd-session-id Value: .eJwNjEEOgzAMwP6SM52SJjSln0F05FBtdBOFyxB_X4-WbF8wf23flmr1gHTspw3wfJdODdIFrfw2e0EC0siqyoIcFZVRFO4BmrVWPnUua3dQCUej4EjX4ITC5BYJ6DDn3kpm8T5Rf0TmUenBgXEiD_cfgsQkaw.Z2d1pA.uy9sK9DnvXXE03Os9LsMoxloAgM
.c.bing.com/	1970-01-21 02:03:58	Name: MR Value: 0
.c.bing.com/	1970-01-21 11:15:29	Name: SRM_B Value: 242756A6C8F665E2390C43FBC9186414
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 11:15:29	Name: MUID Value: 242756A6C8F665E2390C43FBC9186414
.c.clarity.ms/	1970-01-21 02:03:58	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:53:54	Name: ANONCHK Value: 0

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fatoreader.net/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/resources/images/article_assets/2024/12/Dec24_20_2149812638-2-700x394.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/assets/mfe-core/fonts/GT-America-Standard-Regular.ee9c3d0d.woff Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/assets/mfe-core/fonts/tiempos-headline-regular.710454d3.woff2 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/assets/mfe-core/fonts/GT-America-Standard-Semibold.78dc2ebb.woff Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/assets/mfe-core/fonts/GT-America-Standard-Bold.449f1ad7.woff Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/assets/mfe-core/fonts/tiempos-headline-semibold.b4e52635.woff2 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/css/b44169c02195e90a.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/chunks/webpack-f0188b8fa52a736d.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/css/33c23937934257f8.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/chunks/framework-da48b539eb7829d3.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/chunks/pages/index-19944d72c8b56722.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/ylHFgFuhAUkb5flk4wAJb/_buildManifest.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/chunks/674-f11e74af6f8d414b.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/chunks/main-9629d6934207ab09.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/ylHFgFuhAUkb5flk4wAJb/_ssgManifest.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/resources/images/article_assets/2024/11/Nov25_27_BrianRea-383x215.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/resources/images/article_assets/2024/11/Nov24_29_2180447086-383x215.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/chunks/pages/_app-c8b056a377e4217b.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/chunks/fec483df-ff0d1084360f0cd1.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/_next/static/chunks/29107295-6b3f9e4dfb41ae79.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/resources/images/article_assets/2024/11/R2501E_DAVEY-768x432.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/resources/images/editorial_assets/insightcenter/CRE4283_IC-Banners_Unisys_logo_60.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://fatoreader.net/resources/images/newsletters/early-careerTRNSPT_600.png Message: Failed to load resource: the server responded with a status of 403 ()
rendering	warning	URL: https://fatoreader.net/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A060F40ED4160000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://fatoreader.net/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bam.nr-data.net/1/e93df31780?a=1758282152&sa=1&v=1.231.0&t=Unnamed%20Transaction&rst=6623&ck=0&s=9a69ec3c29af2f7f&ref=https://fatoreader.net/&be=1175&fe=5194&dc=634&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1734833565924,%22n%22:0,%22u%22:1180,%22r%22:4,%22ue%22:1180,%22re%22:68,%22f%22:68,%22dn%22:68,%22dne%22:68,%22c%22:68,%22s%22:68,%22ce%22:68,%22rq%22:69,%22rp%22:1175,%22rpe%22:1782,%22di%22:1808,%22ds%22:1808,%22de%22:1810,%22dc%22:6359,%22l%22:6361,%22le%22:6370%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1577&fcp=1577&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8604778.fls.doubleclick.net
ak.sail-horizon.com
analytics.tiktok.com
api.sail-personalize.com
assets.adobedtm.com
b-code.liadm.com
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.pdst.fm
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
fatoreader.net
harvardbusinessrevie.tt.omtrdc.net
hbr.demdex.net
hbr.sc.omtrdc.net
i.liadm.com
js-agent.newrelic.com
l.clarity.ms
ping.chartbeat.net
pixels.spotify.com
px.ads.linkedin.com
px4.ads.linkedin.com
rp.liadm.com
rp4.liadm.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
smetrics.hbr.org
snap.licdn.com
static.chartbeat.com
tags.srv.stackadapt.com
www.clarity.ms
www.facebook.com
www.googletagmanager.com
www.linkedin.com
zn4pzx5r5auu7w4rx-hbp.siteintercept.qualtrics.com
8604778.fls.doubleclick.net
104.17.208.240
104.21.32.1
13.107.42.14
157.240.229.1
162.247.243.29
172.217.197.155
20.110.205.119
23.212.251.10
2600:1408:c400:18e::1e80
2600:1408:c400:5::17c7:3719
2600:1901:1:7c5::
2600:1f18:730:b120:4a50:823:1568:e10b
2600:9000:24f3:3800:18:1fcd:354:4b41
2600:9000:2509:8e00:8:8845:1500:93a1
2602:816:5001::39
2607:f8b0:4004:c06::61
2620:1ec:21::14
2620:1ec:33:1::10
2620:1ec:bdf::40
2620:1ec:c11::237
31.13.66.35
34.200.196.38
35.160.36.46
35.169.165.53
35.244.142.80
44.207.80.215
50.19.69.177
51.8.207.171
52.85.151.110
52.86.2.38
54.236.128.166
63.140.38.112
63.140.38.183
63.140.39.196
99.83.154.140
03c8ef299748fad241484cddf509b6e90b394949882a72f9174dc97da671f151
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
092b21a2fa3807e0455f1a1b6d3b3f8db99c99ed2d6c7768bd4da504c4231ff3
1233d721917f7d6b0cb2ef684806bb7337e1101a736c33b09f23ff7130ea37ed
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
25a7d768f4555313b8c6acc7c3ff50db7932052fe291cbdb9258cdc64d7cb1af
286b4268471327416870e173704adaa3c9a245512a1c32a42afcea793c385de0
2a250e2f225e48cf583d54a0a42d623c700847de17323bf23ea372e5d9e89cb2
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2c41c11d31e0c209148802f2a36d8eec15668c13f1aa7ef6ca140f1d7504afcb
2dd6cd2c36a86f0cc63f4a52df9c999148c8a299990a610e81b5cadb6634d302
300735ac477bb7e09ce2725f0031b085e5c86f09903d053ac8e44596731d8780
382e10274eedd2c1f8db059c7b0b041d98b0190b21f27a41284cbb598820042c
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
42723f131d2feeee28a8b4f3cbe2d529223629543dd0d0e46aae3140b516d0ea
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
4aab4c858fedf03d74da68ccd042f6c9768c6423f8faf15ff8aec81409db9365
4f44103b889a53af3d14f91ca9ca62074bc6f7f28bbe1b945b8a2f81ab3759cc
4f6a18fd5c067e6012bfb539f488621310978442ece0921fb7b0005855e633ed
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
53350e307f02d76f2b5b69ad7ec7f53e6d32e84d2718f03ddd4b8fcd752f454b
59759141306f013f99dd74e35a7548f32932b52f19d2a52f53590caf3663e5bd
61e3f7479360b7c7a2d8940534d7e543315d5712bb396bec027ad3d06ac6d0e4
67f99ac35e1f837e5571b596248acd66df2dddedb17e20ba4527c825ec957ced
6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593
6f05aaa0b67e5beb1cca3c5f1d9d5eebc6af8cd90d8db8f6433c51e83933910c
70dd7ed0ad515aeccc6a5aae879f5dc29c2a93082465414db4f3025aca5aaacb
7b8112efa2e817f2534339b1a48bf487e65a54d6e3c17ac91c61b7bfb396dc5d
7db8d077fc21c20f1449a2603d524e423cfa25d7df6d5fd845a8e5e883aa227e
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
84f2f09c32656c826efaa6dae8e0bb1646195a3a4e085f385c0b13e961361d5e
8d1798fa5ef3dd7a5027c97abd0af8025fc9cf3b6dd5e6caa14da5e62fc6b857
942e56a2e0d4bf1d0c2105295856e6bb7792875b8669ee9b82371e5186a2ab59
945b88ef669ded280836cf5628ff13bbe817e6616a37420897a24d767edb05c6
981a6fc6c212bbebf95cb8ba05a6cf43caedfdc678afe6b9ec26085b500d57ae
98455a72081915c5a220189d5bf1e9e9fb38e83978fb3c593062fba112f9cbf1
997053b22ffadab9e026eb25f9d3502ecd22ef71c591347788c75904cfdd01a0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c52fb85b7798d62e60aee232ae9b2a224c88d52cd6405bac28a3a2a18d11642
9eed5bfd92abcc50593dd6c0462c8b465af1f2aa8005857cafb1235e0ffd54f5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aff2dc04d0673b8059c6aa31731e08146675d6b054d7d00743d326f4ec26cc17
b18ef6f1f3778862e9b4b004fba59fd32379debec9df10f6b654ff3fb9fe42a2
be7d214deb426cbcb17e072483207f82451a1ff1e9f558d1d664b4b626dc95f1
c9bccae1f94ae8ba96028a4206e702fb01c007c8ea78643318968196dff1db48
cacf4cf53ba91ff1053c4dca9c1a55b570d4ac9bb551e331e873e786a9a5793b
cba0036349cc52d4cac5cc87e0ed383ae6f78bb8ac56d52152b6b954506240ab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4ef66da786aac7a6ae7d165b5a6d9f7456ec786ddc04100449d53ab5cf796db
d7c3f2fd93cfda0e0d1c97653f365b33676a10d53bfffa631e8d626d9d635c0c
dd15f550fd7daeef2fe3312ccf84f0d95de2fcadb3305816a2e5647feab9425a
dffe342141b4e8faa8069eb2dff5c163fcce0cb38dfdb02fd7cae8d6efcb2342
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54f6dd45ddca0b2de26ce3ba1622eb755f28fd5c4a36b4cc95ee1df44430c05
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e7a660c99225e6a9ce69e09b86813ffd17fe662440ecf334e5c0b695329e723e
ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f59b8e7e92547bc745c8ed1359d8bbabda843738684c484953cb7db41d20800a
f949d282a01968d36ec6c88447c6d7cd799fa7cc7fda85dbb96f7467919d731f
fa728669ff0d6c924e163ed4989d74fce23b5666d769cdcb5ce9581f1216a240
fd5decc96384d509c6b1e3cbd28018d78fc4c0856f78fa9a075c528ff0c0ae84

fatoreader.net Open in urlscan Pro 104.21.32.1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

94 %HTTPS

34 %IPv6

26 Domains

38 Subdomains

33 IPs

2 Countries

1325 kBTransfer

4407 kBSize

73 Cookies

17 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fatoreader.net Open in urlscan Pro
104.21.32.1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

94 %
HTTPS

34 %
IPv6

26
Domains

38
Subdomains

33
IPs

2
Countries

1325 kB
Transfer

4407 kB
Size

73
Cookies

108 HTTP transactions
0 data transactions