urlscan.io logo urlscan.io
SecurityTrails logo

arsiv.sahadan.com Open in urlscan Pro
77.223.147.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.sahadan.com/
Effective URL: http://arsiv.sahadan.com/Default.aspx
Submission: On February 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 11 countries across 54 domains to perform 253 HTTP transactions. The main IP is 77.223.147.102, located in Turkey and belongs to NETDIREKT-AS, TR. The main domain is arsiv.sahadan.com.
This is the only time arsiv.sahadan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.32.238.193 20940 (AKAMAI-ASN1)
29 77.223.147.102 43391 (NETDIREKT-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 195.244.32.102 43391 (NETDIREKT-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
22 136.243.151.216 24940 (HETZNER-AS)
1 2 23.79.152.128 16625 (AKAMAI-AS)
1 143.204.90.102 16509 (AMAZON-02)
15 195.244.38.50 43391 (NETDIREKT-AS)
14 142.250.186.162 15169 (GOOGLE)
3 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.59.220.193 60068 (CDN77 (^_^)/)
1 1 2001:678:cb4:... 56396 (TURN)
2 17 142.250.185.98 15169 (GOOGLE)
1 46.228.164.11 56396 (TURN)
2 2 172.105.199.172 63949 (LINODE-AP...)
3 3 35.156.223.207 16509 (AMAZON-02)
2 2 35.210.215.44 15169 (GOOGLE)
2 2 37.157.6.246 198622 (ADFORM)
2 2 35.227.252.103 15169 (GOOGLE)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 212.102.38.47 60068 (CDN77 (^_^)/)
1 3 184.25.115.49 16625 (AKAMAI-AS)
4 10 149.202.204.241 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.90.91 16509 (AMAZON-02)
1 1 72.21.202.25 16509 (AMAZON-02)
1 1 44.241.175.154 16509 (AMAZON-02)
1 99.86.106.220 16509 (AMAZON-02)
1 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.32.238.123 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.36.237.27 16625 (AKAMAI-AS)
2 2600:1901:0:7... 15169 (GOOGLE)
26 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 151.101.114.49 54113 (FASTLY)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 31.172.81.160 44066 (DE-FIRSTC...)
1 1 31.172.81.159 44066 (DE-FIRSTC...)
2 213.155.156.182 1299 (TELIANET ...)
2 2 52.28.239.147 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2 193.0.160.129 54312 (ROCKETFUEL)
1 1 65.9.20.44 16509 (AMAZON-02)
1 1 184.30.24.22 16625 (AKAMAI-AS)
1 54.178.184.38 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 63.32.135.125 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 4 92.123.148.9 16625 (AKAMAI-AS)
1 34.243.162.235 16509 (AMAZON-02)
1 95.131.136.1 47841 (OXALIDE)
2 2 34.102.211.201 15169 (GOOGLE)
1 85.233.214.79 15830 (EQUINIX-C...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
253 56
1    23.32.238.193 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.sahadan.com
29    77.223.147.102 (Turkey)

ASN43391 (NETDIREKT-AS, TR)
arsiv.sahadan.com
is.cdn.md
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    195.244.32.102 (Izmir, Turkey)

ASN43391 (NETDIREKT-AS, TR)
b.cdn.md
4    2606:4700:3033::ac43:9ddd (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.eksiup.com
22    136.243.151.216 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nvm-s3.cubecdn.net
hm.cdn.md
2    23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    143.204.90.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-102.fra50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
15    195.244.38.50 (Izmir, Turkey)

ASN43391 (NETDIREKT-AS, TR)
go.admost.com
14    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
cdn.dimml.io
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
88769ce7d1eb45880ecd5159bb0859fb.safeframe.googlesyndication.com
21    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
adservice.google.com
pagead2.googlesyndication.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-193.datapacket.com
admost-banner.b-cdn.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
17    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)
r.turn.com
2    172.105.199.172 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
a.c.appier.net
3    35.156.223.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    35.210.215.44 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.programattik.com
2    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    212.102.38.47 (Prague, Czech Republic)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-212-102-38-47.cdn77.com
js.duhnet.tv
3    184.25.115.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
10    149.202.204.241 (France)

ASN16276 (OVH, FR)
PTR: lt1n.host.hit.gemius.pl
str.hit.gemius.pl
gatr.hit.gemius.pl
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    143.204.90.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-91.fra50.r.cloudfront.net
certify.alexametrics.com
1    72.21.202.25 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
cloudfront-labs.amazonaws.com
1    44.241.175.154 (United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    99.86.106.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-106-220.lhr61.r.cloudfront.net
a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net
7    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    23.32.238.123 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-123.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
1    2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
daznplayervod.daznservices.com
3    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    23.36.237.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-237-27.deploy.static.akamaitechnologies.com
images.performgroup.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
26    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
assets.ad4m.at
1    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
1    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    213.155.156.182 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
2    52.28.239.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
1    65.9.20.44 (Orlando, United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
cs.media.net
1    54.178.184.38 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-184-38.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
4    2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
ad4mat.net
1    63.32.135.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-135-125.eu-west-1.compute.amazonaws.com
baltar.dimml.io
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    34.243.162.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-162-235.eu-west-1.compute.amazonaws.com
ti.tradetracker.net
1    95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net
ezs.lefigaro.fr
2    34.102.211.201 (Kansas City, United States)

ASN15169 (GOOGLE, US)
track.effiliation.com
1    85.233.214.79 (Paris, France)

ASN15830 (EQUINIX-CONNECT, GB)
www.welcomeoffice.com
1    2606:4700:20::681a:c1a (United States)

ASN13335 (CLOUDFLARENET, US)
www.bdfugue.com
Apex Domain
Subdomains		 Transfer
50 cdn.md
is.cdn.md
b.cdn.md
hm.cdn.md
1 MB
41 googlesyndication.com
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
tpc.googlesyndication.com
88769ce7d1eb45880ecd5159bb0859fb.safeframe.googlesyndication.com
pagead2.googlesyndication.com
159 KB
34 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
288 KB
26 ad4m.at
ad4m.at
assets.ad4m.at
991 KB
15 admost.com
go.admost.com
18 KB
10 gemius.pl
str.hit.gemius.pl
gatr.hit.gemius.pl
32 KB
10 gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
fonts.gstatic.com
127 KB
7 google-analytics.com
www.google-analytics.com
55 KB
7 google.com
adservice.google.com
www.google.com
2 KB
6 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
ad4mat.net
9 KB
6 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
363 KB
5 googletagservices.com
www.googletagservices.com
159 KB
5 google.fr
adservice.google.fr
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com
b.scorecardresearch.com
3 KB
4 dimml.io
cdn.dimml.io
baltar.dimml.io
9 KB
4 eksiup.com
cdn.eksiup.com
14 KB
3 2mdn.net
s0.2mdn.net
17 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 sahadan.com
www.sahadan.com
arsiv.sahadan.com
13 KB
2 effiliation.com
track.effiliation.com
1 KB
2 zenaps.com
www.zenaps.com
1 KB
2 awin1.com
www.awin1.com
2 KB
2 rfihub.com
p.rfihub.com
a.rfihub.com
2 KB
2 yahoo.com
ups.analytics.yahoo.com
2 KB
2 advertising.com
pixel.advertising.com
935 B
2 de17a.com
d5p.de17a.com
268 B
2 duhnet.tv
js.duhnet.tv
332 KB
2 openx.net
rtb.openx.net
755 B
2 adform.net
c1.adform.net
882 B
2 programattik.com
ads.programattik.com
1 KB
2 appier.net
a.c.appier.net
1 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 cloudfront.net
d31qbv1cthcecs.cloudfront.net
a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net
5 KB
2 bluekai.com
tags.bluekai.com
979 B
1 bdfugue.com
www.bdfugue.com
836 B
1 welcomeoffice.com
www.welcomeoffice.com
29 KB
1 lefigaro.fr
ezs.lefigaro.fr
1 KB
1 tradetracker.net
ti.tradetracker.net
564 B
1 adingo.jp
cc.adingo.jp
44 B
1 media.net
cs.media.net
1 KB
1 smaato.net
s.ad.smaato.net
428 B
1 bumlam.com
sync.bumlam.com
680 B
1 sniperlog.ru
sync3.sniperlog.ru
369 B
1 travelaudience.com
ads.travelaudience.com
609 B
1 everesttech.net
sync-tm.everesttech.net
515 B
1 performgroup.com
images.performgroup.com
5 KB
1 daznservices.com
daznplayervod.daznservices.com
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
243 B
1 amazonaws.com
cloudfront-labs.amazonaws.com
186 B
1 alexametrics.com
certify.alexametrics.com
552 B
1 adkernel.com
dsp.adkernel.com
233 B
1 rubiconproject.com
pixel.rubiconproject.com
459 B
1 b-cdn.net
admost-banner.b-cdn.net
11 KB
0 wbtrk.net Failed
um.wbtrk.net Failed
253 54
Domain Requested by
27 is.cdn.md arsiv.sahadan.com
22 hm.cdn.md arsiv.sahadan.com
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
tpc.googlesyndication.com
17 cm.g.doubleclick.net 2 redirects arsiv.sahadan.com
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
15 go.admost.com arsiv.sahadan.com
go.admost.com
14 ad4m.at 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
ad4m.at
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
arsiv.sahadan.com
srcdoc
www.googletagservices.com
14 securepubads.g.doubleclick.net cdn.eksiup.com
securepubads.g.doubleclick.net
arsiv.sahadan.com
12 assets.ad4m.at ad4m.at
7 www.google-analytics.com 1 redirects arsiv.sahadan.com
www.google-analytics.com
6 gatr.hit.gemius.pl 3 redirects arsiv.sahadan.com
5 www.googletagservices.com securepubads.g.doubleclick.net
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
5 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.fr securepubads.g.doubleclick.net
4 str.hit.gemius.pl 1 redirects arsiv.sahadan.com
str.hit.gemius.pl
4 cdn.eksiup.com arsiv.sahadan.com
cdn.eksiup.com
3 s0.2mdn.net imasdk.googleapis.com
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
3 stats.g.doubleclick.net arsiv.sahadan.com
www.google-analytics.com
3 sb.scorecardresearch.com 1 redirects arsiv.sahadan.com
3 x.bidswitch.net 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 encrypted-tbn2.gstatic.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
3 cdn.dimml.io arsiv.sahadan.com
cdn.dimml.io
2 track.effiliation.com 2 redirects
2 www.zenaps.com ad4m.at
2 www.awin1.com 2 redirects
2 ad4mat.net ad4m.at
2 static-de.ad4mat.net ad4m.at
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 d5p.de17a.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
2 prod-rtb.ad4mat.net arsiv.sahadan.com
2 imasdk.googleapis.com arsiv.sahadan.com
imasdk.googleapis.com
2 js.duhnet.tv arsiv.sahadan.com
2 rtb.openx.net 2 redirects
2 c1.adform.net 2 redirects
2 ads.programattik.com 2 redirects
2 a.c.appier.net 2 redirects
2 www.google.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
2 www.gstatic.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
2 fonts.googleapis.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
2 tags.bluekai.com 1 redirects arsiv.sahadan.com
2 ajax.googleapis.com arsiv.sahadan.com
2 arsiv.sahadan.com arsiv.sahadan.com
1 www.bdfugue.com ad4m.at
1 www.welcomeoffice.com ad4m.at
1 ezs.lefigaro.fr ad4m.at
1 ti.tradetracker.net ad4m.at
1 baltar.dimml.io cdn.dimml.io
1 cc.adingo.jp 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 s.ad.smaato.net 1 redirects
1 a.rfihub.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
1 p.rfihub.com 1 redirects
1 sync.bumlam.com 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 ads.travelaudience.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 images.performgroup.com arsiv.sahadan.com
1 daznplayervod.daznservices.com arsiv.sahadan.com
1 b.scorecardresearch.com arsiv.sahadan.com
1 a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net arsiv.sahadan.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com 1 redirects
1 cloudfront-labs.amazonaws.com 1 redirects
1 certify.alexametrics.com arsiv.sahadan.com
1 dsp.adkernel.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 r.turn.com arsiv.sahadan.com
1 ad.turn.com 1 redirects
1 admost-banner.b-cdn.net arsiv.sahadan.com
1 encrypted-tbn0.gstatic.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
1 encrypted-tbn1.gstatic.com 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
1 88769ce7d1eb45880ecd5159bb0859fb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d31qbv1cthcecs.cloudfront.net arsiv.sahadan.com
1 b.cdn.md arsiv.sahadan.com
1 www.sahadan.com 1 redirects
0 um.wbtrk.net Failed 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
253 78

This site contains links to these domains. Also see Links.

Domain
www.sahadan.com
run.admost.com
www.beygir.com
www.mackolik.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-10-15 -
2021-04-09		 6 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.fr
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-11 -
2021-11-11		 a year crt.sh
*.turn.com
DigiCert SHA2 Secure Server CA		 2020-03-18 -
2021-04-19		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
san2.daznservices.com
DigiCert SHA2 Secure Server CA		 2021-02-02 -
2022-02-02		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.adingo.jp
DigiCert SHA2 Secure Server CA		 2020-03-26 -
2021-04-15		 a year crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
*.tradetracker.net
Amazon		 2020-12-20 -
2022-01-18		 a year crt.sh
ezs.lefigaro.fr
Gandi Standard SSL CA 2		 2020-07-20 -
2021-07-20		 a year crt.sh
www.welcomeoffice.com
Sectigo RSA Domain Validation Secure Server CA		 2019-08-13 -
2021-08-29		 2 years crt.sh

This page contains 22 frames:

Primary Page: http://arsiv.sahadan.com/Default.aspx
Frame ID: 9198D7D2F0242E3EC245DDCCD5793818
Requests: 114 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 30C3DE143A0C6D5390A44B7824CA7137
Requests: 10 HTTP requests in this frame

Frame: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 7BB189082EC7456BBEE92DEB866892D8
Requests: 18 HTTP requests in this frame

Frame: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Frame ID: B57ED0D3BEC9D0BA65C153BE17ED4369
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: CE8177E27A78090D025B7999D75B4902
Requests: 2 HTTP requests in this frame

Frame: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F37A06EB1B23645029536852B9A754B9
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 350F128F226C9F8046C6837F192F4C47
Requests: 9 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.443.0_tr.html
Frame ID: 415A9016E3635E6A932E3029D18AC83A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5B05EDE89993F74BDDA9DFB87B690F8B
Requests: 1 HTTP requests in this frame

Frame: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 4B26D5CFEBBBC720CC500CE069EC1B6C
Requests: 10 HTTP requests in this frame

Frame: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: B0DEC667932C4E7EE82AD0EB1D9776AA
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
Frame ID: 6DA3628E1653568ED2D6C5C6E86C9F82
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 459033AA313817CC5F37F14D9041662C
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
Frame ID: 640E7F8D1E15AAC686F79AB556FB8B40
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BF5F834A9D042FF14557352C21AE35A3
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9680EEBABCA51AACD13ACBC9DCA81ED2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B79F8E1373DEF6CF965CC727BAA1E452
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 258C6525FAEE94B0464C647707CA8B1A
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 6FECEE528FFE92B2CA6E1EEEF96094E7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: CC85B8B966BB3F3C1BF802696D707A4B
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Frame ID: 44E30BFF73D9762171806DBCD6D29E5A
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Frame ID: 9D95E0356F383EDFD4559354DE401B16
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.sahadan.com/ HTTP 302
    http://arsiv.sahadan.com/Default.aspx Page URL

Page Statistics

253
Requests

66 %
HTTPS

41 %
IPv6

54
Domains

78
Subdomains

56
IPs

11
Countries

3684 kB
Transfer

12088 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.sahadan.com/ HTTP 302
    http://arsiv.sahadan.com/Default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • http://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan HTTP 301
  • https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Request Chain 130
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHyxFQy9JpD72fbWGsdO7qg&google_cver=1&google_push=AQvitUKQXiN8Rwvyentci7qgBJRBWZeh6ZOEanCuzHfDiB1oYxh-7pRkz39ciG2UIVv8cxYI9baQR4JIiXz0QmdMGR16Y25z8ac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzczMzA4NDE5MTcwNjg4MjIyNA== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHyxFQy9JpD72fbWGsdO7qg&google_cver=1
Request Chain 131
  • https://a.c.appier.net/gcm?google_gid=CAESEGPdfW7IAUWSYhBrBEHfA8c&google_cver=1&google_push=AQvitUIxUos76IJfwsfOxqpGoteHieKphOiwTqrnPedNPyr7BlvOH0BYUHvYVGTWeCmlPjB1BzUOYlPuQ_ut9FjSFNybEY6ndac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=T0pWcVJMamJCME81cGpyOWdfYzJZQQ%3D%3D&google_push=AQvitUIxUos76IJfwsfOxqpGoteHieKphOiwTqrnPedNPyr7BlvOH0BYUHvYVGTWeCmlPjB1BzUOYlPuQ_ut9FjSFNybEY6ndac
Request Chain 132
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENkd49XU5ufE5hI5gFvQ7pw&google_cver=1&google_push=AQvitUJtRnR4YvjIn8Od0y8x2hCnYRO7O1nML1To1h53PaxdevNQt6TNd_RRC1lBnsSzlA6AurU4UyT7GnX_vDEr7pSmcQNhV2s HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENkd49XU5ufE5hI5gFvQ7pw&google_cver=1&google_push=AQvitUJtRnR4YvjIn8Od0y8x2hCnYRO7O1nML1To1h53PaxdevNQt6TNd_RRC1lBnsSzlA6AurU4UyT7GnX_vDEr7pSmcQNhV2s HTTP 302
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=b7aff791-7047-4a80-a19e-126539806ef9&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJtRnR4YvjIn8Od0y8x2hCnYRO7O1nML1To1h53PaxdevNQt6TNd_RRC1lBnsSzlA6AurU4UyT7GnX_vDEr7pSmcQNhV2s&google_hm=rLkEqd1zTt-vjZes6XTkog==
Request Chain 133
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEafhIAgBFSuHptc09CsHWM&google_cver=1&google_push=AQvitUL3K8IZcYG1TR15oG129-xugdSyKiY6Zq2JoGin5fq9jJejNypEQl9Jsp2iht7BXSH36VdWi8NNavtL_M-qeUVUFBoL7Es HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEafhIAgBFSuHptc09CsHWM&google_cver=1&google_push=AQvitUL3K8IZcYG1TR15oG129-xugdSyKiY6Zq2JoGin5fq9jJejNypEQl9Jsp2iht7BXSH36VdWi8NNavtL_M-qeUVUFBoL7Es HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU1MDg2MDQzMDcwNzM4OTA&google_push=AQvitUL3K8IZcYG1TR15oG129-xugdSyKiY6Zq2JoGin5fq9jJejNypEQl9Jsp2iht7BXSH36VdWi8NNavtL_M-qeUVUFBoL7Es
Request Chain 134
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKe8bI-jwA7a8kcSH_gHB60&google_cver=1&google_push=AQvitUJGa617hLKtMMk28cHAmDx01JiO4y64J0eZT9-w0NLRH2v1CPq-O_Uf-DwJPF-O-2p_U7tM2BJtbAYu7ucKYGI_azMLBA HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKe8bI-jwA7a8kcSH_gHB60&google_cver=1&google_push=AQvitUJGa617hLKtMMk28cHAmDx01JiO4y64J0eZT9-w0NLRH2v1CPq-O_Uf-DwJPF-O-2p_U7tM2BJtbAYu7ucKYGI_azMLBA&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJGa617hLKtMMk28cHAmDx01JiO4y64J0eZT9-w0NLRH2v1CPq-O_Uf-DwJPF-O-2p_U7tM2BJtbAYu7ucKYGI_azMLBA&google_hm=7mqO5jXpycYFRVLQG4_2ww==
Request Chain 135
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJEdpn6vUZU34iPZZWXvViw&google_cver=1&google_push=AQvitUJ6ahWBZKzToYuCMZ6NeXnhk_nRjfTQGmsKJGO5UYwuQFyn--AkmSh9mCSB1ZKujx0WeP6Uf21qOwFdyLzKwic01_caaQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLNVlJOE4tMUYtRzRCNw==&google_push=AQvitUJ6ahWBZKzToYuCMZ6NeXnhk_nRjfTQGmsKJGO5UYwuQFyn--AkmSh9mCSB1ZKujx0WeP6Uf21qOwFdyLzKwic01_caaQ
Request Chain 150
  • http://cloudfront-labs.amazonaws.com/x.png HTTP 301
  • http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
  • http://a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net/test.png
Request Chain 151
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 153
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 154
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1860419511&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&utmhid=1873858915&utmr=-&utmp=%2FDefault.aspx&utmht=1614215042536&utmac=UA-241588-1&utmcc=__utma%3D140208355.511863345.1614215042.1614215042.1614215042.1%3B%2B__utmz%3D140208355.1614215043.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1774894661&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1860419511&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&utmhid=1873858915&utmr=-&utmp=%2FDefault.aspx&utmht=1614215042536&utmac=UA-241588-1&utmcc=__utma%3D140208355.511863345.1614215042.1614215042.1614215042.1%3B%2B__utmz%3D140208355.1614215043.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1774894661&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=511863345.1614215042&jid=1774894661&_v=5.7.2&z=1860419511
Request Chain 159
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1614215042600&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1614215042600&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c9=&cs_ak_ss=1
Request Chain 161
  • http://gatr.hit.gemius.pl/fpdata.js?href=arsiv.sahadan.com HTTP 301
  • https://gatr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.sahadan.com
Request Chain 164
  • http://str.hit.gemius.pl/fpdata.js?href=arsiv.sahadan.com HTTP 301
  • https://str.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.sahadan.com
Request Chain 174
  • http://gatr.hit.gemius.pl/_1614215042836/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=W_t2afSL4tAC8y38CMcUb3sX5KjE.ldxZnMq4Fk6.yv.v7&vis=1 HTTP 301
  • https://gatr.hit.gemius.pl/_sslredir/_1614215042836/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=W_t2afSL4tAC8y38CMcUb3sX5KjE.ldxZnMq4Fk6.yv.v7&vis=1 HTTP 301
  • https://gatr.hit.gemius.pl/__/_sslredir/_1614215042836/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=W_t2afSL4tAC8y38CMcUb3sX5KjE.ldxZnMq4Fk6.yv.v7&vis=1
Request Chain 197
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOm1aFoj917YuuNpGsVMkKQ&google_cver=1&google_push=AQvitUIh_36DIqUYlvmm9J4demXG5C-jiyg8BvZS908bgwXwcGObp82a8W3T-6E3lRqFv1jbAgzcO2jEt4DDXFpwPKUlZ1u6RbY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOm1aFoj917YuuNpGsVMkKQ&google_push=AQvitUIh_36DIqUYlvmm9J4demXG5C-jiyg8BvZS908bgwXwcGObp82a8W3T-6E3lRqFv1jbAgzcO2jEt4DDXFpwPKUlZ1u6RbY
Request Chain 198
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEE2vjJAqEIIOPnJ-NJ10BSM&google_cver=1&google_push=AQvitULmcc1x9e9tFwDsBgs8gX4ZE-Ze2ABtqFngaUm5RUHq9pnf4kT7oPPM3O4-lypEEBvyHLlkIDnNDCzrjxfQhDrae3msVek HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=URZTRH2MSj6feYhbDK8KXA2&google_push=AQvitULmcc1x9e9tFwDsBgs8gX4ZE-Ze2ABtqFngaUm5RUHq9pnf4kT7oPPM3O4-lypEEBvyHLlkIDnNDCzrjxfQhDrae3msVek
Request Chain 200
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEI6qUVLrx37svXYojaGrQBQ&google_cver=1&google_push=AQvitUIBTA4z2oYMlI8JmJnbYWouzv1F5-C2z6w9J4C3s2sdbm-DodALkEnJ4L-fCBtkIuE9BYtJzpXwf07gQWtCAutd9YgB-JM HTTP 301
  • https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEI6qUVLrx37svXYojaGrQBQ&google_cver=1&google_push=AQvitUIBTA4z2oYMlI8JmJnbYWouzv1F5-C2z6w9J4C3s2sdbm-DodALkEnJ4L-fCBtkIuE9BYtJzpXwf07gQWtCAutd9YgB-JM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUIBTA4z2oYMlI8JmJnbYWouzv1F5-C2z6w9J4C3s2sdbm-DodALkEnJ4L-fCBtkIuE9BYtJzpXwf07gQWtCAutd9YgB-JM
Request Chain 203
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEON03xqluzHynbK5BV-qv6g&google_cver=1&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYsy7cSujUuUAd9FkMm2xiSfCgcnaJTlZ6YTUR3pFswKak HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEON03xqluzHynbK5BV-qv6g&google_cver=1&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYsy7cSujUuUAd9FkMm2xiSfCgcnaJTlZ6YTUR3pFswKak&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEON03xqluzHynbK5BV-qv6g&google_cver=1&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYsy7cSujUuUAd9FkMm2xiSfCgcnaJTlZ6YTUR3pFswKak&apid=UP59d6729d-7705-11eb-ab73-06fdcdad5690 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEON03xqluzHynbK5BV-qv6g&google_cver=1&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYsy7cSujUuUAd9FkMm2xiSfCgcnaJTlZ6YTUR3pFswKak&apid=UP59d6729d-7705-11eb-ab73-06fdcdad5690&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1OWQ2NzI5ZC03NzA1LTExZWItYWI3My0wNmZkY2RhZDU2OTA%3D&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYsy7cSujUuUAd9FkMm2xiSfCgcnaJTlZ6YTUR3pFswKak
Request Chain 205
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEP03GXuK5vNUCRyVGWXuTW8&google_cver=1&google_push=AQvitULdriwZU9MAgZbavuTBorFrF2TmxIlHabuvwJik__PGtKOvzBHpDXZO43PkR9lmUZPOxsLNBInB4Bp7ksDGI9rm7m8rndhj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitULdriwZU9MAgZbavuTBorFrF2TmxIlHabuvwJik__PGtKOvzBHpDXZO43PkR9lmUZPOxsLNBInB4Bp7ksDGI9rm7m8rndhj&google_hm=NjUwMTMyODgwMzYwMzk0NTQw HTTP 302
  • https://a.rfihub.com/cm?pub=445&google_error=5
Request Chain 206
  • https://a.c.appier.net/gcm?google_gid=CAESEGPdfW7IAUWSYhBrBEHfA8c&google_cver=1&google_push=AQvitUKI9lPqDETyp_-SxQnlQBlZOC-xr-FRZEiU2VkfpdYXmkOY-MiuUAsE-73H1oSs-yucLCogUDKWyF6eIJoCutjWFrvws70x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Z1hYTGoxSzJCZ0d6ZUpKWmdfYzJZQQ%3D%3D&google_push=AQvitUKI9lPqDETyp_-SxQnlQBlZOC-xr-FRZEiU2VkfpdYXmkOY-MiuUAsE-73H1oSs-yucLCogUDKWyF6eIJoCutjWFrvws70x
Request Chain 209
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDYdj0GzHFuYVwtSvKbqoYk&google_cver=1&google_push=AQvitUJ50l3BqskCFhtpn-DyyqkHpXxRBmS-1uvkdN0MPa0t2Z5t2Sr7H8mz4Y6kzV9afg6SgED1o5ybW3PZNcp_lGrUOmf1YxkB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUJ50l3BqskCFhtpn-DyyqkHpXxRBmS-1uvkdN0MPa0t2Z5t2Sr7H8mz4Y6kzV9afg6SgED1o5ybW3PZNcp_lGrUOmf1YxkB
Request Chain 210
  • https://cs.media.net/cksync?type=g&google_gid=CAESECZsS7a8DcpoibxBIueDTWQ&google_cver=1&google_push=AQvitUKzELVFJWTCJK4n-2_F9g6LS-j9otfqf56UE5UgLb6H69KAY6s-eBQpRyKu7xdCvQn8tEAb1PRmg_RIBHlsv4dm1th-8kZ7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_push=AQvitUKzELVFJWTCJK4n-2_F9g6LS-j9otfqf56UE5UgLb6H69KAY6s-eBQpRyKu7xdCvQn8tEAb1PRmg_RIBHlsv4dm1th-8kZ7&google_hm=MjU3MjE2NjQzMjExMDY4MjAwMFYxMA%3d%3d&mn_hm=MjU3MjE2NjQzMjExMDY4MjAwMFYxMA%3d%3d&google_sc=1
Request Chain 249
  • https://www.awin1.com/cshow.php?s=2752469&v=21461&q=400969&r=412863&pv=1&pref3=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=5b2ed5f0-7705-11eb-975f-692d0f3afe45&v=21461&r=412863&q=400969&s=2752469&viewref3=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&pv=1&gdpr=0&gdpr_consent=
Request Chain 251
  • https://www.awin1.com/cshow.php?s=2403520&v=13112&q=365149&r=412863&pv=1&pref3=oneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=5b30d1c0-7705-11eb-b15c-692d064d6d31&v=13112&r=412863&q=365149&s=2403520&viewref3=oneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&pv=1&gdpr=0&gdpr_consent=
Request Chain 260
  • https://track.effiliation.com/servlet/effi.show?id_compteur=22479799&effi_id=oneidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.welcomeoffice.com/WO_Images/promotion/OPE/HomePage/_2020/01-Affiliation/03-mars/0320_2en1_diffuseur_120_600.gif?gdpr_consent=&gdpr=0&gdpr_pd=0&
Request Chain 261
  • https://track.effiliation.com/servlet/effi.show?id_compteur=22414148&effi_id=oneidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.bdfugue.com/affili_bd/public/servebanner.php?name=btn-achat-bd-200x65px?gdpr_consent=&gdpr=0&gdpr_pd=0&

253 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Default.aspx
arsiv.sahadan.com/
Redirect Chain
  • https://www.sahadan.com/
  • http://arsiv.sahadan.com/Default.aspx
42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) / ASP.NET
Resource Hash
5ed13d52a3cc1a8f4cb70e34d58e2f24c9f9544b1e63353129c7182620edaf56

Request headers

Host
arsiv.sahadan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
CCAcc (1.0.1/nvm-ists3)
Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
public, max-age=179
Expires
Thu, 25 Feb 2021 01:03:58 GMT
Last-Modified
Thu, 25 Feb 2021 01:00:38 GMT
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
sloc
593
s
88
MIDDLE-X-US
HIT
Content-Encoding
gzip
X-US
EXPIRED

Redirect headers

server
AkamaiGHost
content-length
0
location
http://arsiv.sahadan.com/Default.aspx
cache-control
max-age=0
date
Thu, 25 Feb 2021 01:04:00 GMT
x-content-type-options
nosniff
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; connect-src https: wss:; font-src https: data:; media-src https: blob:;
strict-transport-security
max-age=63072000
x-xss-protection
1
x-frame-options
DENY
Master.css
is.cdn.md/i4/Css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/Master.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
b3f2e69fff634830a400c124c00dd5c97f023d6154a03aa9ec9a5eb690c9f196

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Apr 2013 14:18:50 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"eae97297630ce1:0"
ntCoent-Length
18666
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
3302
Expires
Sat, 27 Mar 2021 01:04:00 GMT
Menu.css
is.cdn.md/i4/Css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/Menu.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
b4a7ef9af3af11bb37d635bfed849032d26ef1cd51095cff7e664fcddf9e114c

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2013 13:55:00 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"c92e784bb20ce1:0"
ntCoent-Length
4277
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1143
Expires
Sat, 27 Mar 2021 01:04:00 GMT
master2.css
is.cdn.md/i4/Css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/master2.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
e62af54a296f56631510f41fe04abc6fdb1b703d6e2968a50a6741c5aac93ea0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cteonnt-Length
23574
Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Nov 2016 15:56:11 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"2d3995f32140d21:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
4340
Expires
Sat, 27 Mar 2021 01:04:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.4/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 20:21:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
16944
Cross-Origin-Resource-Policy
cross-origin
Content-Length
27266
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 24 Feb 2022 20:21:36 GMT
master.js
is.cdn.md/i4/Js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/master.js?v=2.7.61
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
c21a3f821b4d312076f3a473f9e741b53658761b5f0886873e12039eb5190cbe

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 13:18:39 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"2978c94e2242d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Sat, 27 Mar 2021 01:04:00 GMT
advertisement.js
b.cdn.md/admost/ 		34 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
http://b.cdn.md/admost/advertisement.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.102 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-s2) / ASP.NET
Resource Hash
cb9404060fda4757f932c63af8efa23cb6088538410793e9ce068f0d1818df51
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Tue, 06 Oct 2015 08:49:58 GMT
Server
CCAcc (1.0.1/izm-s2)
X-Powered-By
ASP.NET
ETag
"90556fb130d11:0"
Strict-Transport-Security
max-age=157680000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34
Expires
Sat, 27 Mar 2021 01:04:01 GMT
rupsahadan.com.arsiv.js
cdn.eksiup.com/api/special/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac6ce78f20b36f29dcff9c4de6ad5014e363ac53b6891a3627b5003574a227c9

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3207
cf-bgj
minify
cf-request-id
08784fe8cd00002c4a012c1000000001
last-modified
Mon, 18 Jan 2021 17:53:16 GMT
server
cloudflare
etag
W/"6005cb0c-1d0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bv3vOdMIF%2FcRMgL%2Bj3r1KiqCWDKtRYHgGk2LomqxbY%2B77xKdqW7MHM8yhYoozqdMvZpoBMseE4um1a%2BzLwEnrjchfI%2FH442Fnb7Fnh0dcvv6QjGD6Z4Ws62d5A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
626d8287abe92c4a-FRA
expires
Tue, 23 Feb 2021 08:04:08 GMT
galleryview.css
is.cdn.md/i4/Css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/galleryview.css?v=1.20.07
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
cecaa3c6afa068e141ee4972e5449634fb581b3447bfa6169d3c038d2450a5e8

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cteonnt-Length
2847
Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2013 13:42:31 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"a96a2d15f5b9ce1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1148
Expires
Sat, 27 Mar 2021 01:04:00 GMT
jquery.galleryview-1.1.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.galleryview-1.1.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
9e0475bc6b5858f1d4d16178f48f9993fc45ecd976c9c147330ed300fc220c51

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 09:13:55 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"a643d137de3cce1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Sat, 27 Mar 2021 01:04:00 GMT
jquery.timers-1.1.2.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.timers-1.1.2.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 07:48:19 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"8d371e42d23cce1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Sat, 27 Mar 2021 01:04:00 GMT
jquery.easing.1.3.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.easing.1.3.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 07:48:17 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"bbc95841d23cce1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Sat, 27 Mar 2021 01:04:00 GMT
HomeScores2.js
is.cdn.md/i4/Js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/HomeScores2.js?v=1.20.07
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
a81cecefe8865615fe3e4c8858e69f1d92f4cff8a56095d2c57bdfb61fb07439

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2013 16:33:42 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"9f80fe70d7e6ce1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Sat, 27 Mar 2021 01:04:00 GMT
gunun-maci-style.css
is.cdn.md/i4/Css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/gunun-maci-style.css?v=1.20.08
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
3ea5f5e57bcdba2a5925058f077a3c016ac0c03d940a9866f82bddd5bf150dd2

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Aug 2015 11:01:52 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"b68be9e37dbd01:0"
ntCoent-Length
4225
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1024
Expires
Sat, 27 Mar 2021 01:04:00 GMT
jquery.autocomplete.css
is.cdn.md/i4/Css/jquery-autocomplete/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/jquery-autocomplete/jquery.autocomplete.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
mgladbach-manchester-city-02242021-b.jpg
hm.cdn.md/img/haberbuyuk/m/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/m/mgladbach-manchester-city-02242021-b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
373394aab07f124ec326597a9aaadfe9a0578eefba1ded64b3201117e74184a9

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"102f1c20fbad71:0"
Last-Modified
Wed, 24 Feb 2021 22:19:32 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47912
Expires
Sat, 27 Mar 2021 01:04:01 GMT
atalanta-real-madrid-cl-02242021-b.jpg
hm.cdn.md/img/haberbuyuk/a/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/a/atalanta-real-madrid-cl-02242021-b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
96408cb4ac8a38aa57d5b6ca134149888cd76637f2fe49542a972827cc5073f2

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"10822aafbad71:0"
Last-Modified
Wed, 24 Feb 2021 22:18:55 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64188
Expires
Sat, 27 Mar 2021 01:04:01 GMT
MostafaMohamed_HenryOnyekuru_Galatasaray_golsevinci_14Subat2021_B.jpeg
hm.cdn.md/img/haberbuyuk/M/ 		312 KB
312 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/M/MostafaMohamed_HenryOnyekuru_Galatasaray_golsevinci_14Subat2021_B.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
4e86c59cc871ec19493dcff904d6791816d5cf4f69e88e486cae24774b4206e5

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"403acddb643d71:0"
Last-Modified
Mon, 15 Feb 2021 06:36:14 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
319378
Expires
Sat, 27 Mar 2021 01:04:01 GMT
tottenham-gol-sevinci-02242021-b.jpg
hm.cdn.md/img/haberbuyuk/t/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/t/tottenham-gol-sevinci-02242021-b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
81fff0fa5d9f617e0f369c15511a1f70daffd1b64bfcc6cc40b609a306cf9d58

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"b036c486eaad71:0"
Last-Modified
Wed, 24 Feb 2021 20:20:43 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59426
Expires
Sat, 27 Mar 2021 01:04:01 GMT
yasarkemalugurlu_depophotos_24022021b.jpg
hm.cdn.md/img/haberbuyuk/y/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/y/yasarkemalugurlu_depophotos_24022021b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
9ef1e509d03d84c2359638dae5c349e6bbbe5b951747ccd5f26c4b8db9737909

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"d0412efba4ad71:0"
Last-Modified
Wed, 24 Feb 2021 12:02:53 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58806
Expires
Sat, 27 Mar 2021 01:04:01 GMT
mgladbach-manchester-city-02242021-k.jpg
hm.cdn.md/img/haber/m/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/m/mgladbach-manchester-city-02242021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
f7aa75ce5435748253062fe337a401938cb9e3fc5e3b63a56a2c97ebf2ac0ec8

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"102f1c20fbad71:0"
Last-Modified
Wed, 24 Feb 2021 22:19:32 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6853
Expires
Sat, 27 Mar 2021 01:04:01 GMT
atalanta-real-madrid-cl-02242021-k.jpg
hm.cdn.md/img/haber/a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/a/atalanta-real-madrid-cl-02242021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
13c67de794ac935f63c8da36e01421c4a6a43070855376edb36634b1311fef4f

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"b02028afbad71:0"
Last-Modified
Wed, 24 Feb 2021 22:18:55 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8320
Expires
Sat, 27 Mar 2021 01:04:01 GMT
MostafaMohamed_HenryOnyekuru_Galatasaray_golsevinci_14Subat2021_k.jpeg
hm.cdn.md/img/haber/M/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/M/MostafaMohamed_HenryOnyekuru_Galatasaray_golsevinci_14Subat2021_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
10c37086a86c14b45bbbb9ad772c65587a4d8be73c860db9546e0c375dfa2952

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"e0d8cadb643d71:0"
Last-Modified
Mon, 15 Feb 2021 06:36:14 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28794
Expires
Sat, 27 Mar 2021 01:04:01 GMT
tottenham-gol-sevinci-02242021-k.jpg
hm.cdn.md/img/haber/t/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/t/tottenham-gol-sevinci-02242021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
1683dcbc2d78096fd657d91311e0c4fe1ff15ba073b519bf58bb423a329023d2

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"50d5c186eaad71:0"
Last-Modified
Wed, 24 Feb 2021 20:20:43 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7862
Expires
Sat, 27 Mar 2021 01:04:01 GMT
yasarkemalugurlu_depophotos_24022021k.jpg
hm.cdn.md/img/haber/y/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/y/yasarkemalugurlu_depophotos_24022021k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
7ff59a5a1631c004d2504a74ae80f7417e27ae6dba8ff1e43e2109c0562f3cc9

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"70e02bfba4ad71:0"
Last-Modified
Wed, 24 Feb 2021 12:02:53 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11357
Expires
Sat, 27 Mar 2021 01:04:01 GMT
bayern-gol-sevinci-musiala-02232021-k.jpg
hm.cdn.md/img/haber/b/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/b/bayern-gol-sevinci-musiala-02232021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
1f21ec2a91bb5eb20ba91a53c2fb58950315562e1d4d0b9ca921de0bd4363a23

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"90f263e730ad71:0"
Last-Modified
Tue, 23 Feb 2021 22:11:58 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7681
Expires
Sat, 27 Mar 2021 01:04:01 GMT
abdullahavci_depophotos_24022021k.jpg
hm.cdn.md/img/haber/a/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/a/abdullahavci_depophotos_24022021k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
c491068ddad8d7d4d29fea236265f930eb40ef1db48ce63b342d24c149b92694

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"b06cd4ad8cad71:0"
Last-Modified
Wed, 24 Feb 2021 09:08:55 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5889
Expires
Sat, 27 Mar 2021 01:04:01 GMT
hidayet-turkoglu_20210224_2kkk.jpg
hm.cdn.md/img/haber/h/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/h/hidayet-turkoglu_20210224_2kkk.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
5b2bfee61149c85028b4856fe9878b009be79bf0bb6c87380535cf3c2d320561

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"7074ba65bdad71:0"
Last-Modified
Wed, 24 Feb 2021 14:57:40 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32466
Expires
Sat, 27 Mar 2021 01:04:01 GMT
hakankutlu_aa_24022021k.jpg
hm.cdn.md/img/haber/h/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/h/hakankutlu_aa_24022021k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
085861a38ad63497a90705540dc6a9513ec332b4649c1bfc2a99c1987ceb8109

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"108468c1a9ad71:0"
Last-Modified
Wed, 24 Feb 2021 12:37:04 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29269
Expires
Sat, 27 Mar 2021 01:04:01 GMT
hatay_stadyum_aa_24022021k.jpg
hm.cdn.md/img/haber/h/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/h/hatay_stadyum_aa_24022021k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
c8f451ebabcc71b7af2cc208b4fd1cc47d92f47bf6cd82036111012019e558d2

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"905586bb8bad71:0"
Last-Modified
Wed, 24 Feb 2021 09:02:09 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40550
Expires
Sat, 27 Mar 2021 01:04:01 GMT
leicester-city-gol-sevinci-02212021-k.jpg
hm.cdn.md/img/haber/l/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/l/leicester-city-gol-sevinci-02212021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
2bbf41e259c09f15eecd3ecd8751f767b3192f134002f039ccff3824ca23da2a

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"40c852b86f8d71:0"
Last-Modified
Sun, 21 Feb 2021 16:36:35 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7233
Expires
Sat, 27 Mar 2021 01:04:01 GMT
manchesterunited_02022021k.jpg
hm.cdn.md/img/haber/m/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/m/manchesterunited_02022021k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
c16d5b3a69e6cd1f43f9a193dcf3ce567fc90758be77cfa936848d1ef74fc7fb

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"70e93ec15fad61:0"
Last-Modified
Wed, 03 Feb 2021 10:18:32 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5393
Expires
Sat, 27 Mar 2021 01:04:01 GMT
tigerwoods-kaza_AA-2384183kkk.jpg
hm.cdn.md/img/haber/t/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/t/tigerwoods-kaza_AA-2384183kkk.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
3a262c0d0e714bb72a7ba214036286d33a65d15af83871f922017dd593a84a4b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"30f22c7eb8ad71:0"
Last-Modified
Wed, 24 Feb 2021 14:22:33 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47504
Expires
Sat, 27 Mar 2021 01:04:01 GMT
dan-petrescu-kayserispor-01252021-k.jpg
hm.cdn.md/img/haber/d/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/d/dan-petrescu-kayserispor-01252021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
2f4e4b4105389d0a134b238449e38ed86db920d1fef389b43d6eecabaadddca1

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"f01ddcf549f3d61:0"
Last-Modified
Mon, 25 Jan 2021 18:43:23 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7325
Expires
Sat, 27 Mar 2021 01:04:01 GMT
taner-taskin-tuzlaspor-02242021-k.jpg
hm.cdn.md/img/haber/t/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/t/taner-taskin-tuzlaspor-02242021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
1324d6ec719784d7e06c70744db3c98220014d51ac95f960bd478a573c5196e2

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"30f212f9c0ad71:0"
Last-Modified
Wed, 24 Feb 2021 15:23:15 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4475
Expires
Sat, 27 Mar 2021 01:04:01 GMT
celtic_lennon_AA-1350663kkk.jpg
hm.cdn.md/img/haber/c/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/c/celtic_lennon_AA-1350663kkk.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
07c333a26b9af10dbc692cec3727af9a4ef7a0dea4bc15830a23de1a6e047ef2

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"30a4ad29bcad71:0"
Last-Modified
Wed, 24 Feb 2021 14:48:50 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69458
Expires
Sat, 27 Mar 2021 01:04:01 GMT
MarcMarquez_DepoPhotos_15362861kkk.jpg
hm.cdn.md/img/haber/M/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/M/MarcMarquez_DepoPhotos_15362861kkk.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
136.243.151.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s3.cubecdn.net
Software
CCAcc (1.0.1/frk-s3) / ASP.NET
Resource Hash
a676716064c7d7a2a2ef0277ae2287b41fb6b8561ac8cf0581d73096825cacda

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
ETag
"d0c9588eb9ad71:0"
Last-Modified
Wed, 24 Feb 2021 14:30:10 GMT
Server
CCAcc (1.0.1/frk-s3)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11273
Expires
Sat, 27 Mar 2021 01:04:01 GMT
38238
tags.bluekai.com/site/
Redirect Chain
  • http://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
  • https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
62 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-152-128.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
71f8
Content-Type
image/gif

Redirect headers

Location
https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Date
Thu, 25 Feb 2021 01:04:01 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
footer-ico.png
is.cdn.md/i4/Img/index/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/footer-ico.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"48366ecc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
946
Expires
Sat, 27 Mar 2021 01:04:00 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-102.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 00:34:48 GMT
Via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
12875354
ETag
"96c08723796affab377d9bb08d631cd0"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
4264
X-Amz-Cf-Id
cmGHTYR8J1cb3X6oIDY07arb3cALsbn1DG1THQFKOta1xs-YRSZHCQ==
adblockDetectorWithGA.js
is.cdn.md/i4/Js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/adblockDetectorWithGA.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
14ee0390722dba1d6e95b766412095d436df22f30b83dfbb9cb38fde3cd72c95

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Dec 2016 10:14:45 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"b31f20bdbb4bd21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Sat, 27 Mar 2021 01:04:00 GMT
admost.js
go.admost.com/adx/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
7cfd963ca40a2d020192e1bc5bca99be80bcbd2fcec9b25d6ad552b7def38727

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Mon, 01 Feb 2021 21:22:50 GMT
Server
haproxy-go
Accept-Ranges
bytes
Content-Length
4299
Content-Type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
1a1f54d415d54227cbfa1c4e675e0a065ff6049fe9b63553ab448f4f188d10f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"794 / 683 of 1000 / last-modified: 1614208158"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19418
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:01 GMT
jquery.autocomplete.css
is.cdn.md/i4/Css/jquery-autocomplete/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/jquery-autocomplete/jquery.autocomplete.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
bg.jpg
is.cdn.md/i4/Img/index/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/bg.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
f8c438d279c6bd38c07d7713ec638668b54cbb2b2e55d01e3a7ba28f144365ee

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:00 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"3d5360cc22ace1:0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
88304
Expires
Sat, 27 Mar 2021 01:04:00 GMT
dimml.js
cdn.dimml.io/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/dimml.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
baa9495d62f57a51e558c8eed6ee3c00f83b86a6cc22773fb540a151515f2372

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-77-NZT
AcO1ryzFwTbvVLIAAA==
Date
Thu, 25 Feb 2021 01:04:01 GMT
Content-Encoding
gzip
ETag
W/"89b16e35ecc3"
Server
CDN77-Turbo
X-77-NZT-Ray
zlhbnv0CsIU=
Transfer-Encoding
chunked
X-77-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
X-Cache
HIT
Connection
keep-alive
X-Age
45652
X-77-POP
frankfurtDE
Expires
Thu, 25 Feb 2021 12:23:09 GMT
header-bg.png
is.cdn.md/i4/Img/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/header-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
3f71c7e1467e9bac745ba1f27ec773b77b04b551e3b48eae8447a14c43aefc0d

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"69ce70cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1116
Expires
Sat, 27 Mar 2021 01:04:01 GMT
logo.png
is.cdn.md/i4/Img/index/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/logo.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
96c0598f9fe9df975d595a6ba24ebff8c1bd6fe14902dd37b2ebb639daedf5bf

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"50f782cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
17985
Expires
Sat, 27 Mar 2021 01:04:01 GMT
menu-bg.png
is.cdn.md/i4/Img/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
e4bc697496bb350dee2dd90f94e8454e52a371f64121a5565f0a54652a0716e5

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"718f85cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1109
Expires
Sat, 27 Mar 2021 01:04:01 GMT
menu-selected-bg2.png
is.cdn.md/i4/Img/index/ 		954 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-selected-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
fddc433f7cc747ef4fe82c66486feb8783af32e11f590cf4bb46708b8ec05418

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Thu, 18 Apr 2013 14:50:07 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"afa8c34443cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
954
Expires
Sat, 27 Mar 2021 01:04:01 GMT
menu-border.png
is.cdn.md/i4/Img/index/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-border.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
a314bd0381551764a32150f16251feccf4184b14859eadec2e06cb0d35d4681e

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"d77986cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
931
Expires
Sat, 27 Mar 2021 01:04:01 GMT
menu-bar-bg2.png
is.cdn.md/i4/Img/index/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-bar-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
aa2cb8a5241d24ae98bad193afc76ca3b5437f2d95c62c7c49dbdc9ad6a2fac9

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Thu, 18 Apr 2013 14:50:07 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"578ebd4443cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
969
Expires
Sat, 27 Mar 2021 01:04:01 GMT
menu-arrow2.png
is.cdn.md/i4/Img/index/ 		953 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-arrow2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
ded1d9b7817a8247c96877fb6bfef1f651d94018cc4df64f298209867a4307e9

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Thu, 18 Apr 2013 14:59:21 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"a6a74f453cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
953
Expires
Sat, 27 Mar 2021 01:04:01 GMT
get.ashx
go.admost.com/adx/ 		912 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=46730&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
ecbc2fea35cebc7a42cc70b84e1e041153cb8686435a4d8f1c7edbd404c683ef

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:01 GMT
Server
haproxy-go
Pbk
473075-328645-46730
Var
s:go917;c:1;e:-9223372036;hc:0;r:>473075-328645-46730-0;cs:cp:cache_z_46730_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
912
Expires
-1
pubads_impl_2021021801.js
securepubads.g.doubleclick.net/gpt/ 		292 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
f76bf2498cc215bd189c7e15bdd617ef64110566f7701dcf920ad3838301624b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 09:38:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104640
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:01 GMT
sticky-footer.js
cdn.eksiup.com/api/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384b935474ab09f84f7e845a6e91d8cbad2ff14ed25053d0be524d4624550875

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3487
cf-polished
origSize=9393
cf-bgj
minify
cf-request-id
08784fe9c700002c4ae72cd000000001
last-modified
Sat, 05 Dec 2020 00:45:47 GMT
server
cloudflare
etag
W/"5fcad83b-24b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ooKMwe7yGPIebILRS1TzxCeXMRBGqjRzVCbRBijRsbEAIJG9hghh5G4YBFUAhXQbDkYuChO2nGCUD9sbK8Ejqp5q%2BZvpsYLimIde7LA9mk62B1WX%2Faa144PBuA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
626d82893d062c4a-FRA
expires
Tue, 23 Feb 2021 08:04:19 GMT
rupop.js
cdn.eksiup.com/api/special/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/special/rupop.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7623f5e61116a5e2fa2ab6e034b1a30f50fff25fcc7f8cfffdb8d84ff112cb1f

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2071
cf-bgj
minify
cf-request-id
08784fe9c800002c4aab9c5000000001
last-modified
Tue, 02 Feb 2021 11:14:31 GMT
server
cloudflare
etag
W/"60193417-47ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7%2Fi8MqAqXofb2Tl8TyhwausPHL7uI01%2FrI0J8hf6wUk2QGIdoNbemUOq7r50jCq33J3OWh%2BvmNBzFDNdLlWk84a51594cEuxDQyP11Hf2HnskfNHljNGmK4o2w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
626d82893d072c4a-FRA
expires
Tue, 09 Feb 2021 11:15:38 GMT
sticky-footer.php
cdn.eksiup.com/api/ 		669 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/sticky-footer.php?siteid=25&slotid=25&width=1600
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f324e01e06560f8cf72e66ba86e85294b4ddb2775c3690b18efbb7e6ef6c68eb

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

xr-caches
slave
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
xr-cache
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cbKt0%2FmmRM%2B5NIgbzVIUNP%2Fd2%2F5qdP7Lm7UUAkE%2BUFmD2KCMjMnn3MOJXdcYdU4kEZIC%2Fuq3%2Fx8g%2BtkthRJKBY6l9Z6NjZTBulHRKJGRMbau2w1V2LJAV0Ms6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
626d82896e023128-FRA
cf-request-id
08784fe9e30000312848122000000001
26cdb049e31383392e52f2ce80740946a255faeb.js
cdn.dimml.io/static/ 		611 B
824 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/static/26cdb049e31383392e52f2ce80740946a255faeb.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
34667fc83e3f4d9ff6080d44c4fc4dd87e0d3a6a8d680dbd3adb05a73d99f590

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Thu, 25 Feb 2021 01:04:01 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
X-77-NZT-Ray
L8341wScWbg=
Transfer-Encoding
chunked
X-77-Cache
MISS
X-Cache
EXPIRED
Connection
keep-alive
X-77-NZT
AcO1ryz6y1HLdgAAAA==
Server
CDN77-Turbo
ETag
W/"7c9fbe5f9b40"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=60
X-Age
118
Expires
Thu, 25 Feb 2021 01:05:01 GMT
get.ashx
go.admost.com/adx/ 		23 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=18834&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:01 GMT
Server
haproxy-go
Var
s:go917;c:1;e:52;hc:1
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
integrator.js
adservice.google.fr/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		446 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792916708875566&correlator=1589397600253638&output=ldjh&impl=fifs&eid=21068891&vrg=2021021801&ptt=17&sc=0&sfv=1-0-37&ecs=20210225&iu_parts=90851098%2Cinterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C480x320%7C800x600%7C970x90%7C640x480%7C320x480%7C970x250%7C300x600%7C336x280&fluid=height&cust_params=nativebox_site%3Dsahadan.com&cookie_enabled=1&bc=23&abxe=1&lmt=1614214838&dt=1614215041637&dlt=1614215040801&idt=820&frm=20&biw=1600&bih=1200&oid=3&adxs=-999&adys=3018&adks=276428721&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=480x320&ga_vid=511863345.1614215042&ga_sid=1614215042&ga_hid=1873858915&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a1f0a55cb79a36ad943e641684c820b59501609dee4daff7efb99f4d763f6aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		446 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792916708875566&correlator=167434028957712&output=ldjh&impl=fifs&eid=21068891&vrg=2021021801&ptt=17&sc=0&sfv=1-0-37&ecs=20210225&iu_parts=90851098%2Cinterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C480x320%7C800x600%7C970x90%7C640x480%7C320x480%7C970x250%7C300x600%7C336x280&fluid=height&rcs=1&eri=1&cust_params=nativebox_site%3Dsahadan.com&cookie_enabled=1&bc=23&abxe=1&lmt=1614214838&dt=1614215041641&dlt=1614215040801&idt=820&frm=20&biw=1600&bih=1200&oid=3&adxs=-999&adys=3018&adks=276428721&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=480x320&ga_vid=511863345.1614215042&ga_sid=1614215042&ga_hid=1873858915&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
cbfd41137ab7adf57c3b76f7a9c21e9582cccef23a60459133ebaf04e1124f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		71 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792916708875566&correlator=167434028957712&output=ldjh&impl=fifs&eid=21068891&vrg=2021021801&ptt=17&sc=0&sfv=1-0-37&ecs=20210225&iu_parts=90851098%2Carsiv.sahadan.com%2Ctopbanner_masthead_multisize_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C980x250%7C970x90&cust_params=nativebox_site%3Dsahadan.com&cookie_enabled=1&bc=23&abxe=1&lmt=1614214838&dt=1614215041643&dlt=1614215040801&idt=820&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=127&adks=3980191189&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=980x3018&msz=980x250&ga_vid=511863345.1614215042&ga_sid=1614215042&ga_hid=1873858915&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f70070a4919ca012cc1cbb3feaf8236523cf1d6c8c54f66b18759420069c0202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16549
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		352 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 30C3 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
0078599c726b5dd46bdc864a975bc46e3b4d015d3bdc9f40149cfcb1fbc28f7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"794 / 776 of 1000 / last-modified: 1614208253"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19419
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:01 GMT
gallery-right-bg.png
is.cdn.md/i4/Img/index/ 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/gallery-right-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
4ec12baf6cba1184f734c98640a42cd7a3208c2edf5871231eb6c3a58a021520

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"d06e6fcc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
928
Expires
Sat, 27 Mar 2021 01:04:01 GMT
get.ashx
go.admost.com/adx/ 		23 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=38097&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:01 GMT
Server
haproxy-go
Var
s:go601;cs:cp:cache_z_38097_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
pubads_impl_2021021801.js
securepubads.g.doubleclick.net/gpt/ Frame 30C3 		292 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
f76bf2498cc215bd189c7e15bdd617ef64110566f7701dcf920ad3838301624b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 09:38:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104640
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:01 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
get.ashx
go.admost.com/adx/ 		869 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=46727&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
9d21adb044419fe06abfc5656a0a367730ca5ecae45b3f78498a6d10e9d2a9f6

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:01 GMT
Server
haproxy-go
Pbk
473076-328644-46727
Var
s:go917;c:1;e:52;hc:1;r:>473076-328644-46727-0;cs:cp:cache_z_46727_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
869
Expires
-1
integrator.js
adservice.google.fr/adsid/ Frame 30C3 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 30C3 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 30C3 		460 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2450206661664796&correlator=2922832315011423&output=ldjh&impl=fif&eid=21068601%2C21068891%2C31060169%2C31060230%2C31060271%2C44733568&vrg=2021021801&ptt=17&sc=0&sfv=1-0-37&ecs=20210225&iu_parts=90851098%2Carsiv.mackolik.com%2Csticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C375x100%7C728x90%7C300x50%7C320x50%7C970x90&cookie=ID%3Df79e11cb0ff3b0f0-22a36fa195ba00d6%3AT%3D1614215041%3AS%3DALNI_MY1c7QoZW8LCM3IOvM8Ub_Li_4DmQ&bc=23&abxe=1&lmt=1614215041&dt=1614215041929&dlt=1614215041650&idt=134&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=800&adys=1317&adks=2617765872&ucis=lte6dw8jp0pi&ifi=1&ifk=628290966&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&top=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1x100&msz=1x100&ga_vid=206352080.1614215042&ga_sid=1614215042&ga_hid=2140314501&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c93fb7041e9f10a7c8b8bdcac6696d6e850e3f818d8b8a5660955bfe34028d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
88769ce7d1eb45880ecd5159bb0859fb.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 30C3 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://88769ce7d1eb45880ecd5159bb0859fb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 30C3 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.fr/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792916708875566&correlator=2586222566860409&output=ldjh&impl=fifs&eid=21068891&vrg=2021021801&ptt=17&sc=0&sfv=1-0-37&ecs=20210225&iu_parts=90851098%2Carsiv.sahadan.com%2Ctopmpu_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=nativebox_site%3Dsahadan.com&cookie=ID%3D3a110f5bf1dfdc62-22f8399195ba00cf%3AT%3D1614215041%3AS%3DALNI_MZcFQkRgo7uJhBn1PYs2EjanFgkEA&bc=23&abxe=1&lmt=1614214838&dt=1614215041944&dlt=1614215040801&idt=820&frm=20&biw=1600&bih=1200&oid=3&adxs=974&adys=388&adks=1287029852&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=316x266&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=511863345.1614215042&ga_sid=1614215042&ga_hid=1873858915&fws=4&ohw=970
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
359ab6c64089207559482c14ddaae88ca8773c21e1d787eaf8ceca712c679976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16556
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.ashx
go.admost.com/adx/ 		23 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=49848&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
haproxy-go
Var
s:go917;cs:cp:cache_z_49848_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
box-title-bg.png
is.cdn.md/i4/Img/index/ 		943 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/box-title-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
9d312140f3532b29659e3b5c2eb94ff9d7d5f09376b21993c5909442eece0067

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"70c860cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
943
Expires
Sat, 27 Mar 2021 01:04:01 GMT
box-title2.png
is.cdn.md/i4/Img/index/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/box-title2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
313d5cbad55a31674c5451e2a961ab892e951ea7c59396ea5a89c944c9b029bd

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:01 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"a28763cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1673
Expires
Sat, 27 Mar 2021 01:04:01 GMT
get.ashx
go.admost.com/adx/ 		23 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=34177&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
haproxy-go
Var
s:go602;c:1;e:53;hc:1
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ Frame 30C3 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a09623c2f9581981066ab40dfe5f59a8770b1dd155e7d522899ac738bc53b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6431
x-xss-protection
0
container.html
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7BB1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.sahadan.com/Default.aspx
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://arsiv.sahadan.com/Default.aspx

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Thu, 25 Feb 2021 01:04:01 GMT
expires
Fri, 25 Feb 2022 01:04:01 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613997197137185"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28345
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 30C3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:02 GMT
css
fonts.googleapis.com/ Frame 7BB1 		2 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 23:10:02 GMT
server
ESF
date
Thu, 25 Feb 2021 01:04:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Feb 2021 01:04:02 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame 7BB1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 16:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Mar 2021 16:30:46 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7BB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoPrjgfc2YPmPL-qv7_UP9feYyAPGmNLGYdX1oZvVC_zbyOf2GhABILqX7R5g-4GAgIgKoAGSn-aZA8gBCakCZopXB7RotD7gAgCoAwHIA5sEqgTcAU_QTjevwW0n2glfQSpf8AUtpZ0y6l0IwdYYgIumOgb2rgGVv30LwB0MFRPkz3oQ1Wu5pkAmxG9RRPSylbBEnJ2n09gVnMOR4OSS5MGob1qcsr1Z_9mBC0IaNIXuMD4VBc2D1JLgAmc7lfLuq4TzkaI12EPCvpw4cZSBxpz7AzC3_wHn__8T6ccJGJremWdf9ksOgpLDt_GfUrR7eURkVC7jSHnn3cyMs3nWmXkBTwjHgyUmlR_V_51pcqTUM0qXzm3GoQxlgc4jL-nZq659fxuVgdJ8B9LOjY0qWmHABMyc9tyBA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfW4JlmqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDUkAbSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgPICwHYEw6YFgGyFxoKGAgAEhRwdWItNTYxMDY0OTE0NjY3NDMwNg&sigh=JxiScsMfQrs&template_id=494&tpd=AGWhJmsE2LzX9f7PYRAhriSVbtQisC0kSPqbrLBv3XzlIdN5SQ
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/ Frame 7BB1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/abg_lite_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68f185f74b1c88db45d4af03c0833e9f74ff17552b163f090f16412e585a2129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 16:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
14380787468093307063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Mar 2021 16:30:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame 7BB1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/window_focus_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 03:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Mar 2021 03:29:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7BB1 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613997191106504"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame 7BB1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 16:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Mar 2021 16:30:46 GMT
5d4b6918ba53c75bacf90c3e9a55021e.js
www.gstatic.com/mysidia/ Frame 7BB1 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 08:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 07:44:44 GMT
server
sffe
age
579060
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10833
x-xss-protection
0
expires
Wed, 19 May 2021 08:13:02 GMT
truncated
/ Frame 7BB1 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a785e674d7e0a971efb769521d506914d875c0cbb461fbf0ee92885725ef03d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn1.gstatic.com/ Frame 7BB1 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRW0yyjzlxSAeMd_Ke7SJSvPkzg6KZ29S_6KH8zX4siCQFu_HTjsPv41xFg7vw&usqp=CAI
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
225f1d3c8ef3ad281981d0a97a78e980272a364d6634475ad7a4d436d4335991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 06:47:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Nov 2020 15:55:24 GMT
server
sffe
age
65783
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12270
x-xss-protection
0
expires
Thu, 24 Feb 2022 06:47:39 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 7BB1 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTpjInaFMfaiZL_akSU-C9GJIMOzmgiU2nfw0donex85LnpeOKUhfVHxJepyAc&usqp=CAI
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7696124925bd07390cafa25241637b03b5196e2836814096257a5ec1943dd2f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 04:56:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Jan 2021 09:15:01 GMT
server
sffe
age
72430
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15347
x-xss-protection
0
expires
Thu, 24 Feb 2022 04:56:52 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 7BB1 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTwhPdgs8BokZXa3Q1kItwJIy8YIO9eE-GrfMDpUJHwed5j1hGMs9k3_pho3Q&usqp=CAI
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4bd1e48a5e330510d3c0404d8ef1c3a22e0e85831706f14ef40b83a527af973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 11:55:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Nov 2020 13:35:00 GMT
server
sffe
age
133705
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11528
x-xss-protection
0
expires
Wed, 23 Feb 2022 11:55:37 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 7BB1 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSo87ncePgi9mpnG2RVok3yC5GP3hUKLHmJEFRhx4mTK4Juv9chXi4TMWDTrjo&usqp=CAI
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b01899f50e18195305c045a5b7c8906d72b242654c4354b8123c26f4893a41f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 16:37:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Dec 2020 14:25:21 GMT
server
sffe
age
116793
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18539
x-xss-protection
0
expires
Wed, 23 Feb 2022 16:37:29 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 7BB1 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQznOdbzsD3aMHPPxLG8HIxtuMn0OKcUvPCLjOrFjZuxwMGJ1Q&usqp=CAI
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cdad65d851eba5a65749011714e3609508c7cdc03fdb82fa3d82adbd1261c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 19:41:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Sep 2020 09:33:23 GMT
server
sffe
age
537733
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11797
x-xss-protection
0
expires
Fri, 18 Feb 2022 19:41:49 GMT
VideoPlayer.aspx
arsiv.sahadan.com/VideoPlayer/ Frame B57E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) / ASP.NET
Resource Hash
315dd41edb3f2beff3bd3b5a34420d739ffaa72c5f34cd904c96b2321eb093f5

Request headers

Host
arsiv.sahadan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
am_cookie_test=true; ad-rup=false; __gads=ID=a7db4e6e4878d378-22b18ea595ba00e8:T=1614215041:S=ALNI_May9suczugn15EfSPL49Dxo2JkNnA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://arsiv.sahadan.com/Default.aspx

Response headers

Server
CCAcc (1.0.1/nvm-ists3)
Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
4401
Connection
keep-alive
Cache-Control
public, max-age=60
Content-Encoding
gzip
Expires
Thu, 25 Feb 2021 01:04:59 GMT
Last-Modified
Thu, 25 Feb 2021 01:03:59 GMT
Vary
Accept-Encoding
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
sloc
593
s
83
MIDDLE-X-US
EXPIRED
X-US
EXPIRED
get.ashx
go.admost.com/adx/ 		23 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=18833&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
haproxy-go
Var
s:go917;cs:cp:cache_z_18833_neq_TR_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame CE81 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.sahadan.com/Default.aspx
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://arsiv.sahadan.com/Default.aspx

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Wed, 24 Feb 2021 20:23:22 GMT
expires
Thu, 24 Feb 2022 20:23:22 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16840
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7BB1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3538ceb908900f3e0251ac7df9a269c89375805075a265bafa1603277eec4966

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 7BB1 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2deb82c585f891ba79a0cc6e27caf804cd5308c9fc91f5487549d64f3bb84b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 09:31:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:36 GMT
server
sffe
age
487937
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14516
x-xss-protection
0
expires
Sat, 19 Feb 2022 09:31:45 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame CE81 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 15:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
35965
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Thu, 24 Feb 2022 15:04:37 GMT
get.ashx
go.admost.com/adx/ 		276 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=18830&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
4bc67de1555474f459fa4e6e8368fef2e7a0c286e190fa57dcaa974ec7a34087

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
haproxy-go
Pbk
431712-287985-18830
Var
s:go601;cd:5;r:>431712-287985-18830-0;cs:cp:cache_z_18830_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
276
Expires
-1
container.html
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F37A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.sahadan.com/Default.aspx
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://arsiv.sahadan.com/Default.aspx

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Thu, 25 Feb 2021 01:04:01 GMT
expires
Fri, 25 Feb 2022 01:04:01 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame F37A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 01:01:37 GMT
server
ESF
date
Thu, 25 Feb 2021 01:04:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Feb 2021 01:04:02 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame F37A 		2 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 00:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 00:21:11 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F37A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZfNkgfc2YOG6PIfO7_UP0qeXuATJ6ODKYf-lt9_pDdvZHhABILqX7R5g-4GAgIgKoAGjucWZA8gBBuACAKgDAcgDmwSqBNwBT9CjE8f2blMU7IgyBsPaGLILvdbzP_4zyWfdoq1Ca3-vOphUeTtfxDCNXtgUuvmepQ3qClPZKC99C49OjNW9_9Mov1EC6D-aWAUcgC34JYhl_h_GzP-n9-My--ftdOvuauuS1TDNOiW-uQ71XKtqyzyXIBQt7SHpJYkwmj5N2RlRWCMPMmRWn_p9VuA3-scp_6BhhD3IIP8DReQoXJINetJ_UyvMOj96VxwUbj_9rAP2HQ-8B5xlxVZHii_e-_gEEzpGM5_yhR9Esdtsbnw19Rd4n1B_0FACj-3bvsAEvJTN07QD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB8XGumaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQlaUC0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDyAsB2BMNshcaChgIABIUcHViLTU2MTA2NDkxNDY2NzQzMDY&sigh=-oUG5JvxwbA&template_id=492&tpd=AGWhJmt1ysi8bZ_EKFQx9VwZ_uKSAEuGUKY15HHE-VcmgzuPoA
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/ Frame F37A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/abg_lite_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
326b9524fd6295565871de3f0cbd08993794c17160f1b41183cd329e5a90f021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 00:12:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
17098042556881059079
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 00:12:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame F37A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/window_focus_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 00:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 00:15:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F37A 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613997191106504"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame F37A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 23:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Mar 2021 23:55:44 GMT
l
www.google.com/ads/measurement/ Frame F37A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMlmRIKGCZI01p7RVvqVhWIA59PID9tL4d-8t7J4-tf09jh286UpU0SqM9Nu4XVvegxyTnTiMXg2imWohAvAOC9DhwbA
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
5d4b6918ba53c75bacf90c3e9a55021e.js
www.gstatic.com/mysidia/ Frame F37A 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 08:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 07:44:44 GMT
server
sffe
age
579060
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10833
x-xss-protection
0
expires
Wed, 19 May 2021 08:13:02 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4344793016916730002/ Frame F37A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4344793016916730002/downsize_200k_v1?w=400&h=209
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c363b77b4a6206becfa06b7d182164857306a462908df61b6261bae945364933
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 03:32:54 GMT
x-content-type-options
nosniff
age
77468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19429
x-xss-protection
0
last-modified
Tue, 23 Feb 2021 16:18:51 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Feb 2022 03:32:54 GMT
truncated
/ Frame F37A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 350F 		1 KB
967 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 24 Feb 2021 15:30:58 GMT
expires
Thu, 25 Feb 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
34384
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F37A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5044b6e36ff73e85bfcdcd0b70121e5eb38952b01db8cd7da9cffa0865506eb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F37A 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 05:52:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
501088
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sat, 19 Feb 2022 05:52:34 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F37A 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 04:25:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
506303
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 19 Feb 2022 04:25:39 GMT
spor_toto_300x250.png
admost-banner.b-cdn.net/admost/4/2017/6/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admost-banner.b-cdn.net/admost/4/2017/6/spor_toto_300x250.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-193.datapacket.com
Software
BunnyCDN-DE1-601 /
Resource Hash
7a565165ca0829f25db3e0ef1f0e1cd206cea1630a1fdf928b5f654b71ea1272

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
x-downloadsize
52222
cdn-edgestorageid
722
x-bo-processingtime
9
cdn-cachedat
2021-02-04 11:09:02
cdn-pullzone
178422
content-length
10968
x-bo-server
DE-95
last-modified
Thu, 04 Feb 2021 10:09:02 GMT
server
BunnyCDN-DE1-601
cdn-requestpullcode
206
x-bo-origindownloadtime
129
content-type
image/webp
cdn-cache
HIT
cdn-uid
79355934-3932-41c0-9817-733cc0c4d7a6
cache-control
public, max-age=2592000
x-bo-compressionratio
79%
cdn-requestid
ed9701117eda34e8562350419810382f
accept-ranges
bytes
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
get.ashx
go.admost.com/adx/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=46728&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
89c7dbdea66a586f18c3f355a2fb0a7fad3cb0f44e984431b71c497cebf55e4b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
haproxy-go
Pbk
473074-328646-46728
Var
s:go602;c:1;e:-9223372036;hc:0;r:>473074-328646-46728-0;cs:cp:cache_z_46728_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
1704
Expires
-1
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 350F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHyxFQy9JpD72fbWGsdO7qg&google_cver=1&google_push=AQvitUKQXiN8Rwvyentci7qgBJRBWZeh6ZOEanCuzHfDiB1oYxh-7pRkz39ciG2UIVv8cxYI9baQR4JIiXz0QmdMGR16Y25z8ac
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzczMzA4NDE5MTcwNjg4MjIyNA==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHyxFQy9JpD72fbWGsdO7qg&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHyxFQy9JpD72fbWGsdO7qg&google_cver=1
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEHyxFQy9JpD72fbWGsdO7qg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 350F
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEGPdfW7IAUWSYhBrBEHfA8c&google_cver=1&google_push=AQvitUIxUos76IJfwsfOxqpGoteHieKphOiwTqrnPedNPyr7BlvOH0BYUHvYVGTWeCmlPjB1BzUOYlPuQ_ut9FjSFNybEY6ndac
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=T0pWcVJMamJCME81cGpyOWdfYzJZQQ%3D%3D&google_push=AQvitUIxUos76IJfwsfOxqpGoteHieKphOiwTqrnPedNPyr7BlvOH0BYUHvYVGTWeCmlPjB1BzUOYlPuQ_ut9...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=T0pWcVJMamJCME81cGpyOWdfYzJZQQ%3D%3D&google_push=AQvitUIxUos76IJfwsfOxqpGoteHieKphOiwTqrnPedNPyr7BlvOH0BYUHvYVGTWeCmlPjB1BzUOYlPuQ_ut9FjSFNybEY6ndac
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=T0pWcVJMamJCME81cGpyOWdfYzJZQQ%3D%3D&google_push=AQvitUIxUos76IJfwsfOxqpGoteHieKphOiwTqrnPedNPyr7BlvOH0BYUHvYVGTWeCmlPjB1BzUOYlPuQ_ut9FjSFNybEY6ndac
date
Thu, 25 Feb 2021 01:04:03 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
242
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 350F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENkd49XU5ufE5hI5gFvQ7pw&google_cver=1&google_push=AQvitUJtRnR4YvjIn8Od0y8x2hCnYRO7O1nML1To1h53PaxdevNQt6TNd_RRC1lBnsSzlA6AurU4UyT7GnX_vDEr7pSm...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENkd49XU5ufE5hI5gFvQ7pw&google_cver=1&google_push=AQvitUJtRnR4YvjIn8Od0y8x2hCnYRO7O1nML1To1h53PaxdevNQt6TNd_RRC1lBnsSzlA6AurU4UyT7GnX_vD...
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=b7aff791-7047-4a80-a19e-126539806ef9&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJtRnR4YvjIn8Od0y8x2hCnYRO7O1nML1To1h53PaxdevNQt6TNd_RRC1lBnsSzlA6AurU4UyT7GnX_vDEr7pSmcQNhV2s&google_hm=rLkEqd1zTt-vjZes6XTkog==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJtRnR4YvjIn8Od0y8x2hCnYRO7O1nML1To1h53PaxdevNQt6TNd_RRC1lBnsSzlA6AurU4UyT7GnX_vDEr7pSmcQNhV2s&google_hm=rLkEqd1zTt-vjZes6XTkog==
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJtRnR4YvjIn8Od0y8x2hCnYRO7O1nML1To1h53PaxdevNQt6TNd_RRC1lBnsSzlA6AurU4UyT7GnX_vDEr7pSmcQNhV2s&google_hm=rLkEqd1zTt-vjZes6XTkog==
date
Thu, 25 Feb 2021 01:04:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 350F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEafhIAgBFSuHptc09CsHWM&google_cver=1&google_push=AQvitUL3K8IZcYG1TR15oG129-xugdSyKiY6Zq2JoGin5fq9jJejNypEQl9Jsp2iht7BXSH36VdWi8NN...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEafhIAgBFSuHptc09CsHWM&google_cver=1&google_push=AQvitUL3K8IZcYG1TR15oG129-xugdSyKiY6Zq2JoGin5fq9jJejNypEQl9Jsp2iht7BXSH36Vd...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU1MDg2MDQzMDcwNzM4OTA&google_push=AQvitUL3K8IZcYG1TR15oG129-xugdSyKiY6Zq2JoGin5fq9jJejNypEQl9Jsp2iht7BXSH36VdWi8NNa...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU1MDg2MDQzMDcwNzM4OTA&google_push=AQvitUL3K8IZcYG1TR15oG129-xugdSyKiY6Zq2JoGin5fq9jJejNypEQl9Jsp2iht7BXSH36VdWi8NNavtL_M-qeUVUFBoL7Es
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU1MDg2MDQzMDcwNzM4OTA&google_push=AQvitUL3K8IZcYG1TR15oG129-xugdSyKiY6Zq2JoGin5fq9jJejNypEQl9Jsp2iht7BXSH36VdWi8NNavtL_M-qeUVUFBoL7Es
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 350F
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKe8bI-jwA7a8kcSH_gHB60&google_cver=1&google_push=AQvitUJGa617hLKtMMk28cHAmDx01JiO4y64J0eZT9-w0NLRH2v1CPq-O_Uf-DwJPF-O-2p_U7tM2BJtbAYu7ucKYGI_azMLBA
  • https://rtb.openx.net/sync/dds?google_gid=CAESEKe8bI-jwA7a8kcSH_gHB60&google_cver=1&google_push=AQvitUJGa617hLKtMMk28cHAmDx01JiO4y64J0eZT9-w0NLRH2v1CPq-O_Uf-DwJPF-O-2p_U7tM2BJtbAYu7ucKYGI_azMLBA&ox...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJGa617hLKtMMk28cHAmDx01JiO4y64J0eZT9-w0NLRH2v1CPq-O_Uf-DwJPF-O-2p_U7tM2BJtbAYu7ucKYGI_azMLBA&google_hm=7mqO5jXpycYFRVLQG4_2ww==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJGa617hLKtMMk28cHAmDx01JiO4y64J0eZT9-w0NLRH2v1CPq-O_Uf-DwJPF-O-2p_U7tM2BJtbAYu7ucKYGI_azMLBA&google_hm=7mqO5jXpycYFRVLQG4_2ww==
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJGa617hLKtMMk28cHAmDx01JiO4y64J0eZT9-w0NLRH2v1CPq-O_Uf-DwJPF-O-2p_U7tM2BJtbAYu7ucKYGI_azMLBA&google_hm=7mqO5jXpycYFRVLQG4_2ww==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
ul66djobdufmkqsfqrleut4v3o8h174e
pixel
cm.g.doubleclick.net/ Frame 350F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJEdpn6vUZU34iPZZWXvViw&google_cver=1&google_push=AQvitUJ6ahWBZKzToYuCMZ6NeXnhk_nRjfTQGmsKJGO5UYwuQFyn--AkmSh9mCSB1ZKujx0WeP6...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLNVlJOE4tMUYtRzRCNw==&google_push=AQvitUJ6ahWBZKzToYuCMZ6NeXnhk_nRjfTQGmsKJGO5UYwuQFyn--AkmSh9mCSB1ZKujx0WeP6Uf21qOwFdyLzKwic01_caaQ
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLNVlJOE4tMUYtRzRCNw==&google_push=AQvitUJ6ahWBZKzToYuCMZ6NeXnhk_nRjfTQGmsKJGO5UYwuQFyn--AkmSh9mCSB1ZKujx0WeP6Uf21qOwFdyLzKwic01_caaQ
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xLNVlJOE4tMUYtRzRCNw==&google_push=AQvitUJ6ahWBZKzToYuCMZ6NeXnhk_nRjfTQGmsKJGO5UYwuQFyn--AkmSh9mCSB1ZKujx0WeP6Uf21qOwFdyLzKwic01_caaQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
sync
dsp.adkernel.com/ Frame 350F 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKi_g8xh9n16q0I_4_fWef0&google_cver=1&google_push=AQvitUIhw6JptbEtLowzLuKn3ybLIZV7soiNrduGf0ueMXhGxTOCnwiPzNNYClDF39RUUxkW2EQV6z-g1dVL5HL9-z_REpHfxQ4
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
attr
cm.g.doubleclick.net/pixel/ Frame 350F 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4utWdsas2KjxZ2KTitjBZ1TrxTiOMuoY2cHGFByTzGf_PF2ppZwRsow6RkIq_zwbmCCkt
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
docs.min.css
js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/ Frame B57E 		59 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/docs.min.css
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
212.102.38.47 Prague, Czech Republic, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-212-102-38-47.cdn77.com
Software
MerlinCDN /
Resource Hash
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Via
HTTP/1.1 Merlin CDN
X-Content-Type-Options
nosniff
Age
22327
grace
none
Transfer-Encoding
chunked
X-Cache
CMISS_02
P3P
CP= CAO PSA OUR
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Allow
GET, HEAD, POST
Server
MerlinCDN
X-Midtier
de-fra-dp-s01
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge
cz-prg-dp-s04
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
healthy
none
X-Age
0
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
X-VCT
0.000
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame B57E 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 13:35:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
41293
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33621
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 24 Feb 2022 13:35:49 GMT
beacon.js
sb.scorecardresearch.com/ Frame B57E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sb.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Fri, 26 Feb 2021 01:04:02 GMT
gstream.js
str.hit.gemius.pl/ Frame B57E 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://str.hit.gemius.pl/gstream.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
149.202.204.241 , France, ASN16276 (OVH, FR),
Reverse DNS
lt1n.host.hit.gemius.pl
Software
GHC /
Resource Hash
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Feb 2021 13:31:51 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
8037
Expires
Thu, 25 Feb 2021 13:04:02 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B57E 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Length
114825
X-XSS-Protection
0
Expires
Thu, 25 Feb 2021 01:04:02 GMT
docs.min.js
js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/ Frame B57E 		967 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
212.102.38.47 Prague, Czech Republic, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-212-102-38-47.cdn77.com
Software
MerlinCDN /
Resource Hash
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Via
HTTP/1.1 Merlin CDN
X-Content-Type-Options
nosniff
Age
22327
grace
none
Transfer-Encoding
chunked
X-Cache
CMISS_01
P3P
CP= CAO PSA OUR
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Allow
GET, HEAD, POST
Server
MerlinCDN
X-Midtier
de-fra-dp-s01
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge
cz-prg-dp-s04
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
healthy
none
X-Age
0
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
X-VCT
0.000
videojs-dock.js
is.cdn.md/i4/Js/ Frame B57E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/videojs-dock.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2016 09:38:40 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"5f2740967e20d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Sat, 27 Mar 2021 01:04:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 30C3 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021801&jk=2450206661664796&bg=!wMOlw4DNAAXB_3NtwTsAKQB2-DxaXkabczK6QBV_1PAdv_IcJKzd8QBenlXfOm6tzVWz4sMr5QjKAgAAAGpSAAAADmgBBwoAtVMSgxHBrGYLndDgp_wOPmyV8aI1Y4bKLJI6vh320ibAqOhg_uKMyvgmg_3dCcgp8hoetSGNnFjx4anwbEe0sp2U6JpH69zbFMHUxh1TN-JNL3BSSUvJDXXIqNtDLWed0G6QLluAlWdp7fC9rvjN-YRihWkLJH2qv9BFS7XoAtmDjyAJD2Jg3L-eFprmgy7FOVxFEnFaNgsNmbYzjyvCMfdMUKWPlKyWTLWbuJ3kwSM_ETY11iaZAgWmZbaFZubc99j7YmgwhGFTz_raFTI6cFGn-_VWPo-NM5tr-j-OWblgjE5Pt1xwj4X8m81BAEycbTzC3UxWoxXa--L1nIx6sLBU-VxVthqQxVHVQB8wxe_paogH20trYmm_zqBKiwK4JfwY3Sf6CmOU_YhKnFvrMtlspM2pdAiQgjloLSWE-hxAUKw3N_odFx1QYx30xNLzhyxrV0hZQoPaqB8LKMW72XPvBsE0iG6foHcBJUsWFM_OCB_nlt4i__EQSnT7THpvvJ8CCGrmElkl1nX1wY1IpCe01QGbGvOU8VZ4wdPnwNID4Ns32-xEXByLhRm4_jzQGTFPK74I38XkAxTNjYmgq4ngEAG9_wLH8lbDy3IS4LY3Dom14zu7cTHbYv89bblmxzqWEnVhqSavtsmNsHlmaaDBpX4SeA-uaoGhK3mYCFocu8Jqn9FLqDNM2Qh2VIjnpYr145qdfx715rhvVlUDgYsbrMJnK3qnxyuGUENG-r5O0yq-x2fSL0SSflYToLqc6wW7y9cv1X8WAW4MhL599ta0giFmV6ElOrAEcxvxyX6hXhEPhps7Ce48DXB8XP7dvox6vp-GMMkm296VSBqVQXJkSp59NP49vlVARazuiY5vFNE3XBSAy5LL3xD6ut7h8-Ew2hNtFaywOPgS-hWEqUmkqTpKRkCMPo9Fkd8U
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792916708875566&correlator=2586222566860409&output=ldjh&impl=fifs&eid=21068891&vrg=2021021801&ptt=17&sc=0&sfv=1-0-37&ecs=20210225&iu_parts=90851098%2Carsiv.sahadan.com%2Cleft_sky_kule_banner_homepage%2Cright_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=160x600%7C120x600%2C120x600%7C160x600&cust_params=nativebox_site%3Dsahadan.com&cookie=ID%3D3a110f5bf1dfdc62%3AT%3D1614215041%3AS%3DALNI_MYCXBwqDPuc3XfGul0sFQT2MUYFvg&bc=23&abxe=1&lmt=1614214838&dt=1614215042504&dlt=1614215040801&idt=820&frm=20&biw=1600&bih=1200&oid=3&adxs=150%2C1290&adys=0%2C0&adks=521210170%2C276959177&ucis=5%7C6&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=160x-1%7C120x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=511863345.1614215042&ga_sid=1614215042&ga_hid=1873858915&fws=512%2C512&ohw=0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f5fd41da0b9b4ab5d2b6ccd6b35756a31d248f93b2d75451d7a03b8f15ccaa79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7640
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&time=1614215042508&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&random_number=13958504584&sess_cookie=dd0a2c3e177d6b6d5cc2fd740a6&sess_cookie_flag=1&user_cookie=dd0a2c3e177d6b6d5cc2fd740a6&user_cookie_flag=1&dynamic=false&domain=sahadan.com&account=Nf8Kg1awO700GA&jsv=20130128&user_lang=en-US
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-91.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 04:37:10 GMT
Via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
73612
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
pYy19kiSj_a5Hx4Rd1POWoD6PlxkHtQXonCVvEP8XFW7s40NruewHw==
test.png
a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net/
Redirect Chain
  • http://cloudfront-labs.amazonaws.com/x.png
  • http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
  • http://a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net/test.png
58 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net/test.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
99.86.106.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-106-220.lhr61.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:03 GMT
Via
1.1 c43c90722e6d0ba1fca990016c4bdb33.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
VQSqRv4kEKtHOZwcN3siKvsO7H75MVMCAvDmgFedrnmlUmancP3a5A==
Expires
Thu, 25 Feb 2021 01:04:03 GMT

Redirect headers

Access-Control-Allow-Origin
*
Date
Thu, 25 Feb 2021 01:04:03 GMT
Server
Server
Connection
keep-alive
Content-Length
0
Location
http://a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net/test.png
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4923
date
Wed, 24 Feb 2021 23:41:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 25 Feb 2021 01:41:59 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
footer-bg2.png
is.cdn.md/i4/Img/index/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/footer-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
1dbe5850f671cf92fe1d7b55226a830fbe4daba614bf6c6ceeca9e236326930f

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Last-Modified
Thu, 25 Apr 2013 11:13:08 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"ebbbdcdda541ce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1781
Expires
Sat, 27 Mar 2021 01:04:02 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3686
date
Thu, 25 Feb 2021 00:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 25 Feb 2021 02:02:36 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1860419511&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sah...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1860419511&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sa...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=511863345.1614215042&jid=1774894661&_v=5.7.2&z=1860419511
35 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=511863345.1614215042&jid=1774894661&_v=5.7.2&z=1860419511
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Feb 2021 01:04:02 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=511863345.1614215042&jid=1774894661&_v=5.7.2&z=1860419511
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
xgemius.js
gatr.hit.gemius.pl/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gatr.hit.gemius.pl/xgemius.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
149.202.204.241 , France, ASN16276 (OVH, FR),
Reverse DNS
lt1n.host.hit.gemius.pl
Software
GHC /
Resource Hash
3a4c8caa846989335bb766aa47986b54cec64b02c254f8565b157944abfd803a

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Feb 2021 13:31:51 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
10549
Expires
Thu, 25 Feb 2021 13:04:02 GMT
beacon.js
b.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
23.32.238.123 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Fri, 26 Feb 2021 01:04:02 GMT
collect
www.google-analytics.com/j/ 		4 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1873858915&t=pageview&_s=1&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=140208355.511863345.1614215042.1614215042.1614215042.1&_utmz=140208355.1614215043.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1614215042558&_u=IQBCAEABAAAAAC~&jid=1016939043&gjid=61543509&cid=511863345.1614215042&tid=UA-241588-1&_gid=1385260425.1614215043&_r=1&_slc=1&z=373086349
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-241588-1&cid=511863345.1614215042&jid=1016939043&gjid=61543509&_gid=1385260425.1614215043&_u=IQBCAEAAAAAAAC~&z=874391318
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Feb 2021 01:04:02 GMT
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1614215042600&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1614215042600&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3...
0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1614215042600&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c9=&cs_ak_ss=1
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1614215042600&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
get.ashx
go.admost.com/adx/ 		23 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=21376&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
haproxy-go
Var
s:go602;c:1;e:49;hc:2
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
fpdata.js
gatr.hit.gemius.pl/_sslredir/
Redirect Chain
  • http://gatr.hit.gemius.pl/fpdata.js?href=arsiv.sahadan.com
  • https://gatr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.sahadan.com
280 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gatr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.sahadan.com
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
149.202.204.241 , France, ASN16276 (OVH, FR),
Reverse DNS
lt1n.host.hit.gemius.pl
Software
GHC /
Resource Hash
7c29dde99a5cc35a344410a3ce27720771f5db7e9c9500ad13c2632ad0f2f6fe

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
280
expires
Sat, 27 Mar 2021 01:04:02 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
GHC
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Location
https://gatr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.sahadan.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
0
Expires
Wed, 24 Feb 2021 01:04:02 GMT
gemiuslib.js
str.hit.gemius.pl/ Frame B57E 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://str.hit.gemius.pl/gemiuslib.js
Requested by
Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gstream.js
Protocol
HTTP/1.1
Server
149.202.204.241 , France, ASN16276 (OVH, FR),
Reverse DNS
lt1n.host.hit.gemius.pl
Software
GHC /
Resource Hash
3ef707fc4a3c01523d30510ce8a91d224e4b80d31be2fd7b18ceee18fb5c437b

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Feb 2021 13:31:51 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
10199
Expires
Thu, 25 Feb 2021 13:04:02 GMT
truncated
/ Frame B57E 		1 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
http://arsiv.sahadan.com
Referer
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/docs.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
fpdata.js
str.hit.gemius.pl/_sslredir/ Frame B57E
Redirect Chain
  • http://str.hit.gemius.pl/fpdata.js?href=arsiv.sahadan.com
  • https://str.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.sahadan.com
280 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://str.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.sahadan.com
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
149.202.204.241 , France, ASN16276 (OVH, FR),
Reverse DNS
lt1n.host.hit.gemius.pl
Software
GHC /
Resource Hash
25b388799be1e0baf241fc436af58dd88050bd30a269416998cc3824cfe89d4d

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
280
expires
Sat, 27 Mar 2021 01:04:02 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
GHC
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Location
https://str.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.sahadan.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
0
Expires
Wed, 24 Feb 2021 01:04:02 GMT
get.ashx
go.admost.com/adx/ 		23 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=46731&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
haproxy-go
Var
s:go602;cs:cp:cache_z_46731_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
analytics.js
www.google-analytics.com/ Frame B57E 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3686
date
Thu, 25 Feb 2021 00:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 25 Feb 2021 02:02:36 GMT
truncated
/ Frame B57E 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Origin
http://arsiv.sahadan.com
Referer
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/docs.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
4ntyndkdnjis11lozhjs2lxet_2400000.mp4
daznplayervod.daznservices.com/ePlayer2/20210223/ Frame B57E 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://daznplayervod.daznservices.com/ePlayer2/20210223/4ntyndkdnjis11lozhjs2lxet_2400000.mp4
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Last-Modified
Tue, 23 Feb 2021 07:10:58 GMT
Server
AmazonS3
x-amz-request-id
E8EDD9AE2AFF45A9
ETag
"7e7b7dc92da71cf3a6197448f6fe33ed-19"
Content-Type
video/mp4
Content-Range
bytes 0-97008493/97008494
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97008494
x-amz-id-2
xuRd3KSJOZKH0xCgA1M5y+5hd5Ps2HAOGM2TiuJCn6Co1VkayX0YzJcYlz1kAgbFtfDxanHSD/A=
bridge3.443.0_tr.html
imasdk.googleapis.com/js/core/ Frame 415A 		576 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.443.0_tr.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e1a3612973131193b2f4a5bbd3f8cd75ad4327ef867d4c049a82551a24b9e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Host
imasdk.googleapis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa

Response headers

Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Content-Length
192770
Date
Wed, 24 Feb 2021 22:46:49 GMT
Expires
Thu, 24 Feb 2022 22:46:49 GMT
Last-Modified
Thu, 18 Feb 2021 19:24:29 GMT
X-Content-Type-Options
nosniff
Server
sffe
X-XSS-Protection
0
Cache-Control
public, max-age=31536000
Age
8233
client.js
s0.2mdn.net/instream/video/ Frame B57E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:02 GMT
sahadan_lqes0l6n04vl1o98gwpixrcvk.png
images.performgroup.com/di/library/eplayer3_user_guide/94/76/ Frame B57E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.performgroup.com/di/library/eplayer3_user_guide/94/76/sahadan_lqes0l6n04vl1o98gwpixrcvk.png?h=28
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
23.36.237.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-237-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d0faca785be135eeeaee5cd2ba681e5ababa983819df716a01acfe8c67f26e5

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
Last-Modified
Tue, 23 Feb 2021 14:11:30 GMT
Server
Apache
ETag
"131c-5bc017eafe880"
Content-Type
image/png
X-Server-Id
62ff5c2cd20855624be087e9eecfdb9ec2d414af
Cache-Control
max-age=81625
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4892
Expires
Thu, 25 Feb 2021 23:44:27 GMT
get.ashx
go.admost.com/adx/ 		23 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=29753&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:02 GMT
Server
haproxy-go
Var
s:go601;c:1;e:55;hc:1
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
collect
www.google-analytics.com/j/ Frame B57E 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1701093306&t=event&_s=1&dl=http%3A%2F%2Farsiv.sahadan.com%2FVideoPlayer%2FVideoPlayer.aspx%3Fid%3D10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v%26autoplay%3Dtrue%26showads%3Dtrue%26page%3Danasayfa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=640x360&je=0&ec=Videos&ea=play&el=4ntyndkdnjis11lozhjs2lxet&_utma=140208355.511863345.1614215042.1614215042.1614215042.1&_utmz=140208355.1614215043.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1614215042832&_u=AACCAEABAAAAAC~&jid=&gjid=&cid=511863345.1614215042&tid=UA-241588-1&_gid=1385260425.1614215043&_slc=1&z=266224062
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
rexdot.js
gatr.hit.gemius.pl/__/_sslredir/_1614215042836/
Redirect Chain
  • http://gatr.hit.gemius.pl/_1614215042836/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Farsiv.sahad...
  • https://gatr.hit.gemius.pl/_sslredir/_1614215042836/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2F...
  • https://gatr.hit.gemius.pl/__/_sslredir/_1614215042836/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F...
169 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gatr.hit.gemius.pl/__/_sslredir/_1614215042836/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=W_t2afSL4tAC8y38CMcUb3sX5KjE.ldxZnMq4Fk6.yv.v7&vis=1
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
149.202.204.241 , France, ASN16276 (OVH, FR),
Reverse DNS
lt1n.host.hit.gemius.pl
Software
GHC /
Resource Hash
54367e5eec0fd6ee471508ed35b3024c28458d766164d942d34ca9f98000d5fb

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Wed, 24 Feb 2021 01:04:02 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:02 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_sslredir/_1614215042836/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=W_t2afSL4tAC8y38CMcUb3sX5KjE.ldxZnMq4Fk6.yv.v7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Wed, 24 Feb 2021 01:04:02 GMT
85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
cdn.dimml.io/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/static/85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8853e974d661a5636217c397d87dd0c3c3c67390b67f0924136430125ea8e933

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Thu, 25 Feb 2021 01:04:02 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
X-77-NZT-Ray
3Z0qkMVd+v8=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
AcO1rywoSeDvSQEAAA==
Server
CDN77-Turbo
ETag
W/"be1da9f087b3"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=1800
X-Age
329
Expires
Thu, 25 Feb 2021 01:28:33 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5B05 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 00:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2648
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:19:54 GMT
container.html
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4B26 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.sahadan.com/Default.aspx
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://arsiv.sahadan.com/Default.aspx

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Thu, 25 Feb 2021 01:04:01 GMT
expires
Fri, 25 Feb 2022 01:04:01 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B0DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.sahadan.com/Default.aspx
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://arsiv.sahadan.com/Default.aspx

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Thu, 25 Feb 2021 01:04:01 GMT
expires
Fri, 25 Feb 2022 01:04:01 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get.ashx
go.admost.com/adx/ 		23 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=26436&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:03 GMT
Server
haproxy-go
Var
s:go602;c:1;e:5;hc:2
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
adview
securepubads.g.doubleclick.net/pagead/ Frame 4B26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEW_rgvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPcBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV9jwr8pBoJ7mMHlxNLKarbjoPuAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoD-gsCCAGADAGyFxgKFhIUcHViLTU2MTA2NDkxNDY2NzQzMDY&sigh=7LA3sMYK2RI&tpd=AGWhJmsRDR-XfHuHKQaIJDKQORxgxxIzkiskQfgPZJg9Du6urg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 4B26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g9h41667g996ywpnsjtkqnbb4s2c6q006ccrkbc4ssxsqqetwjaymfphc2rkzpz7j4vr4zfbcnrw7g29g7tgtp6r1btv605v951hpt5zqen5wd7a19cd2nek6hsk78kmwre3n11es9159d1xzrw5d8wrz423jev4ksyhdd83jwwbqetbs8jbn8eabmq9c1w3kxva2bs0481248ptdk7y18xq10jb56byt6vnv5g9ax8gx9sj6x6d400eya09skh5r0j0v76kechyhfv3ztd8fqr6vnbce4mvm2ft42110m8k5vwgpgvkr2zsarv614m903c0eazm2eaczxk0rqk1kk4x9r5kb7ddfx1p6604cksxj6h1xf2kcxrh1z51nx3agnqcthmb3b42x7m&b=YDb3ggAIZocIu_KYAANJaaOyGL9VfBg0d3X6Vw
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 Feb 2021 01:04:02 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame 6DA3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47357d6e339920f745e1e8ba4057b1e8f978b12db2e560086352ae9d677c4dd8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d85560b6a6c1002923a2c1716035261551614215042; expires=Sat, 27-Mar-21 01:04:02 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-q4sz
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08784fefa400004e2c9d874000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
626d8292ad664e2c-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame 4B26 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/window_focus_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 00:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 00:15:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4590 		1 KB
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 24 Feb 2021 03:14:09 GMT
expires
Thu, 25 Feb 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
78593
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B26 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613997191106504"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame 4B26 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 23:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Mar 2021 23:55:44 GMT
l
www.google.com/ads/measurement/ Frame 4B26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSm4WYJUENZyhtu3cI9IOt5FD5K5FGtzuTFfBoO6H8xR9WlF7-O5-O3kjdjCKKvGO3tPh3DT3bWG72GSFE0EvQPI-ErA
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 4B26 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 17:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27474
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Feb 2022 17:26:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B0DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_u8Lgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPgBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTt0sOZmN1Y5glTr9-oU50lAvFrgBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA_oLAggBgAwBshcYChYSFHB1Yi01NjEwNjQ5MTQ2Njc0MzA2&sigh=LPp3STRc_L8&tpd=AGWhJmvTygGHNk-8QqiELrxtMIkF-0bfrz9tVExtGWamkEXlBA
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame B0DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jk5j6f92g800bzvhfm5s51n7w0pgns8kftq0yxb83ty6ddrhms9ymm0bnv8fhgb4chpp05ztwz0yp32ajkcjhvx3xn4yhx8nt5najgfvszbb1kcxvj5gysedyr36rmce3mf0bytms9pb00fb7c6gy1xd7e8m5e2bw5mxfh4fdj0w0at9zcehjaxm3xetrmb7k2fwp19mpfdcxxg37y601es3xczxhdxxage66kr2krmw51dep2dgjrwbjqz65r2m58rrq9848hkfhy3yqjm48qrde38c6rmnjhq14natcsjwyye1mc3hktnh24t0f60hnvgxn8k4b1vt3yjhpkmmne9q3y7g7pbtwvc2zax5f4r43tppexy7gz01c5sm52772h7mk9av6g6t797&b=YDb3ggAIZogIu_KYAANJaa_sAculPsknKRcxCA
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 Feb 2021 01:04:02 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame 640E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a027e14dcfb5a4bac0cd306898b25edc13bed508836bb47c1cb6aab94b0c420
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d85560b6a6c1002923a2c1716035261551614215042; expires=Sat, 27-Mar-21 01:04:02 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-q4sz
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08784fefa400004e2c9206b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
626d8292ad684e2c-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame B0DE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/window_focus_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 00:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 00:15:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BF5F 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 24 Feb 2021 03:14:09 GMT
expires
Thu, 25 Feb 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
78593
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0DE 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1613997191106504"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33369
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame B0DE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 23:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Mar 2021 23:55:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame B0DE 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 17:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27474
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Feb 2022 17:26:08 GMT
pixel
cm.g.doubleclick.net/ Frame 4590
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOm1aFoj917YuuNpGsVMkKQ&google_push=AQvitUIh_36DIqUYlvmm9J4demXG5C-jiyg8BvZS908bgwXwcGObp82a8W...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOm1aFoj917YuuNpGsVMkKQ&google_push=AQvitUIh_36DIqUYlvmm9J4demXG5C-jiyg8BvZS908bgwXwcGObp82a8W3T-6E3lRqFv1jbAgzcO2jEt4DDXFpwPKUlZ1u6RbY
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1614215043.058711,VS0,VE89
x-served-by
cache-hhn4077-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOm1aFoj917YuuNpGsVMkKQ&google_push=AQvitUIh_36DIqUYlvmm9J4demXG5C-jiyg8BvZS908bgwXwcGObp82a8W3T-6E3lRqFv1jbAgzcO2jEt4DDXFpwPKUlZ1u6RbY
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 4590
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEE2vjJAqEIIOPnJ-NJ10BSM&google_cver=1&google_push=AQvitULmcc1x9e9tFwDsBgs8gX4ZE-Ze2ABtqFngaUm5RUHq9pnf4kT7oPPM3O4-lypEEBvyHLlkIDnNDCzrjxfQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=URZTRH2MSj6feYhbDK8KXA2&google_push=AQvitULmcc1x9e9tFwDsBgs8gX4ZE-Ze2ABtqFngaUm5RUHq9pnf4kT7oPPM3O4-lypEEBvyHLlkIDnNDCzrjxfQhDrae3msVek
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=URZTRH2MSj6feYhbDK8KXA2&google_push=AQvitULmcc1x9e9tFwDsBgs8gX4ZE-Ze2ABtqFngaUm5RUHq9pnf4kT7oPPM3O4-lypEEBvyHLlkIDnNDCzrjxfQhDrae3msVek
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 Feb 2021 01:04:03 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=URZTRH2MSj6feYhbDK8KXA2&google_push=AQvitULmcc1x9e9tFwDsBgs8gX4ZE-Ze2ABtqFngaUm5RUHq9pnf4kT7oPPM3O4-lypEEBvyHLlkIDnNDCzrjxfQhDrae3msVek
x-host
tde-deliveryengine-production-696dcd98bd-s6vps
alt-svc
clear
content-length
0
match
um.wbtrk.net/doubleclick/user/ Frame 4590 		0
0
pixel
cm.g.doubleclick.net/ Frame 4590
Redirect Chain
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEI6qUVLrx37svXYojaGrQBQ&google_cver=1&google_push=AQvitUIBTA4z2oYMlI8JmJnbYWouzv1F5-C2z6w9J4C3s2sdbm-DodALkEnJ4L-fCBtkIuE9BYtJzpXwf07gQWtCAutd...
  • https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEI6qUVLrx37svXYojaGrQBQ&google_cver=1&google_push=AQvitUIBTA4z2oYMlI8JmJnbYWouzv1F5-C2z6w9J4C3s2sdbm-DodALkEnJ4L-fCBtkIuE9BYtJzpXwf07gQWtCAutd9Yg...
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUIBTA4z2oYMlI8JmJnbYWouzv1F5-C2z6w9J4C3s2sdbm-DodALkEnJ4L-fCBtkIuE9BYtJzpXwf07gQWtCAutd9YgB-JM
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUIBTA4z2oYMlI8JmJnbYWouzv1F5-C2z6w9J4C3s2sdbm-DodALkEnJ4L-fCBtkIuE9BYtJzpXwf07gQWtCAutd9YgB-JM
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 Feb 2021 01:04:03 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUIBTA4z2oYMlI8JmJnbYWouzv1F5-C2z6w9J4C3s2sdbm-DodALkEnJ4L-fCBtkIuE9BYtJzpXwf07gQWtCAutd9YgB-JM
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 4590 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEHwWkDoCL0y-tbOU4TKOWfM&google_cver=1&google_push=AQvitUIXTEfz8pif5u6uL-rn9NSQQTozXeBMdM0qJsWTA1P71JFiLQepft2_ZVp9lPMlzYKqGfzOaKU4O0cbZZp88HIIAzUbFw
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 26 Feb 2021 01:04:02 GMT
google
d5p.de17a.com/cookies/ Frame 4590 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESELa1emtdd0jh39xuofFs1Js&google_cver=1&google_push=AQvitUJC-ClJCNUWLzcKzHM2GHyo4afRpbDXNyybMTQOLG2Wfj06qIIvY5ylmOJdzOpbtUgn2to-y7blC1amyeC1Jqw1ZeKf6Q
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.182 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-182.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4590
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEON03xqluzHynbK5BV-qv6g&google_cver=1&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYs...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEON03xqluzHynbK5BV-qv6g&google_cver=1&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYs...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEON03xqluzHynbK5BV-qv6g&google_cver=1&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSP...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEON03xqluzHynbK5BV-qv6g&google_cver=1&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSP...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1OWQ2NzI5ZC03NzA1LTExZWItYWI3My0wNmZkY2RhZDU2OTA%3D&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYsy7cSujUuUA...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1OWQ2NzI5ZC03NzA1LTExZWItYWI3My0wNmZkY2RhZDU2OTA%3D&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYsy7cSujUuUAd9FkMm2xiSfCgcnaJTlZ6YTUR3pFswKak
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 25 Feb 2021 01:04:03 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA1OWQ2NzI5ZC03NzA1LTExZWItYWI3My0wNmZkY2RhZDU2OTA%3D&google_push=AQvitUJBdXMWd04nRxt65Eg9lU54mNf9zH-yAJF4Jiil_Tf6QnmLSPYsy7cSujUuUAd9FkMm2xiSfCgcnaJTlZ6YTUR3pFswKak
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4590 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JANsN_h6t-xMn1k0ynsmSMXp_69PVcYPgW1ZCOM8pGyG6beD_aMyavz0jV3-_f9XJ4pWJEHw
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cm
a.rfihub.com/ Frame BF5F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEP03GXuK5vNUCRyVGWXuTW8&google_cver=1&google_push=AQvitULdriwZU9MAgZbavuTBorFrF2TmxIlHabuvwJik__PGtKOvzBHpDXZO43PkR9lmUZPOxsLNBInB4Bp7ksDGI9rm7m8...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitULdriwZU9MAgZbavuTBorFrF2TmxIlHabuvwJik__PGtKOvzBHpDXZO43PkR9lmUZPOxsLNBInB4Bp7ksDGI9rm7m8rndhj&google_hm=NjUwMTMyODg...
  • https://a.rfihub.com/cm?pub=445&google_error=5
42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&google_error=5
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache
Server
Jetty(9.0.6.v20130930)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BF5F
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEGPdfW7IAUWSYhBrBEHfA8c&google_cver=1&google_push=AQvitUKI9lPqDETyp_-SxQnlQBlZOC-xr-FRZEiU2VkfpdYXmkOY-MiuUAsE-73H1oSs-yucLCogUDKWyF6eIJoCutjWFrvws70x
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Z1hYTGoxSzJCZ0d6ZUpKWmdfYzJZQQ%3D%3D&google_push=AQvitUKI9lPqDETyp_-SxQnlQBlZOC-xr-FRZEiU2VkfpdYXmkOY-MiuUAsE-73H1oSs-yucLCogUDKWyF6eI...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Z1hYTGoxSzJCZ0d6ZUpKWmdfYzJZQQ%3D%3D&google_push=AQvitUKI9lPqDETyp_-SxQnlQBlZOC-xr-FRZEiU2VkfpdYXmkOY-MiuUAsE-73H1oSs-yucLCogUDKWyF6eIJoCutjWFrvws70x
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Z1hYTGoxSzJCZ0d6ZUpKWmdfYzJZQQ%3D%3D&google_push=AQvitUKI9lPqDETyp_-SxQnlQBlZOC-xr-FRZEiU2VkfpdYXmkOY-MiuUAsE-73H1oSs-yucLCogUDKWyF6eIJoCutjWFrvws70x
date
Thu, 25 Feb 2021 01:04:03 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
dot.gif
s0.2mdn.net/ Frame BF5F 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEHwWkDoCL0y-tbOU4TKOWfM&google_cver=1&google_push=AQvitULgmJvWvgYvD8g3607woaJUds8W8p1Z0yKnHVhhfaI5I0tTDbWbsIIiaf89JoE8ouE9hl0BXmFoozxFYYjiTXnBcaKn60yU
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 26 Feb 2021 01:04:02 GMT
google
d5p.de17a.com/cookies/ Frame BF5F 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESELa1emtdd0jh39xuofFs1Js&google_cver=1&google_push=AQvitUKFFAnLYURx7QSvM6YOqEIk3llG4VAk6Hhmz1sFihB8ayqSxp_Tk0rL_AHrWR78R1ELlfCCSxG8CNCLWhNJVB0os5AsOM8B
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.182 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-182.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame BF5F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDYdj0GzHFuYVwtSvKbqoYk&google_cver=1&google_push=AQvitUJ50l3BqskCFhtpn-DyyqkHpXxRBmS-1uvkdN0MPa0t2Z5t2Sr7H8mz4Y6kzV9afg6SgED1o5ybW3PZNcp_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUJ50l3BqskCFhtpn-DyyqkHpXxRBmS-1uvkdN0MPa0t2Z5t2Sr7H8mz4Y6kzV9afg6SgED1o5ybW3PZNcp_lGrUOmf1YxkB
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUJ50l3BqskCFhtpn-DyyqkHpXxRBmS-1uvkdN0MPa0t2Z5t2Sr7H8mz4Y6kzV9afg6SgED1o5ybW3PZNcp_lGrUOmf1YxkB
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 25 Feb 2021 01:04:03 GMT
via
1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUJ50l3BqskCFhtpn-DyyqkHpXxRBmS-1uvkdN0MPa0t2Z5t2Sr7H8mz4Y6kzV9afg6SgED1o5ybW3PZNcp_lGrUOmf1YxkB
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
shXAQZ1lfOOsDtxSv3EnWOFafwgKarNWC1mcUYsac3kQFJmLNqLp6g==
pixel
cm.g.doubleclick.net/ Frame BF5F
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECZsS7a8DcpoibxBIueDTWQ&google_cver=1&google_push=AQvitUKzELVFJWTCJK4n-2_F9g6LS-j9otfqf56UE5UgLb6H69KAY6s-eBQpRyKu7xdCvQn8tEAb1PRmg_RIBHlsv4dm1th-8kZ7
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_push=AQvitUKzELVFJWTCJK4n-2_F9g6LS-j9otfqf56UE5UgLb6H69KAY6s-eBQpRyKu7xdCvQn8tEAb1PRmg_RIBHlsv4dm1th-8kZ7&google_hm=MjU3MjE2NjQzMjExMDY4Mj...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_push=AQvitUKzELVFJWTCJK4n-2_F9g6LS-j9otfqf56UE5UgLb6H69KAY6s-eBQpRyKu7xdCvQn8tEAb1PRmg_RIBHlsv4dm1th-8kZ7&google_hm=MjU3MjE2NjQzMjExMDY4MjAwMFYxMA%3d%3d&mn_hm=MjU3MjE2NjQzMjExMDY4MjAwMFYxMA%3d%3d&google_sc=1
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:03 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_push=AQvitUKzELVFJWTCJK4n-2_F9g6LS-j9otfqf56UE5UgLb6H69KAY6s-eBQpRyKu7xdCvQn8tEAb1PRmg_RIBHlsv4dm1th-8kZ7&google_hm=MjU3MjE2NjQzMjExMDY4MjAwMFYxMA%3d%3d&mn_hm=MjU3MjE2NjQzMjExMDY4MjAwMFYxMA%3d%3d&google_sc=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Thu, 25 Feb 2021 01:04:03 GMT
/
cc.adingo.jp/adx/push/ Frame BF5F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEFj8CsQUOSMtOg1ET3QvWmI&google_cver=1&google_push=AQvitULqvS2wj1QsylHRIKlsxKcSRjeYa7vbvCkjfMkTzFEjdd_Ss8X2Hp10deOuPlwnsIftyG-9kufB6ddlT2xvz0O1_-IQbCus
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.184.38 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-184-38.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame BF5F 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHTZ1PMtetjgfyYLJP3pMOwXOrX4FXoSlbndOz_M416oQzR8uv8sGj8AOHQVIhu8XRZZU4
Requested by
Host: 146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
URL: https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 4B26 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbe25dbd7d8df6c46cd4382d0243d69da63629075e5552a9b265f831b9bbfb07

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B0DE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae31769399ff3e58b923d8bd0e2339336f58a454be48d2893486b6f6d59eab11

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
get.ashx
go.admost.com/adx/ 		23 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/get.ashx?z=51258&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.36559297744935915
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:03 GMT
Server
haproxy-go
Var
s:go602;cs:cp:cache_z_51258_neq_TR_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
default.css
ad4m.at/0.1.115-311/style/one-ad/ Frame 640E 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.115-311/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9dd320c3e45d56b82c75bb5e7e1e4673b0f572cf82fabab546cd8ad45b9aa7

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=uO3vHA==, md5=wYqPbYhDoJehhW68X6i81g==
date
Thu, 25 Feb 2021 01:04:03 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
208675
x-guploader-uploadid
ABg5-Uy4zCKF51_MvVemV7OPFrLCNcAbeZEJRZf892EBHqh3CUi-bSBlfD_OfHMHrk-s5UGD-hMNUdJquuksb0p5vYT0D1I2QQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6666
cf-request-id
08784feff900004e2cb3168000000001
last-modified
Mon, 22 Feb 2021 15:05:07 GMT
server
cloudflare
etag
"c18a8f6d8843a097a1856ebc5fa8bcd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mjoki38Dk5e9l2GpAfXeby3OgoXPmDka83S9Hjibiq3VoP%2Fu7L5%2BUlV0XPyNSR3QCG3B0LcPUbs3o8t1NSMiZ6xRG8DLN05RI9d0mOuJtpzzHQfr"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1614006307921530
content-type
text/css
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6666
accept-ranges
bytes
cf-ray
626d82932dd34e2c-FRA
expires
Tue, 22 Feb 2022 15:06:08 GMT
r62eglto.js
ad4m.at/ Frame 640E 		66 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b1b67c191484190066785f309435ba62626a9a8610ca341622145f02ea1ee1

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=rXZqVA==, md5=FrZXw5nGazXqpqqENJYM1A==
date
Thu, 25 Feb 2021 01:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
62967
cf-polished
origSize=67981
x-guploader-uploadid
ABg5-UzdpunNSsmLRoNI9jGn6Z9yd8_icrbqDBb_HTskxD0X1TAC86-JgfoUr_aGsjicdi7dz-QAHigoGFT5U2McnPE0Vnbjiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08784feff900004e2c9830f000000001
last-modified
Mon, 08 Feb 2021 16:48:30 GMT
server
cloudflare
etag
W/"16b657c399c66b35eaa6aa8434960cd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LoXOMsu8XzKR6%2BAkPXLlOoXy5jLU%2F1EmPbP9a%2FnCk8jIA6R0SaLsiiY9IsC6IKqLvoQt%2Bk3scrBWVRKhPmoEjDvXVUiCi2mvMDaNJVZ8o1Ik6%2FAc"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1612802910147617
content-type
application/javascript; charset=utf-8
expires
Wed, 24 Feb 2021 07:34:36 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
15609
cf-ray
626d82932dd44e2c-FRA
cf-bgj
minify
default.css
ad4m.at/0.1.115-311/style/one-ad/ Frame 6DA3 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.115-311/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9dd320c3e45d56b82c75bb5e7e1e4673b0f572cf82fabab546cd8ad45b9aa7

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=uO3vHA==, md5=wYqPbYhDoJehhW68X6i81g==
date
Thu, 25 Feb 2021 01:04:03 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
208675
x-guploader-uploadid
ABg5-Uy4zCKF51_MvVemV7OPFrLCNcAbeZEJRZf892EBHqh3CUi-bSBlfD_OfHMHrk-s5UGD-hMNUdJquuksb0p5vYT0D1I2QQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6666
cf-request-id
08784feff900004e2cca3d2000000001
last-modified
Mon, 22 Feb 2021 15:05:07 GMT
server
cloudflare
etag
"c18a8f6d8843a097a1856ebc5fa8bcd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fv37zfNf0lfmlEChnvj9ZmkKxAqWSTVOT%2FDCCzHR%2FI%2Foj3AyUtYK1d114oJl5EuPze6z1IuBmjvAzSsrzCDfEMHiyIJA9kRVwv%2FBn9Il9VQHddI0"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1614006307921530
content-type
text/css
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6666
accept-ranges
bytes
cf-ray
626d82932dd54e2c-FRA
expires
Tue, 22 Feb 2022 15:06:08 GMT
r62eglto.js
ad4m.at/ Frame 6DA3 		66 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b1b67c191484190066785f309435ba62626a9a8610ca341622145f02ea1ee1

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=rXZqVA==, md5=FrZXw5nGazXqpqqENJYM1A==
date
Thu, 25 Feb 2021 01:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
62967
cf-polished
origSize=67981
x-guploader-uploadid
ABg5-UzdpunNSsmLRoNI9jGn6Z9yd8_icrbqDBb_HTskxD0X1TAC86-JgfoUr_aGsjicdi7dz-QAHigoGFT5U2McnPE0Vnbjiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08784feff900004e2c86126000000001
last-modified
Mon, 08 Feb 2021 16:48:30 GMT
server
cloudflare
etag
W/"16b657c399c66b35eaa6aa8434960cd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vFmmiywI%2FvDqVU6QDb%2Bx%2FPX%2BSdecAM0nejpBskDYovf4pwOB9yiL8lg7V%2FhohH7HyRlXgggpvo1prax2uJNbFDNvjLv9wpYgWFGGdBOfgrQctjOZ"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1612802910147617
content-type
application/javascript; charset=utf-8
expires
Wed, 24 Feb 2021 07:34:36 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
15609
cf-ray
626d82932dd64e2c-FRA
cf-bgj
minify
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6DA3 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.115-311/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/0.1.115-311/style/one-ad/default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
791
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
08784ff02a00004e14adba9000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c0eEatPVvRyamy4ve6ODv%2BwrM5jIrroEB4CY61xj3YvorOmqqwTOk2GKk6Rz0O%2BUg535l2I%2FTyhwP06yEuST3w23C1MMtcOvlPD%2BN9ZoNWHmkFJg%2BIHhJzNg4HSJ1PqE6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
626d82937a9d4e14-FRA
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 640E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.115-311/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/0.1.115-311/style/one-ad/default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
791
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
08784ff02b00004e14cf26d000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J0IHaYZr51UHU5qmL3h1kQ5QpedfX8n9bFOpfDn9BQK2WiJ%2FXW9JyMe%2B96TFhD8vE8VIt19LfSvhIOut5tmh2i2re54aPp5MHGPKi9nXr1M5t4FY5XaoK3jLlzGKzPfUqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
626d82937aa04e14-FRA
frame.html
ad4m.at/ Frame 9680 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
content-type
text/html
set-cookie
__cfduid=d8a93d5d14a886b13f517d02817be01b51614215043; expires=Sat, 27-Mar-21 01:04:03 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid
ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires
Thu, 25 Feb 2021 02:04:03 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
754175
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
08784ff01900004e2cd81cd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=14dVmr%2BFlANFTvdFu4pq%2BRaXU2PZXh7U44HeWkIt%2F8Tl7m%2F1BKhNwrTeYe%2BFjMKOlWZXb%2BBtCkRUrXqEWj%2FD%2F8%2BTasi7bIy91pu%2FHZ1TdKAOtypU"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
626d82935e0b4e2c-FRA
content-encoding
br
frame.html
ad4m.at/ Frame B79F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
content-type
text/html
set-cookie
__cfduid=d4c746ebaf9fcfc32f01edbb018ace3451614215043; expires=Sat, 27-Mar-21 01:04:03 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid
ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires
Thu, 25 Feb 2021 02:04:03 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
754175
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
08784ff01a00004e2cc9a89000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fEfkGsyrvjpY41cmiN1crll4venxnjGDySAG6V%2FzoFN2vuXw8YkL4pVHIs2JQ7qN5kVmzBItIOa2iXox%2FqDoIGFxml8PxVwzZAu0vZp9zVNNe9Ya"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
626d82935e0e4e2c-FRA
content-encoding
br
frame.html
ad4mat.net/ Frame 258C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
content-type
text/html
set-cookie
__cfduid=d58da84ea950bde81afd53bde4c61df0a1614215043; expires=Sat, 27-Mar-21 01:04:03 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
cf-cache-status
DYNAMIC
cf-request-id
08784ff03400004e14f6a6a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aNW%2F82hWIodgpJwWpETG9n6AtKunOSnFACmzfKABMnhf%2FsaBnBpzZLTHwO%2FtzLUxGd4fKge1R07yWnwpC%2FqQpgws2FS1OnIrcnPkMm5CJZ%2FeNmNz5ZSq"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
626d82938aa84e14-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
frame.html
ad4mat.net/ Frame 6FEC 		1 KB
919 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
content-type
text/html
set-cookie
__cfduid=d58da84ea950bde81afd53bde4c61df0a1614215043; expires=Sat, 27-Mar-21 01:04:03 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
cf-cache-status
DYNAMIC
cf-request-id
08784ff03500004e14d934b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P1EijxIQQVVeF6YHmJMQsw1RpeoMGHbeqdkvaKKRTVBKL7ciONIM5ic37vjF161mLikRv37ZRVO%2BElxvEtT9bx3D2crqgSbk3aoLu5%2BFZLlZNOa%2Bwpqw"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
626d82938aa94e14-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
baltar.dimml.io/flow/tvkl/ 		0
283 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baltar.dimml.io/flow/tvkl/85444b226f71dc04e1928aeaa1129042d3a9ccc1.js?clientId=2&dom=arsiv.sahadan.com&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&gemius_sent_once=1
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
63.32.135.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-135-125.eu-west-1.compute.amazonaws.com
Software
dimml-2.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:02 GMT
X-DimML-Version
2.2 vH8ffFv9
Server
dimml-2.2
Vary
*
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7822ee40c649c72903d67fa4d1b6700b8db991600b050275d5cbf455bad27439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Feb 2021 01:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6455
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7BB1 		42 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9uvpcxAVauB6GKBJl3Xx00U9kIwkfCaZ--VEvvclQuR332iQU5vEQLrf3DWXDNQe7-komLsq7uPLAYP3INIW8YUg4Ef0j3yUVlu5LKfMALFSbBcrzd6LWEGOmfQ&sai=AMfl-YTWmaRHsBWOYyBK6wYW2Qkl4ljaspBpZrclno-sx3zU2KqBndZooFB7AYTDfPd2rSs8eLl62ziGIDZG13TlHJ1kMi63DWlJhR_1bVk-Sf5W8Li_cJdokvlq-RkeY4xf&sig=Cg0ArKJSzN4hZndlD6sEEAE&cid=CAASPeRoGyxOezDjPs9og28YbG_VKyVqK3B6vYfDS_F47k7tWEoFNQVMB1S1JUax2-nfA_sYid5ZDtFPzBY0Ixw&id=osdim&mcvt=1001&p=127,310,377,1290&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210222&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3980191189&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1614215042091&dlt=36&rpt=154&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 25 Feb 2021 01:04:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame CC85 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.sahadan.com/Default.aspx
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://arsiv.sahadan.com/Default.aspx

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Wed, 24 Feb 2021 20:23:22 GMT
expires
Thu, 24 Feb 2022 20:23:22 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16841
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame CC85 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 15:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
35966
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Thu, 24 Feb 2022 15:04:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F37A 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrfYEieqYQXQR5ZUsN1ZICbkX9E6wspfZ29LgOir1hokOoCG2NIlUJ50Co02osvjwPSKlVZuBjMowmK9zgoHZz1xoXsqeCdZGKg7ozHf3WnMFZKlP0QrLsO823Uw&sai=AMfl-YTraYzKLeOB6U3u89I_atitKm-nVh5OZ4svws0zcmz9eY8Xeasw-yjOI9O9zOl_ej63yEe3WnYbB2pR2hLJblraNA5_xOL7QU0Fqlqg9Owpt4pFYXUBO80EoIc&sig=Cg0ArKJSzHa96lOHVQTjEAE&cid=CAASF-RoguiRNTQxkhuOU5KIy3tYlejXYJ_d&id=osdim&mcvt=1008&p=388,974,638,1274&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20210222&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1287029852&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614215042301&dlt=9&rpt=2&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021801&jk=2792916708875566&bg=!6Oul66jNAAXB_3NtwTsAKQB2-Dxafkw7Kc5Mo84Ppc_gW6DGSGjSz2x6-4MDDdf2jzSddeGCHW7SAgAAAD9SAAAADWgBBwoBs4y_1OLv1Jwwzdo4NB-KLL-1UBH8C0FJj5tig3lI07X0lvJTrt1n3Lcr4e2ypjCShdrhi9l5rBbNVStXstQAWdKaBuO1tpUJNGRdQyRNZn1ED2qDdZzujC9xrBAi8vcawBlyjm3zt9Hfi7MpyG0wD-X-XKP9TI2Yut7CeG_WZNfkD4ggfRTTJfeQoOQ80qbe0A7OuZuLeUYu8CiiJM4sEU-SLwD4H4rsdwivyZslboxMB4mZAt8uLaubDWGJEuUeuAj9uIuq7XK0Hg25_HjHzyQC9efthocxYZO20F8dlt9PwM9ZrXe7eWpCYQA9hwlZW9KVLqqv1XD23LrKn6jjcuGIuSXYYpAZ0h51Wo9dvKGur9OpyEUReRz0KB3GloMvQ6DC8TIVDMaXcCITlG8l6Whr1MXq_jp_m5T8eF5A3CkYEri8RLkPnwocgyVCcGNYOWAf3Y8ekcjnN5U09SswA-EnfTr7U7MoqCQwE36bTSjL4PJNHSUZh5W5WhnFfCPBjVdyO7kyvYbyccqUUf7XGxuI9SGpOCUUr3iUa-yLK5gxkEggXyL6iDhZan7yo9WgzN2Pm5kBw4VxJJaLKUG30DZu-pOET3QENvDhDE8QDuKJy2RcXTTCMaOXHPkiYv8iOUw6FPXLRBwCedw9mB0DNlzcNGexmi4cxAe_xpg7RkeJ9VUw-1bP-NXCRjjhxjh87CK6JrjfgCwoqtBrRIxFeJfu1i-ZbGPCmjbLtkidlcT84j_9V4BNepUZ5uLXH_mu3SRdCwV7Y245lCZOFKi0D0PhPk5sABxJbns71OdltG0yDBlzLycA6KaXgkXGgojoTuNPOGZTqH1uKwQvndqhJ6a7cbrUimN3iC4jOtF9ySoomyTkXGshS5OfYGKA-7xwd6OsWglZJ4vQ9ZHtAbLc5zBc3Cfb7URkSEnR5DsQn08H837k0wsoAOSLf9B4ChQ9MhXW5bmudcPfFJ_Li-nRGrXp6H7QPgryuX7YnfsrkYahN6Glm9tcqIpk5VtS-EXk9XYzL3Z5Bt7ZNZWtl6ho804wkAOVOGxzn9CHJVVVlxpmRWGVeXlavbNUPBmH0XCVO5UOLkqW9oZd9cGAy1DjH0tYMJP6iFU3gkABvbrc2sTYRGEaIdEcih-8K5lN8rSrxM4twA7LVMfOVqviZSd4HJB3QoGnUSCi5NM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1873858915&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.511863345.1614215042.1614215042.1614215042.1&_utmz=140208355.1614215043.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=KQBCAEABAAAAAC~&jid=863513129&gjid=1277088235&cid=511863345.1614215042&tid=UA-241588-1&_gid=1385260425.1614215043&_r=1&z=666310415
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-241588-1&cid=511863345.1614215042&jid=863513129&gjid=1277088235&_gid=1385260425.1614215043&_u=KQBCAEABAAAAAC~&z=204932327
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Feb 2021 01:04:03 GMT
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B26 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukzL-hCQicBn-IdJkMeh8egkRSZQQ_PTVqbaCP846eK9jVzlO8u95ZN09SQ3yp2ICFkZlEFBWGe1f9kODguUbXcbWx7LteDQ&sig=Cg0ArKJSzDvN5LYeTCa3EAE&cid=CAASF-RoPV-DZi3QTmO4gzmnHX97MCpDHM63&id=osdim&mcvt=1000&p=0,150,600,270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210222&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=521210170&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1614215042929&dlt=17&rpt=1&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B0DE 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-ghVz-54w0UsIXo-J_F1Nckc9wCQh23evOyTJM7-AnsfiacDrZ9oVQjcUWhVv9SL28PMr9B-GIMnUuZOTt79xgEGPw6sI-g&sig=Cg0ArKJSzAVpVVNeVh4AEAE&cid=CAASF-RoNoO9eDbZMSoHRWd0TjJAQ5mZZ_UC&id=osdim&mcvt=1002&p=0,1290,600,1410&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210222&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=276959177&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1614215042930&dlt=21&rpt=0&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Feb 2021 01:04:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 6DA3 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9659e9ea455a8954eade8d3f335d7bafc411a8daae62fabb934c792716ab8926

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Feb 2021 01:04:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-ljv5
cf-request-id
08784ff84500004e2ce9a75000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BpOw5kRkHD1iFMMkl5nsqxP0lQfE%2Few9sG3Sa%2BZXS6KLdcxouqxJMiFyuhg%2BwnrEXJCS7gO%2FcGZKDMzVY05xKtYAF7WgGp8mazEkg%2Bq%2BL38rllha"}],"max_age":604800,"group":"cf-nel"}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
626d82a068024e2c-FRA
rs
ad4m.at/ Frame 640E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c6add0ff7f0b511713bf29abad0eb9163d6e0c4706f363489dcf3697b7f304

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Feb 2021 01:04:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-ljv5
cf-request-id
08784ff84f00004e2c81928000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ijOrNkeB4VIuNildF2UM9DwxwqVpI5C%2FJCUiHUHFYyJFX2jQbHq2HlNHPNkepnwYH%2FJZZL3Hyu0BZ5TShslQOsRhmkUZg46t7FwEGn5EBT5Upcsw"}],"max_age":604800,"group":"cf-nel"}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
626d82a0780f4e2c-FRA
rar
ad4m.at/ad/ Frame 44E3 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7a992b67e6290b9a7b9f149528fdb95bf0e2a01e346bbb131256b8f567564b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1kmfk1v3kfhp4k76dva568nw8z7r8jatvefsne7wzgkxp5yrkahe897q1fx7vex4a8jxp6k0k72jpxw7r53x69gsfh922g6w1g3z71yw3tcpbp0v0t25e3bpf6xsweban960b4syv138p6pht9bm9cnr3crnqc4qn3whvh5p3bybqte2kbabmww31vvg6rxjm7j7dwh8ffyea215pgbhph3dcbx9hzv8bn8kva371m8smg4nmyhb3kwtcxdpb188fhxj01sg08hyegrqnc0fektws4t4fg8gj8qhqbpb3w0t4dqkvnzs9qzacn4g3r1rp7hempm2zx67rrexrf9tb6r10mqybg8v7ebarms4tjzfn3rkg9nnw24r453yx5rnqg2c7bfnrs6p0xf7w8zy2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%26num%3D1%26sig%3DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%26client%3Dca-pub-5610649146674306%26adurl%3D

Response headers

date
Thu, 25 Feb 2021 01:04:05 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfe6ee76fc027b41608a4be49db846b561614215045; expires=Sat, 27-Mar-21 01:04:05 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-vkpc
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08784ff85b00004e2cab05b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
626d82a0981e4e2c-FRA
content-encoding
br
rar
ad4m.at/ad/ Frame 9D95 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e7b3332f73f2bfd2fd43021066a1e3dd086660797dfa20e3fee503895d21d0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1j4thp3pxfsr405hjhpace4tafnth7nyfd6bn9gjr1zgx96vd7qky44ke87cx3vc07ppspdg3w2fjk0xs8gp397qeq5z1c98q3nk2rvp78d2m73tmz655mfcpxve63m8fr9n5cbbxcfkstpff5zfhdfrr08qacaw96920nqgmgz4dfyt8n2evn0p1bhg675r86an261q26kwtd2r4wavdmncn90fg0y1vs6xvr47pn15aqhjfx5dzrmeq283st09dk7pg2hzv9mzmyfwnpv6de8ssb7fgz7n9h09wgdwg3krk5hyf51q8p7bx37qbxc0e3xqgy3vevs5qhfmwvvhn1p4bv601a4tzfj076av20qk94x82brdgjww3j1v7154dmjqn6e8seag77zvsse0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%26client%3Dca-pub-5610649146674306%26adurl%3D

Response headers

date
Thu, 25 Feb 2021 01:04:05 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da53da281b470b198a5152700668f61101614215045; expires=Sat, 27-Mar-21 01:04:05 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-q4sz
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08784ff86900004e2c9835b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
626d82a0a8354e2c-FRA
content-encoding
br
default.css
ad4m.at/0.1.115-311/style/one-ad/ Frame 44E3 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.115-311/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9dd320c3e45d56b82c75bb5e7e1e4673b0f572cf82fabab546cd8ad45b9aa7

Request headers

Referer
https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=uO3vHA==, md5=wYqPbYhDoJehhW68X6i81g==
date
Thu, 25 Feb 2021 01:04:05 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
208677
x-guploader-uploadid
ABg5-Uy4zCKF51_MvVemV7OPFrLCNcAbeZEJRZf892EBHqh3CUi-bSBlfD_OfHMHrk-s5UGD-hMNUdJquuksb0p5vYT0D1I2QQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6666
cf-request-id
08784ff87900004e2c9d8c5000000001
last-modified
Mon, 22 Feb 2021 15:05:07 GMT
server
cloudflare
etag
"c18a8f6d8843a097a1856ebc5fa8bcd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YinZuJTNAdW1VMRXrbIb3z1kGN8O1AI7tJioxZd%2FOC%2ByTu5aJrNqs4nPX%2BqS1r%2BI6zdPIgddHwGSYuRI%2Fpi4tJ4fonlmoRZrWjOFfcptgKlePhKX"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1614006307921530
content-type
text/css
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6666
accept-ranges
bytes
cf-ray
626d82a0c84a4e2c-FRA
expires
Tue, 22 Feb 2022 15:06:08 GMT
C3FBE2C6629EE146B07CF5D1013ADAD687B1DB7509126712CAAD4FF41BAFD2DB13DD58508A6B0CA7A02674A6BC9F37ED1F83F42B39762E45CDF4A439B83023F7_250_250
assets.ad4m.at/logo/ Frame 44E3 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FBE2C6629EE146B07CF5D1013ADAD687B1DB7509126712CAAD4FF41BAFD2DB13DD58508A6B0CA7A02674A6BC9F37ED1F83F42B39762E45CDF4A439B83023F7_250_250
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ad24f539fb63ecbeabb240c2f401599374a4836c9856b8d67f42a39bfcd4ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=sMtEsQ==, md5=gJ2EQ4tieSh2+GwJ85Yz+A==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6707
cf-polished
qual=85, origFmt=jpeg, origSize=10788
x-guploader-uploadid
ABg5-Uyy6vX9w9E7qB4DWix7hZyEiTmUZN2env2cKx_DLieWBvQjt_UwxYr4R3SotxdnHj2Lq1pTKW9XwCuOXGBoXrk
x-goog-meta-is_resized
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8452
cf-request-id
08784ff87a00004e2ca2a67000000001
last-modified
Mon, 21 Dec 2020 10:26:52 GMT
server
cloudflare
etag
"809d84438b62792876f86c09f39633f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jG9z9YOMyYryftlW7SvlkBfH5k7JER3BMy%2BK1oEG84%2BN7hHC8egv0OfL0zXq3YpN8lBD331GZQ%2FGySuhkPIjqviKEcSOJ8TqO58YFUvK4wo4Vi%2F6Z7gM5Gc4Zw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1608546412305018
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
10788
accept-ranges
bytes
cf-ray
626d82a0c84d4e2c-FRA
cf-bgj
imgq:85,h2pri
F6C6E58611A57E9F8935A27591CFF5DB127D5CB62856BE6CE26B205E2D5C8CACC2755744EAC64EEC77BAD994B4376AEA2D22B327185D4C6D97EB453D99743D6D
assets.ad4m.at/product_image/ Frame 44E3 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F6C6E58611A57E9F8935A27591CFF5DB127D5CB62856BE6CE26B205E2D5C8CACC2755744EAC64EEC77BAD994B4376AEA2D22B327185D4C6D97EB453D99743D6D
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f65885ef019a07d89718bc5fd77f70e8a15add5cd041f30fd9c11b9effcb2f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=QHr/iw==, md5=BUw517Gf9W6QDTRBuK/EuA==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
612536
cf-polished
origFmt=png, origSize=491474
x-guploader-uploadid
ABg5-UyGw7A4obIGUO8UKvuCzoJROOW1FfaM03vOhMZ64JFD4-M3yM4nuyE3xSn3sj5ejADbLzuX5WUGmS6ntA0x1P0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
233710
cf-request-id
08784ff87b00004e2c9aa08000000001
last-modified
Mon, 21 Dec 2020 10:47:43 GMT
server
cloudflare
etag
"054c39d7b19ff56e900d3441b8afc4b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GJepzwRtw85XL1a6e5dKhKkYL9g3y2AYy8F9r%2FjL7PY8h9vDymrxC4SATijbaJQTiDPUaULT%2Bsq78SNOmUZoNxoHcQ36ulBRXRdu7qr17zRQwagtIpsnWlaSlA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1608547663016221
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
491474
accept-ranges
bytes
cf-ray
626d82a0c84e4e2c-FRA
cf-bgj
imgq:85,h2pri
D974551F1763AEB68BEFEFE653594DAB5C0B8A2320562288740212F80EEC7B3D840558F0FB4CD5426E44ADDDA38DAD20861356F60DE06962F10FE2AA0E67CF6D_250_250
assets.ad4m.at/logo/ Frame 44E3 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D974551F1763AEB68BEFEFE653594DAB5C0B8A2320562288740212F80EEC7B3D840558F0FB4CD5426E44ADDDA38DAD20861356F60DE06962F10FE2AA0E67CF6D_250_250
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bf8fa24bf98e57fcd3148745d7519571ae86475f94a56839a34371df27d005

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=dJOzMQ==, md5=G3qyg6uy88gBxy2g3YBP2w==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1014490
cf-polished
origFmt=png, origSize=24080
x-guploader-uploadid
ABg5-UyGFPYKaF28ZghuoVpx8E6iPBVywSuFca0DPh9A_afeT5zamtBSgn6FG-vnxvqYpF66zhmZAy8UwBtE1Ow-g40
x-goog-meta-is_resized
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14224
cf-request-id
08784ff87c00004e2ceaaae000000001
last-modified
Mon, 06 Apr 2020 11:14:49 GMT
server
cloudflare
etag
"1b7ab283abb2f3c801c72da0dd804fdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xkRUk7kkf5NyZAgLZ%2BmmO1324UV70JJYlHNvymtvGEC1FWqRg29DylmqgHGu%2BMkAZnS9d7ilmHy6gCw7rq9AEhWC0ev8Tpy0romF9U1WuO50i%2FxAut6iaI74Cw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1586171689173628
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24080
accept-ranges
bytes
cf-ray
626d82a0c84f4e2c-FRA
cf-bgj
imgq:85,h2pri
6040821970749141EC52046A41A3CEA0F1B2B69E113B1C82C2CE9B0030773C766D2A4A4874F766FC21B720F65EDA0B7E481F6F0D2BC6C637538865E1C8F46FB1
assets.ad4m.at/ Frame 44E3 		396 KB
397 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/6040821970749141EC52046A41A3CEA0F1B2B69E113B1C82C2CE9B0030773C766D2A4A4874F766FC21B720F65EDA0B7E481F6F0D2BC6C637538865E1C8F46FB1
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeda99b21bcb434c11d6b5caac97be80dda168cda20677568439600bfe20c9f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=f0fXRQ==, md5=myq6zBgGQCpDMsCCM9iPIg==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
611158
cf-polished
origFmt=png, origSize=729486
x-guploader-uploadid
ABg5-UzTNXsDkHAT7oERcbXky4ZsUjHxs7yYLoG6QiW8IsN9WfRsi1A7htqe1hFZ0h_CxRppgJvCC46TbFHS9366mzc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
405228
cf-request-id
08784ff87c00004e2cc7313000000001
last-modified
Wed, 04 Mar 2020 13:18:13 GMT
server
cloudflare
etag
"9b2abacc1806402a4332c08233d88f22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C0fqwwXLoY1faJlamTU5fLAoHtNwJWdPDb89ifoy7LNHLGmyHrAU3RZmEiRbcS%2BCdMt2HaU1wEE0AYwH%2BVftS7oQ6Ue%2BwEPe%2FMuC6lZ2S6aTzW%2FJxn%2BVIHf7yw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1583327893698996
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
729486
accept-ranges
bytes
cf-ray
626d82a0c8504e2c-FRA
cf-bgj
imgq:85,h2pri
EDB59433191197F303CF79DE06274405FDE3BB813390AA1353C82C0539F2CD900B5ABC011922F25AA544CC563C245E2FF70B587FEB6A3F928F640FE41AF7C2F1_250_250
assets.ad4m.at/logo/ Frame 44E3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/EDB59433191197F303CF79DE06274405FDE3BB813390AA1353C82C0539F2CD900B5ABC011922F25AA544CC563C245E2FF70B587FEB6A3F928F640FE41AF7C2F1_250_250
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9427dac727d4a137edeeca6151c7e8248c1483dea302a8142dc3e943cdea5cc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=McWGJw==, md5=3QdNjZJDZrBaU9W7SkDqCA==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3626
cf-polished
qual=85, origFmt=jpeg, origSize=10151
x-guploader-uploadid
ABg5-Uy8OeHkIzps7XGEp6gFUuTyCc3b-OluF2xPyeSif9lgNUP_D7EY-6_Nk4c_4nY05a4drNrnqiyamHyDYVDnvlg
x-goog-meta-is_resized
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8890
cf-request-id
08784ff87c00004e2cadbf0000000001
last-modified
Wed, 13 May 2020 15:23:40 GMT
server
cloudflare
etag
"dd074d8d924366b05a53d5bb4a40ea08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mq0OyCLXSlmUw344JUFB8BjMirivWMM30DFlGbA3RweoiFg2vglSXtu5IBKWNG7np4BaWUNuB4neg516SzBshpfStNgjhzgCf3FM5tkxYUpFXL1WBVOaNFLczQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1589383420221436
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
10151
accept-ranges
bytes
cf-ray
626d82a0c8514e2c-FRA
cf-bgj
imgq:85,h2pri
02DFBBD1AEDCA3B06AB1D3E1EFB550D067C4F527E8B7A846084478B0FFAA01AC01FF4A8E0E869FF96999ACCD0DAFA1FEAE8AD3A7EDE772CB7296B7EF51DEFCB6
assets.ad4m.at/product_image/ Frame 44E3 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/02DFBBD1AEDCA3B06AB1D3E1EFB550D067C4F527E8B7A846084478B0FFAA01AC01FF4A8E0E869FF96999ACCD0DAFA1FEAE8AD3A7EDE772CB7296B7EF51DEFCB6
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a220cfb6b70408fd712575a46f380fc45dd9e517fe4a23bd31557a3468f299ea

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=RFCLxQ==, md5=7CImcgD5NLeWLehJjjWJCg==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
11575
cf-polished
qual=85, origFmt=jpeg, origSize=145979
x-guploader-uploadid
ABg5-UxPu03fh00xNBBFfK2DVzlPEEiTwpIPSWEmewGK7FesN_092OiIfSZdqUhZlyXvNy7QVpzT8n3i4QxOPn-yNg4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60058
cf-request-id
08784ff87c00004e2c949ad000000001
last-modified
Wed, 13 May 2020 15:20:06 GMT
server
cloudflare
etag
"ec22267200f934b7962de8498e35890a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w6TjAZo5p8KIHE3pzIoeDXjIsROcT1jHTnzlxg1VnExbYysYDGzB5S8O1i7euZD8G74UbvjAxJSksHKoUq40fEHDE0ri6vfGvbGhFRAH8fMsm6m2JTvbtBlAkw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1589383206699655
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
145979
accept-ranges
bytes
cf-ray
626d82a0c8524e2c-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.zenaps.com/ Frame 44E3
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2752469&v=21461&q=400969&r=412863&pv=1&pref3=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdp...
  • https://www.zenaps.com/cshow.php?pvr=5b2ed5f0-7705-11eb-975f-692d0f3afe45&v=21461&r=412863&q=400969&s=2752469&viewref3=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62...
43 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zenaps.com/cshow.php?pvr=5b2ed5f0-7705-11eb-975f-692d0f3afe45&v=21461&r=412863&q=400969&s=2752469&viewref3=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&pv=1&gdpr=0&gdpr_consent=
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 25 Feb 2021 01:04:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.zenaps.com/cshow.php?pvr=5b2ed5f0-7705-11eb-975f-692d0f3afe45&v=21461&r=412863&q=400969&s=2752469&viewref3=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&pv=1&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
/
ti.tradetracker.net/ Frame 44E3 		43 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti.tradetracker.net/?c=31977&amp%3Bm=1709097&amp%3Ba=296672&amp%3Br=&amp%3Bt=html&r=oneidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.162.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-162-235.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-tradetracker-warning
missing parameter output type
date
Thu, 25 Feb 2021 01:04:05 GMT
server
nginx
x-powered-by
PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1
p3p
CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://ti.tradetracker.net/public/w3c/p3p.xml"
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
cshow.php
www.zenaps.com/ Frame 44E3
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2403520&v=13112&q=365149&r=412863&pv=1&pref3=oneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr...
  • https://www.zenaps.com/cshow.php?pvr=5b30d1c0-7705-11eb-b15c-692d064d6d31&v=13112&r=412863&q=365149&s=2403520&viewref3=oneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_...
43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zenaps.com/cshow.php?pvr=5b30d1c0-7705-11eb-b15c-692d064d6d31&v=13112&r=412863&q=365149&s=2403520&viewref3=oneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&pv=1&gdpr=0&gdpr_consent=
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=65801%2C20864%2C24830&b=oneidzxbFRf8KFZeDQFpHBHMtqt9w7abtwTgB7oneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidP39uBfgYCpR4h9HjHbtMtKBrtbt9TPMjoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2Coneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneid8MVhDfrVTrkM4UgHJHEtqC4pqawtwT8JDoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidbWZTQfAKhkpPcYHbHzt8C1zZaetJT5WQoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidpAJS1fMdaj5YckH4HmtJC4M1sbtRTEXAoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=dfcf4991f30ab29d893dccc78231d45a%2F15954497340956761865&i=28911%2C27227%2C25006&j=16%2C18%2C16&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21gjq57v1g662grep6pcmezgf459087y3prp52e0cdpta36dfcb0rpa409vmmb5mjy88qgq4wx38zs7g5fba32qg000wek572em7c71xpqpptr6evj1s4we4h5md7tgywemh3ev8evpfq01amev4h9gsj6jf5qcb07s16y1ywgch95t41mrret2mg7pztezcp0fgjz6h97r70vmb9tch9j2ffqe6d68hmdmy1m5rgfyj6jywcze6pw0a26jw8cxsx9mma%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DC9CT2gvc2YIfNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPoBT9A2FEYGZvqBxX18TCftZ6Q7JXTqhSRxJ8HBSV1Tkwbv0_C8zfF4rWtIfTl51CIgmGtMZAH476n9dT0SLrOnafvdNl3pHNHyCQ-UZ93aneQMoQSvvWVNwsapktO0kb2PBcxvGL6Ovu3ai443ilVnQFQxxMhRWCRM62EtCVeqUphcdU13Ynu0iHAVf7BkKtCYSdeSnydxtjRXPn9f96MUJwzYp-pLTBc6SKsdGCvlt8DHfQuCS54THml-qTNHHqZntvWTi1ndkP_lTIEpcStAwKOKobZLsFjrUwvGjjQvru9y-P4eV5ryoliWdRmm-P5ygBqQEzjZJHTYLeAEAYAGjrWpzMPBjaHJAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB7CYsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAG4DAE%2526num%253D1%2526sig%253DAOD64_1NoHKe4F3unoCRHiemOoc7she_Iw%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Feb 2021 01:04:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 25 Feb 2021 01:04:05 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.zenaps.com/cshow.php?pvr=5b30d1c0-7705-11eb-b15c-692d064d6d31&v=13112&r=412863&q=365149&s=2403520&viewref3=oneid5kDSXfzqfKBZfpH7HMt3tbXqSbtVTV4xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&pv=1&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
default.css
ad4m.at/0.1.115-311/style/one-ad/ Frame 9D95 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.115-311/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9dd320c3e45d56b82c75bb5e7e1e4673b0f572cf82fabab546cd8ad45b9aa7

Request headers

Referer
https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=uO3vHA==, md5=wYqPbYhDoJehhW68X6i81g==
date
Thu, 25 Feb 2021 01:04:05 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
208677
x-guploader-uploadid
ABg5-Uy4zCKF51_MvVemV7OPFrLCNcAbeZEJRZf892EBHqh3CUi-bSBlfD_OfHMHrk-s5UGD-hMNUdJquuksb0p5vYT0D1I2QQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6666
cf-request-id
08784ff88600004e2c86175000000001
last-modified
Mon, 22 Feb 2021 15:05:07 GMT
server
cloudflare
etag
"c18a8f6d8843a097a1856ebc5fa8bcd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q1ISPCjhNB%2FTN9MMHjK%2B3Sw9kwRtYBbZM15S93l%2FJ9eXqVObkcCvouOhIiBUrlgG%2BLhpGlyrKyQkdqCbbgzqTC7Xdf0BlkGtZli%2Fe1XlwBG5AWzu"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1614006307921530
content-type
text/css
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6666
accept-ranges
bytes
cf-ray
626d82a0d85f4e2c-FRA
expires
Tue, 22 Feb 2022 15:06:08 GMT
F489CC9B0143DFEC6184D54B0314C1F75C88B936F71B3CAE0A01D8612C7C164AB0360A76E72FF8674F29F356156E8DAA103ACBA20C63F744237F86879776D48D_250_250
assets.ad4m.at/logo/ Frame 9D95 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F489CC9B0143DFEC6184D54B0314C1F75C88B936F71B3CAE0A01D8612C7C164AB0360A76E72FF8674F29F356156E8DAA103ACBA20C63F744237F86879776D48D_250_250
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa01e0378c77fd6a2f7c316bbb0fdf44697a828cb502dbc70bc83b30669b8305

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=AhhVbw==, md5=ZHadjkp2frgZYfu6q1qzSQ==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
613215
cf-polished
origFmt=png, origSize=2100
x-guploader-uploadid
ABg5-Uy2X3wsjNtwtTNht2dOxar8kVd-s78Wu9joQk7z-JLmbdP3K6txCY-neK-iO0kxhINzVgSs-TD4vxt6cEOCq-A
x-goog-meta-is_resized
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1114
cf-request-id
08784ff88600004e2c031be000000001
last-modified
Mon, 30 Nov 2020 10:13:52 GMT
server
cloudflare
etag
"64769d8e4a767eb81961fbbaab5ab349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CWSSaD3fDIzfmh9yOlIYsHkuG%2BxU1h69404Y7HPRam6cSffAzXDkJJGgGjqucXFpMHOrTDIvXVHWRH4EHiN4iUKDJz721ushRmTc8Rbqp7b5okPXKlSIG2qVcg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1606731232216736
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
2100
accept-ranges
bytes
cf-ray
626d82a0d8614e2c-FRA
cf-bgj
imgq:85,h2pri
F17332991844F5E271FC4A39D85E682E986DDE98F8D10B3473118DA63A05654284E292E9D9DD829B7512A0FBAE0B3AC1C034213F649D4E6BF49B018C3B6E5004
assets.ad4m.at/product_image/ Frame 9D95 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F17332991844F5E271FC4A39D85E682E986DDE98F8D10B3473118DA63A05654284E292E9D9DD829B7512A0FBAE0B3AC1C034213F649D4E6BF49B018C3B6E5004
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65a278b02d6e3b4e26b739d628c2992e4bf66f1c92316a15e9a301f706bef12

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=qBCyAA==, md5=99UmRTmMcvJ2Pkg1nq1KWw==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5461
cf-polished
origFmt=png, origSize=198830
x-guploader-uploadid
ABg5-Uy2tiTTXVK2wkctaX63-xkFiTn0WKvAgFGjD65hwq2NYAfE4knWt9fbTHtPenmDtN-xsTXrsipcVPNSy4wIuSg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
93234
cf-request-id
08784ff88900004e2ce9a79000000001
last-modified
Mon, 30 Nov 2020 14:21:45 GMT
server
cloudflare
etag
"f7d52645398c72f2763e48359ead4a5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oLYK5jMSxytvaznIAbfsOf4JYysF2AgawvJevCHWr2uGto6iHjSA3DsmZKu59lU0eFIEhz0Q1h1Fan773LedeJV0BXJPbblD5%2Fb5rtSrz9VWvadBA2tSfew8KQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1606746105344033
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
198830
accept-ranges
bytes
cf-ray
626d82a0d8634e2c-FRA
cf-bgj
imgq:85,h2pri
6DE6459E165F496479638E63C2E6CC958C16B8A7BF1A4ECFD67BE2D938F22C6E2AFD01E059071872B75E4E298185C7F08F5C1ACD08F105B25BE4596E7F0225C7_250_250
assets.ad4m.at/logo/ Frame 9D95 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/6DE6459E165F496479638E63C2E6CC958C16B8A7BF1A4ECFD67BE2D938F22C6E2AFD01E059071872B75E4E298185C7F08F5C1ACD08F105B25BE4596E7F0225C7_250_250
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
652f678df4bd639fb7bed101d221e2e7c2a81baeaf829981f57e13ddb3139779

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=6SbJsQ==, md5=d3wXGk/i1exp70NteVMY/w==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9850
cf-polished
qual=85, origFmt=jpeg, origSize=5285
x-guploader-uploadid
ABg5-Uw8SDTl0eTdxxIcc70O585I3pBY1SprXuKkRnXDvkmnOXxP_XrUw-TSw4DbxgVWrm9N_VDP0GaHA752bXe890GC3slorw
x-goog-meta-is_resized
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4090
cf-request-id
08784ff88a00004e2cfdaeb000000001
last-modified
Fri, 10 Jul 2020 09:07:18 GMT
server
cloudflare
etag
"777c171a4fe2d5ec69ef436d795318ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o8dRYpsI4mFu4U%2FGuD2sU71Hv%2BLR4rZfZA4BsXtBofRQFmGEsIi6SSQcN1UXMVOLpve4PzVTVyPle2%2BQOStMa%2Bb2mACdHDwMkdIu0uCSdakn06Tm2Vo99U%2FHrQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1594372038793969
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
5285
accept-ranges
bytes
cf-ray
626d82a0d8644e2c-FRA
cf-bgj
imgq:85,h2pri
22EE51C0FB491A8A02C67A289AF09046882D51672515CB821160D8BDCE13CD51AA75B111645CF9F9EBE93742DFADF99A637E50473C1FC7F31C8554232EB41BD5
assets.ad4m.at/product_image/ Frame 9D95 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/22EE51C0FB491A8A02C67A289AF09046882D51672515CB821160D8BDCE13CD51AA75B111645CF9F9EBE93742DFADF99A637E50473C1FC7F31C8554232EB41BD5
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e654c47457a2e82000da84240e6e0928dc1933662c33c24e1bdb2447c9556f11

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=k8y/FQ==, md5=80AxamRAmzEEeNw71EyG/A==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5260
cf-polished
qual=85, origFmt=jpeg, origSize=76879
x-guploader-uploadid
ABg5-UyEXGCB1ixF-FLahYVmsqpc7iRrjga6DHxo5rvqNS45l0u8qU2sZ3N_bCcPbgfNn76KTscqrouYXzxpWLhfSDg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24876
cf-request-id
08784ff88a00004e2cc9ad5000000001
last-modified
Fri, 10 Jul 2020 09:18:10 GMT
server
cloudflare
etag
"f340316a64409b310478dc3bd44c86fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ny7NL4ZhPscPbl4mFVuKtCR7c4wdRHYKra52a3C7JFetvUmljlKjF1E7k8fUMgfcKzcBa3JTUxiY%2FbsvrNqgU6ULrgitBaDvCUjd57E3rqPxWDlZjsZf3J9kzQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1594372690872525
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
76879
accept-ranges
bytes
cf-ray
626d82a0d8654e2c-FRA
cf-bgj
imgq:85,h2pri
A35CF373C7C2D59E4F84044CE8000082F17DF4F4BB5FBCAB3132EEA630AAD66BF9E9A774C7608E36497AA67529424140843F917E416C3B58093236A7276F557D_250_250
assets.ad4m.at/logo/ Frame 9D95 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A35CF373C7C2D59E4F84044CE8000082F17DF4F4BB5FBCAB3132EEA630AAD66BF9E9A774C7608E36497AA67529424140843F917E416C3B58093236A7276F557D_250_250
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0988e58b3d1600f99b2bcea10510f97e3f0ca9e9ff90cf712a10aa3f048d615a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=F+ynrg==, md5=MlfVXbvKbPmGreOeK3/ljg==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6384
cf-polished
origFmt=png, origSize=12032
x-guploader-uploadid
ABg5-UyTPypF0wlsScNgYTT1fwbDJ3MwYikYOP_G0GJUc_m6EDGCm8N_HgID9BYG_9mQcywh8vT8mAwIhV-tq3QaUzg
x-goog-meta-is_resized
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5564
cf-request-id
08784ff88a00004e2cd8217000000001
last-modified
Mon, 02 Mar 2020 13:00:42 GMT
server
cloudflare
etag
"3257d55dbbca6cf986ade39e2b7fe58e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FJg8a49Ky%2BfiEkx8TuGYoEQu7m35lNPKxeo%2BocymTRCyd9JhPvRIOolwFxvFrAaPs8XRs1G1gs6amQko7vzAMcsaRHhO%2F8lrxmitrygzd5VuyClr6htSvf7wqQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1583154042114261
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12032
accept-ranges
bytes
cf-ray
626d82a0d8664e2c-FRA
cf-bgj
imgq:85,h2pri
0D55DDEC59FD84ABAF53ADC0F9EF0E332CD7370D14892A4EBB0457A45AC6C9B27720D5884E271A8AC399A2EBF292CF7170F560032BBF3656544C5F6682491E8A
assets.ad4m.at/ Frame 9D95 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0D55DDEC59FD84ABAF53ADC0F9EF0E332CD7370D14892A4EBB0457A45AC6C9B27720D5884E271A8AC399A2EBF292CF7170F560032BBF3656544C5F6682491E8A
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f01ea38e4aa5f749f88d1982a9677cfdae1c9ba1f564bab41930a08bc950045e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=tpzZGw==, md5=f2aWPfTL9XwrYbVnXKOoLQ==
date
Thu, 25 Feb 2021 01:04:05 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13609
cf-polished
qual=85, origFmt=jpeg, origSize=141659
x-guploader-uploadid
ABg5-Uz8cyrkqy6T2XVxLiVYm1bQpNx4ttOubRNG0l8mWhiFWShnlx3i4PpXPd4lPGqv0C50AvLpaVO6IPxilmLomLMeFXEe3g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
69800
cf-request-id
08784ff88a00004e2cb31b7000000001
last-modified
Mon, 02 Mar 2020 13:01:54 GMT
server
cloudflare
etag
"7f66963df4cbf57c2b61b5675ca3a82d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g33Dr0YlSyl0A4VWirTGg3JXrjaURQPxKZj%2BhHGjNiUN0dLp5aIv5xZuyOhO8hEsh2M1qgp41ZsAq93GvIdZC1s%2FPJMg9ZuFSkuISQEDwK96PzjlyhFVKqPoxw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1583154114162874
content-type
image/webp
expires
Fri, 26 Feb 2021 01:04:05 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
141659
accept-ranges
bytes
cf-ray
626d82a0d8674e2c-FRA
cf-bgj
imgq:85,h2pri
/
ezs.lefigaro.fr/ Frame 9D95 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ezs.lefigaro.fr/?t=P51154756C863155&argsite=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
front.netaffiliation.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 25 Feb 2021 01:04:05 GMT
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D
0.01001501083374
Connection
close
Pragma
no-cache
X-TRK-PROC
70983
Last-Modified
Thu, 25 Feb 2021 01:04:05 GMT
Server
nginx
X-TRK-DECISION
7
Content-Type
image/gif
Access-Control-Allow-Origin
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV
9
0320_2en1_diffuseur_120_600.gif
www.welcomeoffice.com/WO_Images/promotion/OPE/HomePage/_2020/01-Affiliation/03-mars/ Frame 9D95
Redirect Chain
  • https://track.effiliation.com/servlet/effi.show?id_compteur=22479799&effi_id=oneidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.welcomeoffice.com/WO_Images/promotion/OPE/HomePage/_2020/01-Affiliation/03-mars/0320_2en1_diffuseur_120_600.gif?gdpr_consent=&gdpr=0&gdpr_pd=0&
28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomeoffice.com/WO_Images/promotion/OPE/HomePage/_2020/01-Affiliation/03-mars/0320_2en1_diffuseur_120_600.gif?gdpr_consent=&gdpr=0&gdpr_pd=0&
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.233.214.79 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5a0d45be319706623194b8b67a4ca27344e6326f537151015a0a33cb6335c417
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Last-Modified
Fri, 28 Feb 2020 09:48:53 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"f2b040491ceed51:0"
Vary
User-Agent,Accept-Encoding
Content-Type
image/gif
Date
Thu, 25 Feb 2021 01:04:04 GMT
Accept-Ranges
bytes
Content-Length
29163

Redirect headers

pragma
no-store
date
Thu, 25 Feb 2021 01:04:05 GMT
via
1.1 google
server
nginx
p3p
CP='ALL DSP COR IND PHY ONL UNI PUR COM NAV INT CNT PRE CUR ADM TAI PSA PSD IVAo IVDo CONo TELo OUR SAMo'
content-type
image/gif
location
https://www.welcomeoffice.com/WO_Images/promotion/OPE/HomePage/_2020/01-Affiliation/03-mars/0320_2en1_diffuseur_120_600.gif?gdpr_consent=&gdpr=0&gdpr_pd=0&
cache-control
no-store
expire
Wed, 31 Dec 1969 23:59:59 GMT
alt-svc
clear
content-length
0
servebanner.php
www.bdfugue.com/affili_bd/public/ Frame 9D95
Redirect Chain
  • https://track.effiliation.com/servlet/effi.show?id_compteur=22414148&effi_id=oneidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.bdfugue.com/affili_bd/public/servebanner.php?name=btn-achat-bd-200x65px?gdpr_consent=&gdpr=0&gdpr_pd=0&
0
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bdfugue.com/affili_bd/public/servebanner.php?name=btn-achat-bd-200x65px?gdpr_consent=&gdpr=0&gdpr_pd=0&
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/rar?a=60463%2C34951%2C20819&b=oneid7ePSqfbVtKjb8frHXHgtAtrjrazt1Tr9xoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6urxZszHAHjt4t7g6c4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidE18FDfX6uPXpTzHAHjt4t7ppS4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&f=oneidE18FDfX6ukEpVUzHAHjt6CKVKt4tVTZAWoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfwGWsAHRH4tMCKDYTMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST%2ConeidAR8CYfdQfxQquAHRH4tMCK99SMt4TDVgoneid__asuid0asuid__suite_Netmix_Reach62_ADVERTISERTEST&c=120&d=600&e=&g=cf0384f91042eb5f3f4cc4fa04f1b352%2F773065755234792637&i=28747%2C27062%2C27045&j=15%2C13%2C13&k=0&l=0&m=0&n=&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kfsewecc2f339my8ehkjyh5scms3e5j35xy3daxy6736tkn75vg86y9mrceba4r8k0m7g484dva2nbzhh6fmmst9jqabrf9xp9bkzpnpbkq0ntkve6c9a3rz1h6c2skjtt73etdgjaaz9n4c50bnafrhr83ytx5hrzjv6mymn8he4b1v83xb5ayxmgkx8jkr9j9ja08qeydj3t3x1gjf03nzbj4b6rkwgr8ag8xf7sake23rr4e9tsbze97r6eh7sem%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCNcXBgvc2YIjNIZjl7_UP6ZKNyAOvlKOuX_zzk4PXB8CNtwEQASAAYPuBgICICoIBF2NhLXB1Yi01NjEwNjQ5MTQ2Njc0MzA2oAHCrujdA8gBCakCVc6_BNJftD7gAgCoAwGqBPsBT9B2dXLMuKJ_jXybMgO0TupM46mRq5apups1mzLXm2TPUMtL0jxajVPOR-oeL1-uji5sumYkSPlanAfuMTr8uGLuaJKRCl8IJjQ9-Lik2dj6TQqigMclkkevP7luiQXMOALo66EWQAQzWfJpSXYO0bYG7UMk_2q8DbGfC0hjUJd8Nl01SBkqTlmNvawvXSMs0w-dDppfB2OBgQy0K4XVW4SX6MrxTyT0rLXN3RGPw0cc5ZAj3oF8XVb1B3DbqmTTXm3TB0hbrhcpesp0rPXvua3ck_Y0pc1Xsu3-LYpVM8sZvx-olTs2suv04IO-wpxs9F687ffAjUAdg_7gBAGABo61qczDwY2hyQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_24V_5lkzcFXEogPq4ldbklbse4aQ%2526client%253Dca-pub-5610649146674306%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 01:04:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
BYPASS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08784ff8ee000031281f267000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tmd5jCU9aqyXOG0cvYVmAU3mJpB%2FS8NTG8mJAIIzi0ovTlEiUN6pd28wGB8LMe%2FVUsS0LLPovLkpq4t%2BJ9FjJykoTJ6Bk8QTnsp%2FwrJvGY2sxTANg%2BVsNJV%2BQrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
626d82a17aa23128-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma
no-store
date
Thu, 25 Feb 2021 01:04:05 GMT
via
1.1 google
server
nginx
p3p
CP='ALL DSP COR IND PHY ONL UNI PUR COM NAV INT CNT PRE CUR ADM TAI PSA PSD IVAo IVDo CONo TELo OUR SAMo'
content-type
image/gif
location
https://www.bdfugue.com/affili_bd/public/servebanner.php?name=btn-achat-bd-200x65px?gdpr_consent=&gdpr=0&gdpr_pd=0&
cache-control
no-store
expire
Wed, 31 Dec 1969 23:59:59 GMT
alt-svc
clear
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
um.wbtrk.net
URL
https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESECALh2XPKqjwmw5loNZQKr0&google_cver=1&google_push=AQvitUKql4vsyHKOPvVsPbkm-QCsq1IB_pscwYmdi2oYI1y_uHAkylQ2vXiHs-ie9cPmCOXpI5jPZlOT93ewtZw0YmeJHprtebI

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| VERSION undefined| TEMPTROBJCOLOR undefined| TEMPTROBJ number| popupWidth function| HLon function| HLoff function| parseFloat2 function| putpoint function| replaceTurkish function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage function| openWin undefined| dateValid string| OK function| isDate function| validateNum function| isLeapYear function| PrevStandings_onclick function| Tc function| TcExchange function| MSc function| BBMSc function| BBTc function| BBStanding function| BBComp function| MScExchange function| Kc function| KcExchange function| OpenForum function| PDc function| Tahmin function| PDcExchange function| KPc function| replaceChars function| blinkIt function| getElementsById function| rgb2Hex function| IntToHex function| MakeHex function| getCookie function| setCookie function| __gid object| variables object| cookieVariables function| getValueWithQuote function| generateCookieString function| getGeneralCookie function| rollObj object| myRollObj function| cumulativeOffset function| relocateBanner function| openOddLink function| initDuelMatches function| StringBuilder function| popMatch function| popComparison function| popTeam function| popBasketTeam object| cookieVariablesX object| Medyanet_Display_Settings number| advertisement_not_blocked object| _0x27e8 function| _0x3710 function| _typeof undefined| ReklamUpArsivMackolikCom object| googletag function| screenArea function| infiniteAds object| AdmostClient boolean| _cookieTest string| LOGO_PATH string| ICON_PATH string| IMG_PATH string| BTEAM_LOGO_PATH object| Mackolik object| ggeac object| google_js_reporting_queue undefined| ReklamUpStickyFooter object| _0x5282 function| _0x5513 function| _typeof2 undefined| RUPPOPRKLM function| popupAd object| tmp object| dimml function| _amw1 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal number| _timer number| activeNewsPage boolean| boolSlideNews function| gotoNews boolean| has_panels boolean| has_filmstrip number| strip_size object| google_reactive_ads_global_state object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| atrk object| _atrk_opts boolean| _atrk_fired string| gaJsHost object| _gat object| _gaq object| adblockDetector string| GoogleAnalyticsObject function| ga object| pageTracker string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| google_tag_data object| gaplugins object| gaData function| udm_ object| _comscore object| COMSCORE object| ns_p object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt number| google_global_correlator object| jQuery18201033036385006667 object| closure_lm_655512 object| expireTime number| begin number| end string| k object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
arsiv.sahadan.com/ Name: intdate
Value: 1614215043062

30 Console Messages

Source Level URL
Text
console-api log URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
Safari control removed!
console-api log URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
QUARK PLAYER: Version 1.20.1
console-api error URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
GEMIUS PLUGIN NOT LOADED
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] adding bait node to DOM
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: offsetHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientHeight
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] found adblock zero attr: clientWidth
console-api log URL: http://is.cdn.md/i4/Js/adblockDetectorWithGA.js(Line 307)
Message:
[ABD] exiting test loop - value: false

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

146dfb032c57e418ed3e2943bd0b9680.safeframe.googlesyndication.com
88769ce7d1eb45880ecd5159bb0859fb.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
a97560763e1ce9d9491b7de1be8b781ca.profile.lhr61-c1.cloudfront.net
ad.turn.com
ad4m.at
ad4mat.net
admost-banner.b-cdn.net
ads.programattik.com
ads.travelaudience.com
adservice.google.com
adservice.google.fr
ajax.googleapis.com
arsiv.sahadan.com
assets.ad4m.at
b.cdn.md
b.scorecardresearch.com
baltar.dimml.io
c1.adform.net
cc.adingo.jp
cdn.dimml.io
cdn.eksiup.com
certify.alexametrics.com
cloudfront-labs.amazonaws.com
cm.g.doubleclick.net
cs.media.net
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
daznplayervod.daznservices.com
dsp.adkernel.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
ezs.lefigaro.fr
fonts.googleapis.com
fonts.gstatic.com
gatr.hit.gemius.pl
go.admost.com
hm.cdn.md
images.performgroup.com
imasdk.googleapis.com
is.cdn.md
js.duhnet.tv
p.rfihub.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
stats.g.doubleclick.net
str.hit.gemius.pl
sync-tm.everesttech.net
sync.bumlam.com
sync3.sniperlog.ru
tags.bluekai.com
ti.tradetracker.net
tpc.googlesyndication.com
track.effiliation.com
um.wbtrk.net
ups.analytics.yahoo.com
www.awin1.com
www.bdfugue.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.sahadan.com
www.welcomeoffice.com
www.zenaps.com
x.bidswitch.net
um.wbtrk.net
136.243.151.216
142.250.185.98
142.250.186.162
143.204.90.102
143.204.90.91
149.202.204.241
151.101.114.49
172.105.199.172
174.137.133.49
18.156.0.31
184.25.115.49
184.30.24.22
185.59.220.193
193.0.160.129
195.244.32.102
195.244.38.50
2001:678:cb4:bbbb::11
212.102.38.47
213.155.156.182
23.32.238.123
23.32.238.193
23.36.237.27
23.79.152.128
2600:1901:0:76b9::
2606:4700:20::681a:bd1
2606:4700:20::681a:c1a
2606:4700:3032::6815:57ae
2606:4700:3033::ac43:9ddd
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:801::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c07::9c
2a02:26f0:6c00::210:ba13
2a02:6ea0:c700::1
31.172.81.159
31.172.81.160
34.102.211.201
34.243.162.235
35.156.223.207
35.190.0.66
35.210.215.44
35.227.252.103
37.157.6.246
44.241.175.154
46.228.164.11
52.28.239.147
54.178.184.38
63.32.135.125
65.9.20.44
69.173.144.165
72.21.202.25
77.223.147.102
85.233.214.79
92.123.148.9
95.131.136.1
99.86.106.220
0078599c726b5dd46bdc864a975bc46e3b4d015d3bdc9f40149cfcb1fbc28f7a
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
07c333a26b9af10dbc692cec3727af9a4ef7a0dea4bc15830a23de1a6e047ef2
085861a38ad63497a90705540dc6a9513ec332b4649c1bfc2a99c1987ceb8109
08ad24f539fb63ecbeabb240c2f401599374a4836c9856b8d67f42a39bfcd4ad
0988e58b3d1600f99b2bcea10510f97e3f0ca9e9ff90cf712a10aa3f048d615a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7a992b67e6290b9a7b9f149528fdb95bf0e2a01e346bbb131256b8f567564b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10c37086a86c14b45bbbb9ad772c65587a4d8be73c860db9546e0c375dfa2952
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1324d6ec719784d7e06c70744db3c98220014d51ac95f960bd478a573c5196e2
13c67de794ac935f63c8da36e01421c4a6a43070855376edb36634b1311fef4f
14ee0390722dba1d6e95b766412095d436df22f30b83dfbb9cb38fde3cd72c95
1683dcbc2d78096fd657d91311e0c4fe1ff15ba073b519bf58bb423a329023d2
17f65885ef019a07d89718bc5fd77f70e8a15add5cd041f30fd9c11b9effcb2f
1a1f54d415d54227cbfa1c4e675e0a065ff6049fe9b63553ab448f4f188d10f2
1dbe5850f671cf92fe1d7b55226a830fbe4daba614bf6c6ceeca9e236326930f
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1f21ec2a91bb5eb20ba91a53c2fb58950315562e1d4d0b9ca921de0bd4363a23
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
225f1d3c8ef3ad281981d0a97a78e980272a364d6634475ad7a4d436d4335991
25b388799be1e0baf241fc436af58dd88050bd30a269416998cc3824cfe89d4d
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
2bbf41e259c09f15eecd3ecd8751f767b3192f134002f039ccff3824ca23da2a
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787
2deb82c585f891ba79a0cc6e27caf804cd5308c9fc91f5487549d64f3bb84b89
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2eeda99b21bcb434c11d6b5caac97be80dda168cda20677568439600bfe20c9f
2f4e4b4105389d0a134b238449e38ed86db920d1fef389b43d6eecabaadddca1
313d5cbad55a31674c5451e2a961ab892e951ea7c59396ea5a89c944c9b029bd
315dd41edb3f2beff3bd3b5a34420d739ffaa72c5f34cd904c96b2321eb093f5
31b1b67c191484190066785f309435ba62626a9a8610ca341622145f02ea1ee1
326b9524fd6295565871de3f0cbd08993794c17160f1b41183cd329e5a90f021
34667fc83e3f4d9ff6080d44c4fc4dd87e0d3a6a8d680dbd3adb05a73d99f590
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b
34e1a3612973131193b2f4a5bbd3f8cd75ad4327ef867d4c049a82551a24b9e7
3538ceb908900f3e0251ac7df9a269c89375805075a265bafa1603277eec4966
359ab6c64089207559482c14ddaae88ca8773c21e1d787eaf8ceca712c679976
373394aab07f124ec326597a9aaadfe9a0578eefba1ded64b3201117e74184a9
384b935474ab09f84f7e845a6e91d8cbad2ff14ed25053d0be524d4624550875
3a09623c2f9581981066ab40dfe5f59a8770b1dd155e7d522899ac738bc53b78
3a262c0d0e714bb72a7ba214036286d33a65d15af83871f922017dd593a84a4b
3a4c8caa846989335bb766aa47986b54cec64b02c254f8565b157944abfd803a
3ea5f5e57bcdba2a5925058f077a3c016ac0c03d940a9866f82bddd5bf150dd2
3ef707fc4a3c01523d30510ce8a91d224e4b80d31be2fd7b18ceee18fb5c437b
3f71c7e1467e9bac745ba1f27ec773b77b04b551e3b48eae8447a14c43aefc0d
44bf8fa24bf98e57fcd3148745d7519571ae86475f94a56839a34371df27d005
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47357d6e339920f745e1e8ba4057b1e8f978b12db2e560086352ae9d677c4dd8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4bc67de1555474f459fa4e6e8368fef2e7a0c286e190fa57dcaa974ec7a34087
4c9dd320c3e45d56b82c75bb5e7e1e4673b0f572cf82fabab546cd8ad45b9aa7
4e86c59cc871ec19493dcff904d6791816d5cf4f69e88e486cae24774b4206e5
4ec12baf6cba1184f734c98640a42cd7a3208c2edf5871231eb6c3a58a021520
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
54367e5eec0fd6ee471508ed35b3024c28458d766164d942d34ca9f98000d5fb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a0d45be319706623194b8b67a4ca27344e6326f537151015a0a33cb6335c417
5b2bfee61149c85028b4856fe9878b009be79bf0bb6c87380535cf3c2d320561
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5ed13d52a3cc1a8f4cb70e34d58e2f24c9f9544b1e63353129c7182620edaf56
5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
652f678df4bd639fb7bed101d221e2e7c2a81baeaf829981f57e13ddb3139779
68f185f74b1c88db45d4af03c0833e9f74ff17552b163f090f16412e585a2129
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7623f5e61116a5e2fa2ab6e034b1a30f50fff25fcc7f8cfffdb8d84ff112cb1f
7696124925bd07390cafa25241637b03b5196e2836814096257a5ec1943dd2f0
7822ee40c649c72903d67fa4d1b6700b8db991600b050275d5cbf455bad27439
7a027e14dcfb5a4bac0cd306898b25edc13bed508836bb47c1cb6aab94b0c420
7a565165ca0829f25db3e0ef1f0e1cd206cea1630a1fdf928b5f654b71ea1272
7a785e674d7e0a971efb769521d506914d875c0cbb461fbf0ee92885725ef03d
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad
7c29dde99a5cc35a344410a3ce27720771f5db7e9c9500ad13c2632ad0f2f6fe
7cdad65d851eba5a65749011714e3609508c7cdc03fdb82fa3d82adbd1261c38
7cfd963ca40a2d020192e1bc5bca99be80bcbd2fcec9b25d6ad552b7def38727
7d0faca785be135eeeaee5cd2ba681e5ababa983819df716a01acfe8c67f26e5
7ff59a5a1631c004d2504a74ae80f7417e27ae6dba8ff1e43e2109c0562f3cc9
81fff0fa5d9f617e0f369c15511a1f70daffd1b64bfcc6cc40b609a306cf9d58
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8853e974d661a5636217c397d87dd0c3c3c67390b67f0924136430125ea8e933
89c7dbdea66a586f18c3f355a2fb0a7fad3cb0f44e984431b71c497cebf55e4b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
96408cb4ac8a38aa57d5b6ca134149888cd76637f2fe49542a972827cc5073f2
9659e9ea455a8954eade8d3f335d7bafc411a8daae62fabb934c792716ab8926
96c0598f9fe9df975d595a6ba24ebff8c1bd6fe14902dd37b2ebb639daedf5bf
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e7b3332f73f2bfd2fd43021066a1e3dd086660797dfa20e3fee503895d21d0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d21adb044419fe06abfc5656a0a367730ca5ecae45b3f78498a6d10e9d2a9f6
9d312140f3532b29659e3b5c2eb94ff9d7d5f09376b21993c5909442eece0067
9e0475bc6b5858f1d4d16178f48f9993fc45ecd976c9c147330ed300fc220c51
9ef1e509d03d84c2359638dae5c349e6bbbe5b951747ccd5f26c4b8db9737909
9fdc8d6e8ae6ab8c71d6c0efc802ec9eec8c9cbd50dfda8e0924684f1da0b51b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1f0a55cb79a36ad943e641684c820b59501609dee4daff7efb99f4d763f6aeb
a220cfb6b70408fd712575a46f380fc45dd9e517fe4a23bd31557a3468f299ea
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a314bd0381551764a32150f16251feccf4184b14859eadec2e06cb0d35d4681e
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5044b6e36ff73e85bfcdcd0b70121e5eb38952b01db8cd7da9cffa0865506eb
a676716064c7d7a2a2ef0277ae2287b41fb6b8561ac8cf0581d73096825cacda
a81cecefe8865615fe3e4c8858e69f1d92f4cff8a56095d2c57bdfb61fb07439
aa2cb8a5241d24ae98bad193afc76ca3b5437f2d95c62c7c49dbdc9ad6a2fac9
ac6ce78f20b36f29dcff9c4de6ad5014e363ac53b6891a3627b5003574a227c9
ae31769399ff3e58b923d8bd0e2339336f58a454be48d2893486b6f6d59eab11
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01899f50e18195305c045a5b7c8906d72b242654c4354b8123c26f4893a41f3
b3f2e69fff634830a400c124c00dd5c97f023d6154a03aa9ec9a5eb690c9f196
b4a7ef9af3af11bb37d635bfed849032d26ef1cd51095cff7e664fcddf9e114c
baa9495d62f57a51e558c8eed6ee3c00f83b86a6cc22773fb540a151515f2372
bbe25dbd7d8df6c46cd4382d0243d69da63629075e5552a9b265f831b9bbfb07
c16d5b3a69e6cd1f43f9a193dcf3ce567fc90758be77cfa936848d1ef74fc7fb
c21a3f821b4d312076f3a473f9e741b53658761b5f0886873e12039eb5190cbe
c363b77b4a6206becfa06b7d182164857306a462908df61b6261bae945364933
c491068ddad8d7d4d29fea236265f930eb40ef1db48ce63b342d24c149b92694
c65a278b02d6e3b4e26b739d628c2992e4bf66f1c92316a15e9a301f706bef12
c8f451ebabcc71b7af2cc208b4fd1cc47d92f47bf6cd82036111012019e558d2
c93fb7041e9f10a7c8b8bdcac6696d6e850e3f818d8b8a5660955bfe34028d7e
c9427dac727d4a137edeeca6151c7e8248c1483dea302a8142dc3e943cdea5cc
cb9404060fda4757f932c63af8efa23cb6088538410793e9ce068f0d1818df51
cbfd41137ab7adf57c3b76f7a9c21e9582cccef23a60459133ebaf04e1124f4f
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cecaa3c6afa068e141ee4972e5449634fb581b3447bfa6169d3c038d2450a5e8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded1d9b7817a8247c96877fb6bfef1f651d94018cc4df64f298209867a4307e9
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335
e4bc697496bb350dee2dd90f94e8454e52a371f64121a5565f0a54652a0716e5
e62af54a296f56631510f41fe04abc6fdb1b703d6e2968a50a6741c5aac93ea0
e654c47457a2e82000da84240e6e0928dc1933662c33c24e1bdb2447c9556f11
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
ecbc2fea35cebc7a42cc70b84e1e041153cb8686435a4d8f1c7edbd404c683ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01ea38e4aa5f749f88d1982a9677cfdae1c9ba1f564bab41930a08bc950045e
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
f324e01e06560f8cf72e66ba86e85294b4ddb2775c3690b18efbb7e6ef6c68eb
f4bd1e48a5e330510d3c0404d8ef1c3a22e0e85831706f14ef40b83a527af973
f4c6add0ff7f0b511713bf29abad0eb9163d6e0c4706f363489dcf3697b7f304
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5fd41da0b9b4ab5d2b6ccd6b35756a31d248f93b2d75451d7a03b8f15ccaa79
f70070a4919ca012cc1cbb3feaf8236523cf1d6c8c54f66b18759420069c0202
f76bf2498cc215bd189c7e15bdd617ef64110566f7701dcf920ad3838301624b
f7aa75ce5435748253062fe337a401938cb9e3fc5e3b63a56a2c97ebf2ac0ec8
f8c438d279c6bd38c07d7713ec638668b54cbb2b2e55d01e3a7ba28f144365ee
fa01e0378c77fd6a2f7c316bbb0fdf44697a828cb502dbc70bc83b30669b8305
fddc433f7cc747ef4fe82c66486feb8783af32e11f590cf4bb46708b8ec05418