Submitted URL: http://mackolik.us/
Effective URL: http://arsiv.mackolik.com/Default.aspx
Submission: On May 05 via manual from TR

Summary

This website contacted 77 IPs in 12 countries across 74 domains to perform 437 HTTP transactions. The main IP is 94.130.143.246, located in Germany and belongs to HETZNER-AS, DE. The main domain is arsiv.mackolik.com.
This is the only time arsiv.mackolik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.19.248.132 60819 (SAFENAMES-AS)
1 1 185.42.236.147 199710 (PERFORM-AS)
1 1 2.16.186.91 20940 (AKAMAI-ASN1)
2 94.130.143.246 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
34 195.244.32.73 43391 (NETDIREKT-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
42 77.223.136.104 43391 (NETDIREKT-AS)
17 195.244.32.55 43391 (NETDIREKT-AS)
1 2 23.45.99.241 16625 (AKAMAI-AS)
16 195.244.38.50 43391 (NETDIREKT-AS)
3 7 217.182.200.29 16276 (OVH)
1 4 13.224.111.129 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
16 172.217.23.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 89.187.169.122 60068 (CDN77 (^_^)/)
1 3 79.137.69.91 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.159 16625 (AKAMAI-AS)
54 65.9.84.6 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
1 185.59.220.199 60068 (CDN77 (^_^)/)
48 96 2606:4700:20:... 13335 (CLOUDFLAR...)
1 5 72.251.249.14 29791 (VOXEL-DOT...)
5 18 188.42.196.115 7979 (SERVERS-COM)
4 213.19.162.21 3356 (LEVEL3)
4 178.250.2.131 44788 (ASN-CRITE...)
21 34.98.64.218 15169 (GOOGLE)
2 14 37.252.172.36 29990 (ASN-APPNEX)
4 185.86.139.59 201081 (SMARTADSE...)
4 37.157.6.246 198622 (ADFORM)
3 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
1 65.9.84.55 16509 (AMAZON-02)
1 13.224.111.9 16509 (AMAZON-02)
2 104.244.42.72 13414 (TWITTER)
1 65.9.84.39 16509 (AMAZON-02)
1 34.247.62.201 16509 (AMAZON-02)
8 2a02:2638:1::3 44788 (ASN-CRITE...)
4 2a02:2638::1c 44788 (ASN-CRITE...)
10 104.111.230.142 16625 (AKAMAI-AS)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
4 151.101.113.108 54113 (FASTLY)
2 2 185.29.132.69 30419 (MEDIAMATH...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 37.157.3.29 198622 (ADFORM)
2 13.248.242.197 16509 (AMAZON-02)
7 10 142.250.186.130 15169 (GOOGLE)
8 8 3.120.52.76 16509 (AMAZON-02)
2 2 18.159.17.140 16509 (AMAZON-02)
2 2 193.232.148.152 48061 (UMA-TECH-AS)
6 6 31.172.81.159 44066 (DE-FIRSTC...)
2 2 31.172.81.172 44066 (DE-FIRSTC...)
1 5.254.23.213 3223 (VOXILITY)
1 1 2001:678:cb4:... 56396 (TURN)
1 2 35.186.253.211 15169 (GOOGLE)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 35.157.48.14 16509 (AMAZON-02)
2 3 52.19.106.86 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
4 5 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 52.58.177.37 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
2 2 87.98.242.60 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
2 2 89.108.119.28 197695 (AS-REG)
1 1 31.172.81.160 44066 (DE-FIRSTC...)
1 3 2a02:6b8::90 13238 (YANDEX)
1 34.96.105.8 15169 (GOOGLE)
1 2 52.95.123.41 16509 (AMAZON-02)
1 1 3.220.131.242 14618 (AMAZON-AES)
1 135.125.8.70 16276 (OVH)
1 1 169.50.137.190 36351 (SOFTLAYER)
1 18.158.240.83 16509 (AMAZON-02)
1 1 23.37.42.132 16625 (AKAMAI-AS)
1 2 88.99.213.228 24940 (HETZNER-AS)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 88.99.242.108 24940 (HETZNER-AS)
1 104.108.144.24 16625 (AKAMAI-AS)
1 51.38.120.206 16276 (OVH)
1 2a0c:5c81:513... 55081 (24SHELLS)
1 82.145.213.8 39832 (NO-OPERA)
437 77
Apex Domain
Subdomains
Transfer
96 adpone.com
hb.adpone.com
4 MB
93 cdn.md
cm.cdn.md
im.cdn.md
hm.cdn.md
614 KB
54 randiul.com
randiul.com
529 KB
27 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
289 KB
23 openx.net
adpone-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
6 KB
23 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
pixel-eu.rubiconproject.com
59 KB
20 googlesyndication.com
pagead2.googlesyndication.com
eaac02f77194982ef93924cecb4d40dc.safeframe.googlesyndication.com
tpc.googlesyndication.com
34b25170a8e78b1a8586fdec834b7013.safeframe.googlesyndication.com
164 KB
19 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
7 KB
18 adnxs.com
ib.adnxs.com
acdn.adnxs.com
79 KB
16 admost.com
run.admost.com
go.admost.com
19 KB
10 gemius.pl
tr.hit.gemius.pl
str.hit.gemius.pl
33 KB
8 bidswitch.net
x.bidswitch.net
2 KB
8 criteo.net
static.criteo.net
205 KB
8 criteo.com
bidder.criteo.com
gum.criteo.com
1 KB
6 bumlam.com
sync.bumlam.com
4 KB
6 adform.net
adx.adform.net
c1.adform.net
3 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
150 KB
5 lijit.com
ap.lijit.com
3 KB
4 dimml.io
cdn.dimml.io
baltar.dimml.io
9 KB
4 smartadserver.com
prg.smartadserver.com
1 KB
4 connectad.io
i.connectad.io Failed
cdn.connectad.io
4 facebook.com
www.facebook.com
145 KB
4 googletagservices.com
www.googletagservices.com
133 KB
4 google-analytics.com
www.google-analytics.com
38 KB
4 scorecardresearch.com
b.scorecardresearch.com
sb.scorecardresearch.com
5 KB
4 eksiup.com
cdn.eksiup.com
12 KB
4 googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
485 KB
4 mackolik.com
mackolik.com
www.mackolik.com
arsiv.mackolik.com
27 KB
3 yandex.ru
an.yandex.ru
914 B
3 bidr.io
match.prod.bidr.io
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
1 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
61 KB
3 google.com
adservice.google.com
797 B
3 google.fr
adservice.google.fr
1 KB
2 tns-counter.ru
www.tns-counter.ru
705 B
2 1dmp.io
sync.1dmp.io
788 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com
939 B
2 aidata.io
x01.aidata.io
1005 B
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
1019 B
2 erne.co
green.erne.co
570 B
2 everesttech.net
sync-tm.everesttech.net
613 B
2 admedo.com
pool.admedo.com
785 B
2 w55c.net
pm.w55c.net
1 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
823 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 mathtag.com
sync.mathtag.com
1 KB
2 duhnet.tv
js.duhnet.tv
332 KB
2 bluekai.com
tags.bluekai.com
984 B
2 cloudflare.com
cdnjs.cloudflare.com
3 KB
1 opera.com
t.adx.opera.com
393 B
1 adtelligent.com
s.adtelligent.com
1 onetag-sys.com
onetag-sys.com
818 B
1 media.net
contextual.media.net
545 B
1 rees46.com
api.rees46.com
158 B
1 mrpdata.net
j.mrpdata.net
75 B
1 simpli.fi
um.simpli.fi
609 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 ipredictive.com
sync.ipredictive.com
437 B
1 blismedia.com
tr.blismedia.com
136 B
1 sniperlog.ru
sync3.sniperlog.ru
297 B
1 justpremium.com
match.justpremium.com
324 B
1 sitescout.com
pixel-sync.sitescout.com
280 B
1 dotomi.com
openx2-match.dotomi.com
104 B
1 rlcdn.com
id.rlcdn.com
1 turn.com
ad.turn.com
441 B
1 quantserve.com
pixel.quantserve.com
496 B
1 b-cdn.net
admost-banner.b-cdn.net
9 KB
1 performgroup.com
images.performgroup.com
3 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 daznservices.com
daznplayervod.daznservices.com
1 mackolik.us
mackolik.us
440 B
437 74
Domain Requested by
96 hb.adpone.com 48 redirects randiul.com
54 randiul.com arsiv.mackolik.com
randiul.com
42 im.cdn.md arsiv.mackolik.com
34 cm.cdn.md arsiv.mackolik.com
18 ads.betweendigital.com 5 redirects arsiv.mackolik.com
hb.adpone.com
ads.betweendigital.com
17 hm.cdn.md arsiv.mackolik.com
16 securepubads.g.doubleclick.net cdn.eksiup.com
securepubads.g.doubleclick.net
arsiv.mackolik.com
www.googletagservices.com
run.admost.com
15 run.admost.com arsiv.mackolik.com
go.admost.com
14 ib.adnxs.com 2 redirects hb.adpone.com
acdn.adnxs.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
arsiv.mackolik.com
srcdoc
tpc.googlesyndication.com
www.googletagservices.com
10 cm.g.doubleclick.net 7 redirects eu-u.openx.net
10 eus.rubiconproject.com hb.adpone.com
eus.rubiconproject.com
cache.betweendigital.com
9 us-u.openx.net eu-u.openx.net
8 x.bidswitch.net 8 redirects
8 eu-u.openx.net hb.adpone.com
eu-u.openx.net
8 static.criteo.net hb.adpone.com
static.criteo.net
6 sync.bumlam.com 6 redirects
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 tr.hit.gemius.pl 3 redirects arsiv.mackolik.com
5 ap.lijit.com 1 redirects hb.adpone.com
4 token.rubiconproject.com 4 redirects
4 acdn.adnxs.com hb.adpone.com
4 cdn.connectad.io hb.adpone.com
4 gum.criteo.com static.criteo.net
4 adx.adform.net hb.adpone.com
4 prg.smartadserver.com hb.adpone.com
4 adpone-d.openx.net hb.adpone.com
4 bidder.criteo.com hb.adpone.com
4 fastlane.rubiconproject.com hb.adpone.com
4 platform.twitter.com arsiv.mackolik.com
platform.twitter.com
4 www.facebook.com arsiv.mackolik.com
www.facebook.com
4 www.googletagservices.com securepubads.g.doubleclick.net
4 str.hit.gemius.pl 1 redirects arsiv.mackolik.com
str.hit.gemius.pl
4 www.google-analytics.com arsiv.mackolik.com
www.google-analytics.com
4 cdn.eksiup.com arsiv.mackolik.com
cdn.eksiup.com
ajax.googleapis.com
3 an.yandex.ru 1 redirects
3 pixel.rubiconproject.com
3 match.prod.bidr.io 2 redirects eu-u.openx.net
3 cdn.dimml.io arsiv.mackolik.com
cdn.dimml.io
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.fr securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects arsiv.mackolik.com
2 www.tns-counter.ru 1 redirects
2 sync.1dmp.io 1 redirects
2 aax-eu.amazon-adsystem.com 1 redirects eu-u.openx.net
2 x01.aidata.io 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 green.erne.co 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pool.admedo.com 2 redirects
2 pm.w55c.net 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects eu-u.openx.net
2 rtb.openx.net 1 redirects eu-u.openx.net
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 2 redirects
2 a.sportradarserving.com 2 redirects
2 match.adsrvr.org eu-u.openx.net
2 c1.adform.net 2 redirects
2 sync.mathtag.com 2 redirects
2 syndication.twitter.com platform.twitter.com
arsiv.mackolik.com
2 imasdk.googleapis.com arsiv.mackolik.com
imasdk.googleapis.com
2 js.duhnet.tv arsiv.mackolik.com
2 tags.bluekai.com 1 redirects arsiv.mackolik.com
2 cdnjs.cloudflare.com arsiv.mackolik.com
2 ajax.googleapis.com arsiv.mackolik.com
2 arsiv.mackolik.com arsiv.mackolik.com
1 t.adx.opera.com
1 s.adtelligent.com
1 onetag-sys.com cache.betweendigital.com
1 contextual.media.net
1 api.rees46.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 j.mrpdata.net eu-u.openx.net
1 um.simpli.fi 1 redirects
1 gu.dyntrk.com eu-u.openx.net
1 sync.ipredictive.com 1 redirects
1 tr.blismedia.com eu-u.openx.net
1 sync3.sniperlog.ru 1 redirects
1 match.justpremium.com eu-u.openx.net
1 pixel-sync.sitescout.com 1 redirects
1 openx2-match.dotomi.com eu-u.openx.net
1 id.rlcdn.com
1 ads.yahoo.com
1 ad.turn.com 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 pixel.quantserve.com 1 redirects
1 baltar.dimml.io cdn.dimml.io
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com arsiv.mackolik.com
1 admost-banner.b-cdn.net arsiv.mackolik.com
1 34b25170a8e78b1a8586fdec834b7013.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 images.performgroup.com arsiv.mackolik.com
1 s0.2mdn.net imasdk.googleapis.com
1 daznplayervod.daznservices.com arsiv.mackolik.com
1 eaac02f77194982ef93924cecb4d40dc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 b.scorecardresearch.com arsiv.mackolik.com
1 go.admost.com arsiv.mackolik.com
1 www.mackolik.com 1 redirects
1 mackolik.com 1 redirects
1 mackolik.us 1 redirects
0 i.connectad.io Failed hb.adpone.com
437 105
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-17 -
2021-07-17
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-26
a year crt.sh
*.admost.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-19 -
2021-12-11
2 years crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2019-09-11 -
2021-09-24
2 years crt.sh
*.google.fr
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.google.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
san2.daznservices.com
DigiCert SHA2 Secure Server CA
2021-02-02 -
2022-02-02
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA
2020-11-11 -
2021-11-11
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2020-11-19 -
2021-12-20
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3
2020-06-16 -
2021-06-16
a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2021-03-16 -
2022-03-17
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-08 -
2022-02-05
2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-09-22
6 months crt.sh
*.match.prod.bidr.io
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-04-26 -
2021-06-16
2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2019-06-19 -
2021-08-31
2 years crt.sh
tracking.justpremium.com
Amazon
2021-03-01 -
2022-03-30
a year crt.sh
bs.yandex.ru
Yandex CA
2020-12-17 -
2021-06-17
6 months crt.sh
tr.blismedia.com
GTS CA 1D4
2021-05-01 -
2021-07-30
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon
2021-04-09 -
2022-03-20
a year crt.sh
gu.dyntrk.com
R3
2021-04-11 -
2021-07-10
3 months crt.sh
*.mrpdata.net
Amazon
2020-12-04 -
2022-01-02
a year crt.sh
sync.1dmp.io
R3
2021-03-27 -
2021-06-25
3 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018
2020-11-10 -
2021-12-12
a year crt.sh
api.rees46.com
R3
2021-03-14 -
2021-06-12
3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2021-04-12 -
2022-04-20
a year crt.sh
onetag-sys.com
R3
2021-05-02 -
2021-07-31
3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2021-04-07 -
2021-07-06
3 months crt.sh
*.adx.opera.com
DigiCert SHA2 High Assurance Server CA
2020-05-18 -
2021-05-26
a year crt.sh

This page contains 89 frames:

Primary Page: http://arsiv.mackolik.com/Default.aspx
Frame ID: 92F66D3C8E628770FBC3DC5BFCF16729
Requests: 155 HTTP requests in this frame

Frame: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Frame ID: 1FD0C133ED5942C4DE41EB7D5E4BF9E3
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EE30CDCEE5DC19DB6A829112214BE8EB
Requests: 10 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.453.0_tr.html
Frame ID: 85BBCC4107E8B4042FD2AF4998A3723D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvrRcdhoywQ6F8UVLo3dewP7v2N0nu_Dx2LqPVGJ_v1TSHTA09GwPODlxpiDyeDYC7yck3my77AJG2dH7gLlNrDNke98xvgHOw3p0iLF_u_e9JiO0gohJb35m_iXvsS_5BP8Zf3ObiE-N1iYayQxPG1_7MMLpUMIAy4QqWR5VV7J1F6iT9MqOIenHgZN727ha7NSGmGghruhCDGfEg5dDdTJVKoX2WcBWKSflAGTzRM_-iK0fq6iLB1SLapCoGxwVJaD4e9SG8Nh4aXQ31L9j-_57B7sefvnbN_lU3eaVZwubkxMr9Z4BBgFO1jb1-z1u_OHFFPIr61cVG7iDXY4mB7Z42ndNArAQHrzEFvZMX_rHe5TPlpPb3qPj1b3nFd-0&sai=AMfl-YT2zykEG1PB2o-wTZgIFki3l22eIFXcojx5wx7qiY9Y24jscgrayJsMm_zPub_tq27xoGo0hD7Br8VcJqrdkmrDYSg4cid-ni3AqlJmNI5ecn-sjRMKgEr4gWY4P78g&sig=Cg0ArKJSzD6puAbyZbG-EAE&urlfix=1&adurl=
Frame ID: A58172889369200873E068A229BE8E96
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Frame ID: 4F55F137F36464D3E4EFF4FA3827A539
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5CDAB95B0934561C59C45D285284E1DE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjfVqRc7C9u2Mb7sDQYH--kN7SR2i7UuPnCtjhDvGSSwaeT9AjAUV8glWPx5lUjyyMPKZexO9UGe1-DTm1KEDE4aI_LOX6CCCdnyfQRgXRcSdzcPZbJUheSuhmQ9R_DKUAcqwBqV8cK2TeCY5jr86baC7Rz0XgGw9rHZ8jH4zz-NQBgg8tEVygSLPXLZtPkUXjVcGMCSDbkaZdFXGCiaZh7F934zlpCa89g70f79DHrmv41R-z1aZltlKYqi92djZjogOEFMbaAZEXWkLByrwQyL-55rzbpDC1jrxvctweXVTbBD8V6ILl8q7U2zLhd3aE7Nqy_0urxDgmhVitm5pxtI7lhP12EhXnLg&sai=AMfl-YTfH6QnRfxqE5-jaPP2fhjM_hJtURKcPgkKoOZjs2hwoEWUWY3n8ke4daZaXJ9UfsTsxVGu8ojZvhnfT5dNpgryco8GXY_W8huJMFB85iqqgotabI2iB1SCmLY6zC03&sig=Cg0ArKJSzMd00VudFsdgEAE&urlfix=1&adurl=
Frame ID: A7EA678949539673BB533DAE8E925656
Requests: 7 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=8ef9bd6b8e048d32d0b2ff4a99f285d42&cb=9212881620197832251
Frame ID: AE8A2371F0367281080A6AFAA44BEC30
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stat?i=zq0eqoihjfrx9ad8e0hw3&a=3f499d6a7bf8f602abf6be5feb7273b21&cb=4838601620197832253
Frame ID: DAFCD9B450DEA5E3DAAD2CD8DF3F7E50
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/count?i=zq0eqoihjfrx9ad8e0hw3&a=ecb56141ce8fdaa023ddf833e29988cb7&cb=1190081620197832254
Frame ID: C7EF8023DB025D06BF096A999581D70D
Requests: 13 HTTP requests in this frame

Frame: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=18cf07a61619546a36c7e896f40ac6251&cb=2180321620197832255
Frame ID: 53C30187622CD7229D4CABD7E961C51E
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=46e0bed5c89fd1e248e629a10d5ad0f99&cb=8584121620197832256
Frame ID: 9B139438BA271E551D6EDE0BE1793A61
Requests: 13 HTTP requests in this frame

Frame: http://randiul.com/send?i=zq0eqoihjfrx9ad8e0hw3&a=3dc8884a491de59d16b77a88945d48e43&cb=9265591620197832257
Frame ID: B224BE30A7007781CF77A0A094C1B917
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=zq0eqoihjfrx9ad8e0hw3&a=cecce1f1c5bb204b95519946123c157b7&cb=6274681620197832259
Frame ID: F26526D47B33EBA1EDAE669A3F1AA6F6
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stat?i=zq0eqoihjfrx9ad8e0hw3&a=01112305d45c5056cbc035f5fc57d3bf7&cb=7696951620197832259
Frame ID: 65514B53D9B602E73BC5EC18E15BCC8B
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=7053a6ae81a2e63879a3b9be890e65825&cb=4127471620197832260
Frame ID: 25E453D1CBA59CAB1D8EFFD59675DDAF
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=zq0eqoihjfrx9ad8e0hw3&a=f2c4e28747c8df2380f8160d234201fd7&cb=3102141620197832261
Frame ID: 1379C0A7E948D340621E2BA598E7A3E4
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=5e6f139c1ae4cbad3ebc43032e98ea8b3&cb=4902381620197832262
Frame ID: 5D9B93C182589275242222186A161841
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=e783a21ce56e0f1acea725538d6aee669&cb=1176521620197832263
Frame ID: E12839BBBA8923941C02D43549BC8F60
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=31cd47ff3d08c30def2fca0fb13e6dab5&cb=6708081620197832264
Frame ID: F5F5F57C9260CC1BE1861AE92FEC27A0
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=d632e1ca224d67be481c7981c0a176601&cb=9542921620197832265
Frame ID: 51D21BD91B375A81824409141F2D2A12
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=338836b239eb58ab68f020dc96c7a2699&cb=9048411620197832267
Frame ID: EF5FD35ED998CA803FCF3A9F55CD3B15
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=ff96599e11d24f608b64deb3cc47ac9c5&cb=7469241620197832268
Frame ID: 0DE1E6CBBE19AD4803292C9B90198E3C
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=fkgqtha5989uefmm2fv4b&a=dbb5f90f002061fbc7a47db82fecaa326&cb=3685721620197832290
Frame ID: D2067D41FC13BD82F152AEC490D083CD
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stat?i=fkgqtha5989uefmm2fv4b&a=7646ce6654e9f62ea6cb7e8e2ba32af23&cb=0474311620197832292
Frame ID: EF5FD651E02B10E6D85F80E387C0DEB5
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=46359d5a1763166efe7f8ab86d225dc07&cb=3209751620197832293
Frame ID: 890C9A0E8B5DD05BD7EC1F7384443410
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usersync?i=fkgqtha5989uefmm2fv4b&a=9f6cd564ab696d007f1e44f63ea0d9fb9&cb=9328321620197832294
Frame ID: F0FB6A3DE535EA414FF2CD4CB4D4B30A
Requests: 13 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=3645241e8d854acd7a8aff0638ad9eb49&cb=5042491620197832295
Frame ID: 483C5C3FD22FAB8B9796EDD9BE642376
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=fkgqtha5989uefmm2fv4b&a=5d6aaaa8feeec48a42385842a9db49499&cb=6455591620197832296
Frame ID: CA0EDAFA6DB4970F81525B511E478626
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=fkgqtha5989uefmm2fv4b&a=ac309e07f46bd42d8a631081d8d3fe8e5&cb=7394971620197832297
Frame ID: F00EE711097DC19004C6BAF80BFC223D
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/count?i=fkgqtha5989uefmm2fv4b&a=1721a8209652b0efa17550deb1f149621&cb=0739361620197832298
Frame ID: 481ABC83F5EF8B66A4D7A72CF5BAF362
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/count?i=fkgqtha5989uefmm2fv4b&a=136b4d0b7ca67a2b474436bf7691685b9&cb=3570901620197832298
Frame ID: FC568A028917250CCC0317DD068600EF
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=fkgqtha5989uefmm2fv4b&a=7cf35644625737f8475f5884d5e22c627&cb=0652631620197832299
Frame ID: 5E90B6968D591C6A632CD1A0EAB90883
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/send?i=fkgqtha5989uefmm2fv4b&a=ad4726bc94d4c686f00a381d05c9b8e23&cb=2857781620197832300
Frame ID: 84292B7872DB37923482B06A06A0EF02
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/counter?i=fkgqtha5989uefmm2fv4b&a=8cc10ed0bc5c55eb6856fec3705a7f841&cb=2933871620197832301
Frame ID: 95B1D5B24C493F2103BF139AE5817CE4
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/syncro?i=fkgqtha5989uefmm2fv4b&a=cde3c7794ea47222d84e04c903b61e8e9&cb=8936701620197832301
Frame ID: A21666C400D8D7A5C3FFA9BB7DEA0449
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stat?i=fkgqtha5989uefmm2fv4b&a=c89cdadc08b81b71fc696d2c4b227ab21&cb=9023071620197832302
Frame ID: 83655F329601434805289CC6ED7442CD
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/syncro?i=fkgqtha5989uefmm2fv4b&a=a35baf2254add8eb771d580fd0db064a9&cb=0524971620197832303
Frame ID: CBAB94DF0A3ABE58DD41F920EC4A4B7F
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=bfcff71adef813298ce580d8c8df78ed3&cb=4974371620197832304
Frame ID: 61CE012E75C7464E87A85DADA00DE3F1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6BE0512FECEEE2AD401614C4AB7A6083
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com
Frame ID: 6AC9C049295F73EC6A579F1120529BDA
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 5DA48758E7CD0164B92E93A5CD44A378
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuArT3N-Fbj5w9raTcWU10Blv5jKH1c29vFXBUXzzCwvz8mXgk44EtVXFFz1pubPyBf1fj4DvjQro1ck1k5uky5_5pfDxNaQLFpvgfjp_A75A1cg3VGOs8WjJt3DxFftSoSJ5LcmgOeLqfx-yiIlJA7FJ-18tfhU9D6uATjqBAjKyg6lUNN9g5HCFsyRvOt2IYXl74YCHzXZjYj_Aeq5F4ljeAqsRooPccjQGR69nYnUdkqt_VcIqPyPl0JDtp7acxUlV8sLxRQAAI-BvoDHeSCrE12pOUiLSJfMZjk-A82vgFQPP19kU61xMS1Un7XyBhCLkX7u4kC1tK4iZT1NUZi7lybHuYPn8Br34THTgcllgomLIgzgSoT&sig=Cg0ArKJSzH4nJ5p_0D1eEAE&urlfix=1&adurl=
Frame ID: 01CC389E9877B7974EC33476CBBDCE2C
Requests: 7 HTTP requests in this frame

Frame: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc2&cb=6611071620197833475
Frame ID: 7F8F1ABDC602763A11262E9EF3967032
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf5&cb=3704111620197833477
Frame ID: DCF919F9E979BE94E5C00CB4886E0419
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/count?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144635&cb=8905921620197833479
Frame ID: E7464B2C85FE715B87C7CDC9A5FCE677
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f5&cb=5233151620197833480
Frame ID: 73F5EB89B29CA9E010EEE772E5D8A38B
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b41&cb=6525121620197833480
Frame ID: B6328ADD27976DF12A540CD66FF327C8
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d89&cb=5865211620197833482
Frame ID: 1BF16BD714343546D1DAF49AC2D35C8D
Requests: 13 HTTP requests in this frame

Frame: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d17&cb=3797231620197833483
Frame ID: 95FFCAF60DC4DDA1AE1C0F4776E51A98
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11387&cb=6787991620197833484
Frame ID: C96EC1B9AAF229FC7D63CF00A385E84A
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/counter?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab3&cb=1354991620197833484
Frame ID: 0BC0CC1B4621995F9E1259623EDD7B54
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11203&cb=0534471620197833485
Frame ID: 35480B442231E16E271D50951B762D9E
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c63&cb=4704261620197833486
Frame ID: 81A803F00570354040CD791F663C71D8
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3515&cb=1853111620197833487
Frame ID: 33865ADEBC5EB74E69589A73A7C59C90
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d7&cb=5304931620197833488
Frame ID: 0B59ADFB86DCD69884218D621BD730A8
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d3&cb=6588941620197833492
Frame ID: 9668008C6FD02B44CAA06037392CAE05
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f49&cb=8061841620197833493
Frame ID: DAF979710D44B345E4734F174F4A7873
Requests: 2 HTTP requests in this frame

Frame: http://randiul.com/count?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b5&cb=7640721620197833494
Frame ID: 8F2FEDEBD0453D0DB0813D49EC2C2304
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.tr.html
Frame ID: 4020CCCEA1F6F5EF9B29A21D16C3DA3D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BBB8585E3D7113B9ECF60E9A6CA25AA7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Frame ID: 0CE3D23748BCA7A5919604C0117003F1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Frame ID: 7859538D56223B2EA32B340F425BCA50
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Frame ID: F9DD4A05C4230F268994E04C246C8416
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Frame ID: AFB0963624ED12543CEDBF8A2182E77B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3D7F619F6D700EC846725DE571C1CA97
Requests: 10 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 3FCAD9E89C631A84E02E3E0F3754F6A2
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Frame ID: 4236C1B41A4918D51E20D2273A200C43
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2C7C7B2EDC7C15E8C65444C20C36C20B
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 66E4D890D4E73EF4896952D52F38209C
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&CACHEBUSTER=39795
Frame ID: 48C1E6484206AF93467F3EE8749BA9DA
Requests: 10 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 8D3151A93FF9D40235CC2D456739677F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 7715DBC382B55B7B4EC75101CCEC27F9
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Frame ID: 2FC77B2EFB36032BF21A7EB80770F401
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 19F465EB2FF4DD2223A3E495A8F9785E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7E8EED394B439D29E291683295F92A46
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 42AB1807DC3E9433A66CA330169EFC3D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: CAAAA3984F51A9ED7E20D76DE0CF4315
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A5441E5F63C51651B89050D773BFF676
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D2063CC260F33AF02E1EA1D13F4B4862
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Frame ID: 4B79FCC77695CC0AF85E7CFA3DB3CA24
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Frame ID: 678684D5D53A428DD7E9B91F03070DF0
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 802B8F264B9669D48A58466064A7A833
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4BB01C839992F05D4D6AC76CCB17E2A4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: F225697C85B19BA4B858B13B75E62072
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: AEFAEE03825E0C22A6EEA26914C35A24
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: B77EF8FC68F0D4D8F76FCD017AEA5870
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 278FE3AEE735650C0708A159B992B78F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://mackolik.us/ HTTP 301
    https://mackolik.com/ HTTP 301
    https://www.mackolik.com/ HTTP 302
    http://arsiv.mackolik.com/Default.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery-ui.*\.js/i

Overall confidence: %
Detected patterns
  • script /hit\.gemius\.pl\/xgemius\.js/i
  • script /hit\.gemius\.pl/i
  • script /xgemius\.js/i

Page Statistics

437
Requests

58 %
HTTPS

31 %
IPv6

74
Domains

105
Subdomains

77
IPs

12
Countries

7647 kB
Transfer

27643 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mackolik.us/ HTTP 301
    https://mackolik.com/ HTTP 301
    https://www.mackolik.com/ HTTP 302
    http://arsiv.mackolik.com/Default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Request Chain 52
  • http://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik HTTP 301
  • https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
Request Chain 81
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197831436&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197831436&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=
Request Chain 92
  • http://tr.hit.gemius.pl/fpdata.js?href=arsiv.mackolik.com HTTP 301
  • https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Request Chain 130
  • http://str.hit.gemius.pl/fpdata.js?href=arsiv.mackolik.com HTTP 301
  • https://str.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Request Chain 141
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651 HTTP 307
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Request Chain 142
  • http://tr.hit.gemius.pl/_1620197832070/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=MODVsOogY76DOZtnVzqkb8Fpp..LHUZCc4AZlH36u07.D7&vis=1 HTTP 301
  • https://tr.hit.gemius.pl/_sslredir/_1620197832070/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=MODVsOogY76DOZtnVzqkb8Fpp..LHUZCc4AZlH36u07.D7&vis=1 HTTP 301
  • https://tr.hit.gemius.pl/__/_sslredir/_1620197832070/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=MODVsOogY76DOZtnVzqkb8Fpp..LHUZCc4AZlH36u07.D7&vis=1
Request Chain 199
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 200
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 201
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 203
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 205
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 206
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 207
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 209
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 212
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 213
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 214
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 216
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4758407825927562&tz=-120&fl=0&rr=false&s=4022876&bidid=40485591be3101&transactionid=8c31de4a-b246-4674-b947-95803b14bb5d&auctionid=91c6ac99-1f95-426b-8122-f9a9b9f8a932&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4758407825927562&tz=-120&fl=0&rr=false&s=4022876&bidid=40485591be3101&transactionid=8c31de4a-b246-4674-b947-95803b14bb5d&auctionid=91c6ac99-1f95-426b-8122-f9a9b9f8a932&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
Request Chain 229
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6139153404188613&tz=-120&fl=0&rr=false&s=4022876&bidid=12bb11166a749f8&transactionid=35513067-51db-4eef-83ea-00cdf55994fa&auctionid=4d6f5062-c622-4b77-9624-1ddaa2a30f50&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6139153404188613&tz=-120&fl=0&rr=false&s=4022876&bidid=12bb11166a749f8&transactionid=35513067-51db-4eef-83ea-00cdf55994fa&auctionid=4d6f5062-c622-4b77-9624-1ddaa2a30f50&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
Request Chain 233
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 234
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 236
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 237
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 238
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 239
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 241
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 242
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 243
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 244
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 245
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 246
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 247
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 249
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 250
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 251
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 252
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 253
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 254
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 256
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 257
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 311
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 312
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 313
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 314
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 315
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 316
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 320
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 321
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 322
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 323
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 324
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 325
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 326
  • https://ads.betweendigital.com/adjson?sizes=160x600&jst=hb&ord=3049300253897617.5&tz=-120&fl=0&rr=false&s=4022875&bidid=2bd7b407b3ac4b&transactionid=31e73495-7c2b-44e5-908f-43b019c1d895&auctionid=0776d118-054c-4fa6-bcfc-986115fb6e62&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=160x600&jst=hb&ord=3049300253897617.5&tz=-120&fl=0&rr=false&s=4022875&bidid=2bd7b407b3ac4b&transactionid=31e73495-7c2b-44e5-908f-43b019c1d895&auctionid=0776d118-054c-4fa6-bcfc-986115fb6e62&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
Request Chain 338
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 339
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 340
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 341
  • http://hb.adpone.com/prebid_v4_21.js HTTP 301
  • https://hb.adpone.com/prebid_v4_21.js
Request Chain 343
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
Request Chain 367
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4a396092-41cb-4e00-adca-7360f224f01e
Request Chain 368
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wY2H3sOM3Y7a3offkt-T3s7e34jaioiIk41dIffr
Request Chain 369
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4851975818363996493
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM1NzQyOTUtZmJmNi02ZDMxLTUxOWEtYWEyNzRhNDI5ZGM1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM1NzQyOTUtZmJmNi02ZDMxLTUxOWEtYWEyNzRhNDI5ZGM1&google_tc=
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkQ64fZ2Q3VYQVQP7JZj4k&google_cver=1
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b8ce3a88-7f2f-4306-9714-8c5bcf3c61a8&ssp=between HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d9fcec6-ffd3-4910-a86d-28d1282268b3
Request Chain 374
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eLqnxDYNiE2.AikABlF5O1EE1Q
Request Chain 375
  • https://sync.bumlam.com/?src=bw1&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjLg8mEBlIFvp7KygpiJDJlODliZTMzLTg1YWItNTI3ZC1iZDY1LWI2ZDdkZGY3ZjcxZQ** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjLg8mEBlIFvp7KygpiJDJlODliZTMzLTg1YWItNTI3ZC1iZDY1LWI2ZDdkZGY3ZjcxZaIBECBWP2itbxHrpukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjLg8mEBmIkMmU4OWJlMzMtODVhYi01MjdkLWJkNjUtYjZkN2RkZjdmNzFlogEQIFY_aK1vEeum6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjLg8mEBmIkMmU4OWJlMzMtODVhYi01MjdkLWJkNjUtYjZkN2RkZjdmNzFlogEQIFY_aK1vEeum6QAlkMgkNw** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=20563f68-ad6f-11eb-a6e9-002590c82437
Request Chain 376
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8fcb658cdbc491dd0754fdaf
Request Chain 379
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 385
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8288568004759377021&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 386
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=b24bY5sHiruiDrwpU7lpHw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 388
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8OCOlNaP1LEbta5
Request Chain 389
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&ssp=openx&expires=30&user_group=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=3d9fcec6-ffd3-4910-a86d-28d1282268b3
Request Chain 390
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDY3ZFN0JKSVFBQUMwdlBWdWVPQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=3d9fcec6-ffd3-4910-a86d-28d1282268b3 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=3d9fcec6-ffd3-4910-a86d-28d1282268b3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=35254e88-bca5-434a-bf8d-4b2e23be95ec&user_group=1&ssp=between&bsw_param=3d9fcec6-ffd3-4910-a86d-28d1282268b3 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d9fcec6-ffd3-4910-a86d-28d1282268b3
Request Chain 394
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzkzZjMzMWY4ZGJiY2UyNjFmYTRkNDRlOTRjMmQ4OTBlNzUxZjFhMg
Request Chain 395
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOB3YHHS-1-7V4V&sigv=1&esig=2~d013f0c9ec71122efa2d4a24735f717438dd83a9
Request Chain 396
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CM1lISFMtMS03VjRW
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4a396092-41cb-4e00-adca-7360f224f01e
Request Chain 399
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/HVppBOiwEXXgXjCtsgufzQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7842513381051793958
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELg-usciUkx2rdXJUJhELKs&google_cver=1
Request Chain 408
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=848197195258146193
Request Chain 410
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 412
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YJJBzAAAvlVkawA4 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJJBzAAAvlVkawA4&_test=YJJBzAAAvlVkawA4
Request Chain 413
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=rCyQlxgdcWwLw9nqvNabWwRh&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DrCyQlxgdcWwLw9nqvNabWwRh HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DrCyQlxgdcWwLw9nqvNabWwRh HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DrCyQlxgdcWwLw9nqvNabWwRh&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=89dc2416570d552b598409a7ddbfac08&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DrCyQlxgdcWwLw9nqvNabWwRh HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DrCyQlxgdcWwLw9nqvNabWwRh HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=rCyQlxgdcWwLw9nqvNabWwRh
Request Chain 415
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=20563f68-ad6f-11eb-a6e9-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=20563f68-ad6f-11eb-a6e9-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=vXzOSyRDTClplaevgEtsig& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=vXzOSyRDTClplaevgEtsig&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=vXzOSyRDTClplaevgEtsig&extra2=aidata&google_gid=CAESEFdWXnZc4fZy6g4b0_GOkXM&google_cver=1 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=vXzOSyRDTClplaevgEtsig&extra2=aidata&google_gid=CAESEFdWXnZc4fZy6g4b0_GOkXM&google_cver=1 HTTP 302
  • https://an.yandex.ru/setud/adsniper/DE13B155BF60BD5C?sign=1232466238 HTTP 302
  • https://an.yandex.ru/setud/adsniper/DE13B155BF60BD5C?redir-setuniq=1&sign=1232466238
Request Chain 423
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e8eeed22-2e2b-886f-8474-7209e8939845 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e8eeed22-2e2b-886f-8474-7209e8939845&dcc=t
Request Chain 424
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=2112fe87-ad6f-11eb-87ca-83e5b245c725
Request Chain 426
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=64853DD647AC427DB68DF0EC98AC1523
Request Chain 431
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 435
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&cs=1
Request Chain 436
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/39795 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/39795
Request Chain 438
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&expires=30 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3d9fcec6-ffd3-4910-a86d-28d1282268b3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 441
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F2e89be33-85ab-527d-bd65-b6d7ddf7f71e HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/2e89be33-85ab-527d-bd65-b6d7ddf7f71e

437 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Default.aspx
arsiv.mackolik.com/
Redirect Chain
  • http://mackolik.us/
  • https://mackolik.com/
  • https://www.mackolik.com/
  • http://arsiv.mackolik.com/Default.aspx
86 KB
22 KB
Document
General
Full URL
http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
94.130.143.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s1.cubecdn.net
Software
CCAcc (1.0.1/nvm-s1) / ASP.NET
Resource Hash
f2746d579ec65d660dbf80cd603d3aa0d9e00378fcf9d912fef9989a1e044920

Request headers

Host
arsiv.mackolik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
CCAcc (1.0.1/nvm-s1)
Date
Wed, 05 May 2021 06:57:09 GMT
Content-Type
text/html; charset=utf-8
Content-Length
22277
Connection
keep-alive
Cache-Control
public, max-age=25
Content-Encoding
gzip
Expires
Wed, 05 May 2021 06:57:38 GMT
Last-Modified
Wed, 05 May 2021 06:56:38 GMT
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
sloc
629
s
5
X-US
EXPIRED

Redirect headers

server
AkamaiGHost
content-length
0
location
http://arsiv.mackolik.com/Default.aspx
cache-control
max-age=0
date
Wed, 05 May 2021 06:57:10 GMT
x-content-type-options
nosniff
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; connect-src https: wss:; font-src https: data:; media-src https: blob:;
strict-transport-security
max-age=63072000
x-xss-protection
1
x-frame-options
DENY
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/
91 KB
92 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 05:27:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
5353
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
93435
X-XSS-Protection
0
Expires
Thu, 05 May 2022 05:27:57 GMT
jquery-ui-1.8.23.custom.min.js
cm.cdn.md/js5/jquery-ui-1.8.23.custom/js/
200 KB
51 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery-ui-1.8.23.custom/js/jquery-ui-1.8.23.custom.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Sep 2012 09:04:06 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"d7ff178d339acd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery-ui-1.8.20.custom.css
cm.cdn.md/js5/jquery-ui-1.8.20.custom/css/custom-theme/
33 KB
7 KB
Stylesheet
General
Full URL
http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/css/custom-theme/jquery-ui-1.8.20.custom.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
71da956c41c2147c988d4d8c98db749c20b9e4f50f51a4a8c665c12c962d54b3

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
33346
Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"53e64cf03e75cd1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6510
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery.jsonp-2.1.4.js
cm.cdn.md/js5/
7 KB
3 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery.jsonp-2.1.4.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Mar 2016 12:10:55 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"3375d2e5c57ad11:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery.ui.datepicker-tr.js
cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/ui/i18n/
882 B
1 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/ui/i18n/jquery.ui.datepicker-tr.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
1c0ebfe3482cef643ce84216797b38555c84feacc385807066ce1c9d34c12f26

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Last-Modified
Wed, 08 Aug 2012 08:22:26 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"f3f370f13e75cd1:0"
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
882
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery.ui.datepicker.css
cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/themes/custom-theme/
4 KB
1 KB
Stylesheet
General
Full URL
http://cm.cdn.md/js5/jquery-ui-1.8.20.custom/development-bundle/themes/custom-theme/jquery.ui.datepicker.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
6793b37a48a4b85151458405cf6c5b9e4f18039328cb14fc8e32e29177a08b65

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
4088
Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:25 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"83c221f13e75cd1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1127
Expires
Fri, 04 Jun 2021 06:57:09 GMT
rupmackolik.com.arsiv.js
cdn.eksiup.com/api/special/
7 KB
3 KB
Script
General
Full URL
https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91365534c6efb0b5b61a167af1e26b5be0cc73a60db9d1cfb898bb2adc6d3bb6

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
56773
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09dcea0b2c00004a9787aae000000001
last-modified
Tue, 04 May 2021 15:10:17 GMT
server
cloudflare
etag
W/"609163d9-1beb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IH0LtkSQrNsWhiBuaP09s3ZigLMUP1TnmmG1fxXICMywBRjyG5smU6%2F6EY2T8wQPai8%2BuiD111smZMBV5JyPVV0Fefyx93aOgmy5HyoSEVkI1HUEgeWKX41BAA%3D%3D"}]}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
64a812bea8b44a97-FRA
expires
Tue, 11 May 2021 15:10:58 GMT
jquery.autocomplete.min.js
cm.cdn.md/js5/jquery-autocomplete/
14 KB
5 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery-autocomplete/jquery.autocomplete.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
c13f5ac7ae0e10138056f4c238226392ad28e883f78d3e19fb43dcb9c1b58582

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"435534f03e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
script.js
cm.cdn.md/js5/
28 KB
6 KB
Script
General
Full URL
http://cm.cdn.md/js5/script.js?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
b653f066f750ee7c49d7625ecca7cf8c9aa713e7c2aed11255c663b43479d732

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Apr 2020 13:00:48 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"4d135ee38fd61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
validator.js
cm.cdn.md/js5/
3 KB
2 KB
Script
General
Full URL
http://cm.cdn.md/js5/validator.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
fa589b0dc7e5cbc8fb038114db91bb6ecd872408092a0624fb47e798db79f56f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:21 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"e316caee3e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
UrlHelper.js
cm.cdn.md/js5/Mackolik/
4 KB
1 KB
Script
General
Full URL
http://cm.cdn.md/js5/Mackolik/UrlHelper.js?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
873ebd413711780ef503eb0d9adc5f26a8f1addb18e5b407fb345ec51d61a61e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Nov 2018 13:02:02 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"824f6d8f6382d41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
json2.js
cm.cdn.md/js5/Mackolik/
17 KB
6 KB
Script
General
Full URL
http://cm.cdn.md/js5/Mackolik/json2.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
c1517ff23b17159795e65199e7fc06805bc36c10fe95ef8cd6b696b0fc3b7744

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2012 12:22:46 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"6aba4c78189bcd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
User.js
cm.cdn.md/js5/Mackolik/
11 KB
2 KB
Script
General
Full URL
http://cm.cdn.md/js5/Mackolik/User.js?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
8985bad9bc1075a1519bc3cc1baba8fd995256b3f8f6d6a511de5302077a05fd

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 May 2018 11:57:00 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"513f3dfc7af6d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery.fancybox-1.3.4.pack.js
cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/
15 KB
6 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.pack.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:22 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"e3b5eeee3e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery.fancybox-1.3.4.css
cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/
9 KB
2 KB
Stylesheet
General
Full URL
http://cm.cdn.md/js5/jquery.fancybox-1.3.4/fancybox/jquery.fancybox-1.3.4.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
0be4f543ecce71aa0e5096763d2834f52ff57e754e2f549219c3148c17534aab

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
9524
Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:22 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"432fedee3e75cd1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1923
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery.autocomplete.css
cm.cdn.md/js5/jquery-autocomplete/
845 B
818 B
Stylesheet
General
Full URL
http://cm.cdn.md/js5/jquery-autocomplete/jquery.autocomplete.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
43522c2bf8d77ccab466f6334c7621176e0bcb6fe8604de4f56a2b6f8f615e0d

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"4322df03e75cd1:0"
ntCoent-Length
845
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
447
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery.bxSlider.js
cm.cdn.md/js5/bxslider-1324b6e/source/
43 KB
9 KB
Script
General
Full URL
http://cm.cdn.md/js5/bxslider-1324b6e/source/jquery.bxSlider.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
ff9e832991a492c92de8dca85225f55e5f19b3290292f411c9ef2ba31e59bdee

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Oct 2012 08:16:00 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"8db84a3f6b0cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
bx_styles.css
cm.cdn.md/js5/bxslider-1324b6e/bx_styles/
2 KB
959 B
Stylesheet
General
Full URL
http://cm.cdn.md/js5/bxslider-1324b6e/bx_styles/bx_styles.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
da6abd5cd7d7da4e9caaee5f07b1a613641a2ddb09f0934917fa7b31003c7797

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
1554
Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Oct 2012 08:16:00 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"e59dfea2f6b0cd1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
586
Expires
Fri, 04 Jun 2021 06:57:09 GMT
master.css
cm.cdn.md/css5/
83 KB
15 KB
Stylesheet
General
Full URL
http://cm.cdn.md/css5/master.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
12bb3a8cbbbbe578fc0e90eae189437733fc4cae4a46679c6e0e5269fde0932e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
84700
Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2016 12:04:10 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"cc1d9c5f383fd21:0"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
CookieManager.js
cm.cdn.md/js5/Mackolik/
5 KB
2 KB
Script
General
Full URL
http://cm.cdn.md/js5/Mackolik/CookieManager.js?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
a156603d59ff5dfa2ffadffe143de68ce7eb50071ba19a45ccaa2c54d7beb1cc

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2012 12:22:46 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"b974478189bcd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
Coupon.js
cm.cdn.md/js5/Mackolik/
126 KB
22 KB
Script
General
Full URL
http://cm.cdn.md/js5/Mackolik/Coupon.js?v=31.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
f46774ce119fe427877f181509287b971834830f0b61155e904d123bfce03bfe

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 May 2020 13:12:28 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"71eb82cdba35d61:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
Analytics.js
cm.cdn.md/js5/Mackolik/
309 B
652 B
Script
General
Full URL
http://cm.cdn.md/js5/Mackolik/Analytics.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
98ed689434c165dcaee863a2f9d1880d3c8827f1133a1ff1051e74d2e2b51166

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Last-Modified
Fri, 18 Nov 2016 09:03:36 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"d06d97a57a41d21:0"
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309
Expires
Fri, 04 Jun 2021 06:57:09 GMT
porthole.js
cm.cdn.md/js5/
17 KB
5 KB
Script
General
Full URL
http://cm.cdn.md/js5/porthole.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
8ec3eb4e98e6667ad6a6ab471e6de5ba7d8bdd2caedde38d888ba5dfaad30599

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:21 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"131bc8ee3e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:09 GMT
trivia.css
cm.cdn.md/css5/trivia/css/
9 KB
2 KB
Stylesheet
General
Full URL
http://cm.cdn.md/css5/trivia/css/trivia.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
1e089fe4af7bafaac381f0e4504e20ec5251795a7024ad64ecbda182d73dd2cb

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
9300
Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"11bf32b0a587ce1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1939
Expires
Fri, 04 Jun 2021 06:57:09 GMT
notification.css
cm.cdn.md/css5/trivia/css/
6 KB
2 KB
Stylesheet
General
Full URL
http://cm.cdn.md/css5/trivia/css/notification.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
0f2942b414a2db8e19bc57379fc2292df05dc4fa675979aa7063af6e5fa36d34

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cteonnt-Length
6592
Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"fbe7efafa587ce1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1539
Expires
Fri, 04 Jun 2021 06:57:09 GMT
Profile.css
cm.cdn.md/css5/trivia/css/
24 KB
5 KB
Stylesheet
General
Full URL
http://cm.cdn.md/css5/trivia/css/Profile.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
99b5e9bdcd8b2fe01d9952d123885bbc4d0b9db3c6ac42774e82607ca0bd3147

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"6671cb0a587ce1:0"
ntCoent-Length
24139
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5058
Expires
Fri, 04 Jun 2021 06:57:09 GMT
ProfileButton.css
cm.cdn.md/css5/trivia/css/
364 B
601 B
Stylesheet
General
Full URL
http://cm.cdn.md/css5/trivia/css/ProfileButton.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
796027d4dba4cd6269e6f40609144c06aaff52be2ae40faa09e8240d19d0215f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jul 2013 12:20:15 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"aacf3017a79ce1:0"
ntCoent-Length
364
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
230
Expires
Fri, 04 Jun 2021 06:57:09 GMT
Tooltip.css
cm.cdn.md/css5/trivia/css/
7 KB
2 KB
Stylesheet
General
Full URL
http://cm.cdn.md/css5/trivia/css/Tooltip.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
a54bba77b3aeac1b0a38caee5711c2c452e3eac65ae4238f5b0716b9436e6e56

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"79222b0a587ce1:0"
ntCoent-Length
6699
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1525
Expires
Fri, 04 Jun 2021 06:57:09 GMT
Share.css
cm.cdn.md/css5/trivia/css/
320 B
553 B
Stylesheet
General
Full URL
http://cm.cdn.md/css5/trivia/css/Share.css?v=1.182
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
1820b768bbed677d552ebb3a64b1141c0c48c64acd3dba9cd63c188ca5c87da9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:08:13 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"88bfcb0a587ce1:0"
ntCoent-Length
320
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
182
Expires
Fri, 04 Jun 2021 06:57:09 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3750557
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1628
cf-request-id
09dcea083100004a6e1d304000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-1207"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p42V%2FjsItgEzJCX5VoxEgGfoHNF1eFHLs0DWGi%2FubrA7AanEziy%2By8sIAvVv3ASWxJ0a19sM247vIo8jbhuaazQNvRIEk9ixvBlUMg7103SNaXOU9fXPxYUfeDOhnSUMlA%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64a812b9e9434a6e-FRA
expires
Mon, 25 Apr 2022 06:57:10 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Non-Authoritative-Reason
HSTS
iddaa-icon.png
im.cdn.md/img5/
2 KB
2 KB
Image
General
Full URL
http://im.cdn.md/img5/iddaa-icon.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
b08835e0e96d0237ab2ed9d316a032b5219ed5b68c201cca1eb48180aa13149e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"91468aa34b81cd1:0"
Last-Modified
Thu, 23 Aug 2012 16:23:32 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1648
opta_logo.png
im.cdn.md/img5/
3 KB
4 KB
Image
General
Full URL
http://im.cdn.md/img5/opta_logo.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
5d0070afe85ad97f374bb2c0e442853497a1c9aba921a320c7667ffc3cd6d34a

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"ae6b7bbd5c41d01:0"
Last-Modified
Thu, 05 Feb 2015 15:59:36 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3509
galleryview.css
cm.cdn.md/css5/
2 KB
1 KB
Stylesheet
General
Full URL
http://cm.cdn.md/css5/galleryview.css?v=1.20.06
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
a91d2339b87d400657d27011d1e418ad9e65d7d60727101a64f12278b42f5412

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Sep 2012 12:22:42 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"e2a8e76189bcd1:0"
ntCoent-Length
2168
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
961
Expires
Fri, 04 Jun 2021 06:57:09 GMT
jquery.galleryview-1.1.js
cm.cdn.md/js5/jquery-galleryview-1.1/
25 KB
5 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.galleryview-1.1.js?v=1.20.06
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
ccfbcccdd761f6901f9c2225e022cc7fd07f82a15df3170c210996e9d6cae089

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Jul 2013 11:37:55 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"6e9e23ea1882ce1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:10 GMT
jquery.timers-1.1.2.js
cm.cdn.md/js5/jquery-galleryview-1.1/
3 KB
2 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.timers-1.1.2.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"53ed36f03e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:10 GMT
jquery.easing.1.3.js
cm.cdn.md/js5/jquery-galleryview-1.1/
8 KB
2 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery-galleryview-1.1/jquery.easing.1.3.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"53ed36f03e75cd1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:10 GMT
chelsea-real-madrid-04272021-b.jpg
hm.cdn.md/img/haberbuyuk/c/
48 KB
48 KB
Image
General
Full URL
http://hm.cdn.md/img/haberbuyuk/c/chelsea-real-madrid-04272021-b.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
dce881df37ece3503fb95205b1392bb7c8c1aabc95d084e4d0df71ceef7a39c1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"305a565aab3bd71:0"
Last-Modified
Tue, 27 Apr 2021 21:21:57 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49137
Expires
Fri, 04 Jun 2021 06:57:10 GMT
manchester-city-gol-sevinci-05042021-b.jpg
hm.cdn.md/img/haberbuyuk/m/
62 KB
63 KB
Image
General
Full URL
http://hm.cdn.md/img/haberbuyuk/m/manchester-city-gol-sevinci-05042021-b.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
fc4c88210236fb8e2e96c0e8b048470b77b6a6067a20c8d1a18e0b94085b06e2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"90d1a3852841d71:0"
Last-Modified
Tue, 04 May 2021 21:00:32 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63871
Expires
Fri, 04 Jun 2021 06:57:10 GMT
anadolu-efes-real-madrid-05042021-b.jpg
hm.cdn.md/img/haberbuyuk/a/
54 KB
54 KB
Image
General
Full URL
http://hm.cdn.md/img/haberbuyuk/a/anadolu-efes-real-madrid-05042021-b.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
87067822b7a1880e918f8d8648a8df3bbc9ac01c1fb0cec2aefa15e8f5751ec8

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"b033ed191441d71:0"
Last-Modified
Tue, 04 May 2021 18:34:22 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55316
Expires
Fri, 04 Jun 2021 06:57:10 GMT
berat-ozdemir-trabzonspor-05032021-b.jpg
hm.cdn.md/img/haberbuyuk/b/
26 KB
26 KB
Image
General
Full URL
http://hm.cdn.md/img/haberbuyuk/b/berat-ozdemir-trabzonspor-05032021-b.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
7709df895a6a66348aaf1b8045c84eb9032075ec9e2f94ef03a2ca03b01c35f9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"10dc701ffb40d71:0"
Last-Modified
Tue, 04 May 2021 15:35:33 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26588
Expires
Fri, 04 Jun 2021 06:57:10 GMT
fenerbahce-beko-05042021-k.jpg
hm.cdn.md/img/haber/f/
8 KB
8 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/f/fenerbahce-beko-05042021-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
03c5ecd23de9807d07b82e5273dac606b5369ce5e1f838593f0a672408917032

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"90b53064641d71:0"
Last-Modified
Tue, 04 May 2021 16:56:13 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
Expires
Fri, 04 Jun 2021 06:57:10 GMT
JoseMourinho_TottenhamHotspur_2020-21_k.jpeg
hm.cdn.md/img/haber/J/
17 KB
18 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/J/JoseMourinho_TottenhamHotspur_2020-21_k.jpeg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
99e55b7c506804ba286a8b3e3ad537d7a92b2938a500a6d74752df22b2a4aa3e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"1050eb756519d71:0"
Last-Modified
Mon, 15 Mar 2021 06:35:59 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17573
Expires
Fri, 04 Jun 2021 06:57:10 GMT
chelsea_08022021k.jpg
hm.cdn.md/img/haber/c/
6 KB
6 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/c/chelsea_08022021k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
1cac081799a0f288c62d4ad60a40e417f74dc3e3a1768d04f7a03de722cca911

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"c03741bcf2fdd61:0"
Last-Modified
Mon, 08 Feb 2021 08:16:43 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5884
Expires
Fri, 04 Jun 2021 06:57:10 GMT
dembaba_basaksehir_aa_08112020_K.jpg
hm.cdn.md/img/haber/d/
20 KB
20 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/d/dembaba_basaksehir_aa_08112020_K.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
7be05514fe338ed6cfbab82e994319ab6bab03cc038a24e6e6bbf99980e9e5f2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"03e84184eb8d61:0"
Last-Modified
Wed, 11 Nov 2020 17:14:21 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20201
Expires
Fri, 04 Jun 2021 06:57:10 GMT
ansufati_barcelona_valencia_091419_k.jpg
hm.cdn.md/img/haber/a/
8 KB
8 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/a/ansufati_barcelona_valencia_091419_k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
e85ed70f54fcdcdbf8739151b7398df3e8bcb38f4afd38dba0e6ac802dd30995

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"c08b49933f6bd51:0"
Last-Modified
Sat, 14 Sep 2019 21:01:27 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7908
Expires
Fri, 04 Jun 2021 06:57:10 GMT
javi-martinez-bayern-2019-k.jpg
hm.cdn.md/img/haber/j/
5 KB
6 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/j/javi-martinez-bayern-2019-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
e471e87ed4beab1580036363f9cf3a9877751cacbffa0bab58b83cc6cf944f8b

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"40d139f86d99d61:0"
Last-Modified
Sat, 03 Oct 2020 10:14:24 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5453
Expires
Fri, 04 Jun 2021 06:57:10 GMT
mustafa-yumlu-rizespor-05042021-k.jpg
hm.cdn.md/img/haber/m/
8 KB
9 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/m/mustafa-yumlu-rizespor-05042021-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
113939c820b3432933472ce3a627acd88c9ff77b7ed47b57c8e23a48edd347a0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"d06797b9fd40d71:0"
Last-Modified
Tue, 04 May 2021 15:54:11 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8377
Expires
Fri, 04 Jun 2021 06:57:10 GMT
marcelo-real-madrid-05042021-k.jpg
hm.cdn.md/img/haber/m/
5 KB
5 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/m/marcelo-real-madrid-05042021-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
86efa42fcec119039e2eb953c8030585e3831fcbd38f2b9e3c342e1437feb35c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"90db72d5f040d71:0"
Last-Modified
Tue, 04 May 2021 14:21:54 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5006
Expires
Fri, 04 Jun 2021 06:57:10 GMT
Mackolik_yenilendi_k.jpeg
hm.cdn.md/img/haber/M/
5 KB
5 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/M/Mackolik_yenilendi_k.jpeg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
f0754ba26b5564598ef1b014fd26e849540f2fe60303f91522f25d2a65b04f0f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"60dcba13ab94d61:0"
Last-Modified
Sun, 27 Sep 2020 08:49:14 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5272
Expires
Fri, 04 Jun 2021 06:57:10 GMT
cylelarin_aa_07012021k.jpg
hm.cdn.md/img/haber/c/
25 KB
25 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/c/cylelarin_aa_07012021k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
8f748c119d9d5751485d0df940353e5e21757a21874166a52e71fdd67a409f97

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"109d7ee3cee4d61:0"
Last-Modified
Thu, 07 Jan 2021 08:27:08 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25645
Expires
Fri, 04 Jun 2021 06:57:10 GMT
denizlispor_depophotos_04052021k.jpg
hm.cdn.md/img/haber/d/
15 KB
15 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/d/denizlispor_depophotos_04052021k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
12ede91a905350378daf0b12a4c34e774f688a67f98c9becc8793277e8c05b24

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"b0b1c1e1db40d71:0"
Last-Modified
Tue, 04 May 2021 11:51:56 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15046
Expires
Fri, 04 Jun 2021 06:57:10 GMT
euro2020logo-2021-k.jpg
hm.cdn.md/img/haber/e/
6 KB
7 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/e/euro2020logo-2021-k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
71de2b556685fe99997bb893a59d4a6aaa0c915633f646db2ce030bbda438de1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"9084388102bd71:0"
Last-Modified
Tue, 06 Apr 2021 18:13:23 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6427
Expires
Fri, 04 Jun 2021 06:57:10 GMT
35716
tags.bluekai.com/site/
Redirect Chain
  • http://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
  • https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
62 B
753 B
Image
General
Full URL
https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:11 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
dc09
Content-Type
image/gif

Redirect headers

Location
https://tags.bluekai.com/site/35716?limit=1&phint=event%3Dimp&phint=video%3Dmackolik
Date
Wed, 05 May 2021 06:57:11 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
newsdetail-arrow.png
im.cdn.md/img5/
962 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/newsdetail-arrow.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
b9a09427f1a1422f7302c8eaf58695c42f47466675e86202ebe401a9548adddb

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"b3d8af43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
962
Giannis_Antetokounmpo_14032021k.jpg
hm.cdn.md/img/haber/G/
7 KB
7 KB
Image
General
Full URL
http://hm.cdn.md/img/haber/G/Giannis_Antetokounmpo_14032021k.jpg
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.55 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/hu-nvme22) / ASP.NET
Resource Hash
affa7d0257fe05717ee0484e34d3747939c9f66cbffd49a6b62c15781d427b11

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"7044ec67a618d71:0"
Last-Modified
Sun, 14 Mar 2021 07:48:21 GMT
Server
CCAcc (1.0.1/hu-nvme22)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7106
Expires
Fri, 04 Jun 2021 06:57:10 GMT
NOR.gif
im.cdn.md/img/flags/
367 B
676 B
Image
General
Full URL
http://im.cdn.md/img/flags/NOR.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
b9373534d408ef10e20b3e0653c9d4b901e94a81237b9cdef1cc06c8a0464756

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"032f7af8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:26:54 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
367
120.gif
im.cdn.md/img/logo/kucuk/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/120.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
2ccffddd7ff2e9c0cb1325a12c4786ece0872eac077ee85c4068482270e7f647

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"97539bd5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:42 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1139
POL.gif
im.cdn.md/img/flags/
232 B
542 B
Image
General
Full URL
http://im.cdn.md/img/flags/POL.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
6997ed5d149499d545612b3dffb3b16f2ae9b3f10c7193533115e09ae4733012

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"0b7f37ef8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:27:02 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
232
119.gif
im.cdn.md/img/logo/kucuk/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/119.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
d1a95693da4f11aa4645d8ed704614f14679cb6d46e3a2b67137d81f036eaba2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"d7ef9bd5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:42 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1132
RUS.gif
im.cdn.md/img/flags/
259 B
569 B
Image
General
Full URL
http://im.cdn.md/img/flags/RUS.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
bd5fcf182e343c02c360c3a5080eb4499a4a5e297783b2728306443dd54c4bae

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"0115681f8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:27:06 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259
681.gif
im.cdn.md/img/logo/kucuk/
1004 B
1 KB
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/681.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
f99658f600eb7f107a3504c806a5a5865d173edfe3de1b5e2c4d9593e234886a

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"e7cf15d5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:41 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1004
FRA.gif
im.cdn.md/img/flags/
394 B
703 B
Image
General
Full URL
http://im.cdn.md/img/flags/FRA.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
c123ad847c18a2ec3113d9754a655569ee100e494f0cee10c574008c16ab64a7

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"09b1b219b0c71:0"
Last-Modified
Sat, 16 Jun 2007 11:26:06 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
394
195.gif
im.cdn.md/img/logo/kucuk/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/195.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
fcea0b2bf6dd0c2433efd74345c2bb5fbfb0b017ba404de6373d14b9596d872c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"67e584d5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:42 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1133
AUT.gif
im.cdn.md/img/flags/
275 B
583 B
Image
General
Full URL
http://im.cdn.md/img/flags/AUT.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
d7771dde2892e058642cecd14c076c7d5290028bad01d52bbbff01ddcd17867b

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"090b059b0c71:0"
Last-Modified
Sat, 16 Jun 2007 11:25:20 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
275
8248.gif
im.cdn.md/img/logo/kucuk/
703 B
1013 B
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/8248.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
3955a3073559f4f51c645bcef25f023a7c7cfba87d3bb1fb4a6c5fde2760e865

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"f2c97a26550cd1:0"
Last-Modified
Fri, 22 Jun 2012 10:56:11 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
703
POR.gif
im.cdn.md/img/flags/
558 B
868 B
Image
General
Full URL
http://im.cdn.md/img/flags/POR.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
d5004a9ada961a31405757982290a429a8c264b2a154659e32fab194b53d140c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"0b7f37ef8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:27:02 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
558
157.gif
im.cdn.md/img/logo/kucuk/
571 B
882 B
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/157.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
5ab2cb2850706571717a74499e8430164270ac8305586d45e1d0a3581f43a8b9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"408adc90ba70d21:0"
Last-Modified
Tue, 17 Jan 2017 12:09:34 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
571
ARG.gif
im.cdn.md/img/flags/
327 B
635 B
Image
General
Full URL
http://im.cdn.md/img/flags/ARG.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
97d4d828b296784064da5cb5cd0ff1bfb74d87a79714d117bdf6896b31d94ced

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"0364e39b0c71:0"
Last-Modified
Sat, 16 Jun 2007 11:25:16 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
327
83.gif
im.cdn.md/img/logo/kucuk/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/83.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
58f047e5fdba8b46c00955c2986b253772a95da12ffdaa2eda3742a63d24ce30

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"37bca1d5a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:42 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1161
NED.gif
im.cdn.md/img/flags/
274 B
584 B
Image
General
Full URL
http://im.cdn.md/img/flags/NED.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
611a7dd3b2291b8d305deaf3398c20aa9f7418f1d7bbfa7d64fa6396682bfdc4

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"07c9b76f8afc71:0"
Last-Modified
Sat, 16 Jun 2007 09:26:48 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
274
1159.gif
im.cdn.md/img/logo/kucuk/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/1159.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
caa8795fdc2d03becd1b1fadaf4ba16ca8a02a18bc901b67a305ad70ab39c9e3

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"774bbfd4a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:41 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1116
ENG.gif
im.cdn.md/img/flags/
286 B
595 B
Image
General
Full URL
http://im.cdn.md/img/flags/ENG.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
d34307c9a22438c45e974f24d07f41f83227ecbf729a1a3b0f36cb0c38f1b30c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"014881d9b0c71:0"
Last-Modified
Sat, 16 Jun 2007 11:26:00 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
286
968.gif
im.cdn.md/img/logo/kucuk/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/968.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
983cfd08e05acbb6688d3b881f39dc1d875970138ff41c4c9a1374f4cb399014

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"2798e5d4a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:41 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1148
981.gif
im.cdn.md/img/logo/kucuk/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img/logo/kucuk/981.gif
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
ce94599488ec9e8c575525914a25e9c7d97fabebf8570ce64939fea303cca39f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"4775e3d4a742cf1:0"
Last-Modified
Tue, 18 Mar 2014 12:44:41 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1111
mc.png
im.cdn.md/img5/icons/
2 KB
2 KB
Image
General
Full URL
http://im.cdn.md/img5/icons/mc.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
939ec52ac0dd04dc5bcbd3fe8f4027e42a79989d9a7588fecd2c85aaa2987ba2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"9369cbf43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1630
twit-ico.png
im.cdn.md/img5/icons/
1 KB
2 KB
Image
General
Full URL
http://im.cdn.md/img5/icons/twit-ico.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
f2ff5e9280f6a481345116d335ff6f334378f045afed98c85815e3c3a717dbd3

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"e3f0d5f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1471
get.ashx
run.admost.com/adx/
23 B
707 B
Script
General
Full URL
https://run.admost.com/adx/get.ashx?k=55003&preredir={amClickThru}
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Server
haproxy-go
Var
s:go601;c:1;e:29;hc:32
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
footer-ico.png
im.cdn.md/img5/
946 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/footer-ico.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"1339a5f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
946
admost.js
go.admost.com/adx/js/
4 KB
4 KB
Script
General
Full URL
http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Last-Modified
Wed, 10 Mar 2021 15:26:32 GMT
Server
haproxy-go
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
3985
Expires
-1
xgemius.js
tr.hit.gemius.pl/
39 KB
11 KB
Script
General
Full URL
http://tr.hit.gemius.pl/xgemius.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
217.182.200.29 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm7.host.hit.gemius.pl
Software
GHC /
Resource Hash
3177712e455be4da8e6afb3efe5d1f5dd26346917d63c22becb6d1c953102362

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 11:13:20 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
10546
Expires
Wed, 05 May 2021 18:57:11 GMT
beacon.js
b.scorecardresearch.com/
1 KB
2 KB
Script
General
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-129.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 05 May 2021 06:28:56 GMT
Via
1.1 5aa1be24b1cf8e3c10252fabac41cc27.cloudfront.net (CloudFront)
Last-Modified
Fri, 26 Feb 2021 14:35:05 GMT
Server
AmazonS3
Age
1695
ETag
"1827f116c73f319409b97f10b8a58ade"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
MAD50-C1
Accept-Ranges
bytes
Content-Length
1469
X-Amz-Cf-Id
Xv_0gvCpuc3dGHvNqwpVI1QRkpgbfKieuXARn2Jb110fdactStecvQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197831436&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csah...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197831436&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csa...
64 B
329 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197831436&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-129.mad50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
via
1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
l-788JXce6pmikgf1Jgaw9nqgeWjKuBtQ0JGc14wW9l1DUyqMI5btg==

Redirect headers

date
Wed, 05 May 2021 06:57:11 GMT
via
1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1620197831436&ns_c=UTF-8&cv=3.5&c8=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&c7=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&c9=
content-length
308
x-amz-cf-id
090T-fZIPzVwDTjotra9Mwu3ME1ju3RO7wyaN-nTMTqmGrKY-pKHqw==
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2280
date
Wed, 05 May 2021 06:19:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 05 May 2021 08:19:11 GMT
new-mackolik-logo.png
im.cdn.md/img5/
5 KB
5 KB
Image
General
Full URL
http://im.cdn.md/img5/new-mackolik-logo.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
051bcb4e7ec2e3a0a3e136cc2cc74f650f78a389ac7e4d88a8bc2d27d10859c1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"aaa3bd264881cd1:0"
Last-Modified
Thu, 23 Aug 2012 15:58:35 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4670
home-ico.png
im.cdn.md/img5/
2 KB
2 KB
Image
General
Full URL
http://im.cdn.md/img5/home-ico.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
47c9ac90d4519600c96b8e3a69bb9f6d6bf39cdf1dff9aae44306e0ceeab02d0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"f3aeaef33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1945
menu-bg.png
im.cdn.md/img5/
968 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/menu-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
441f219ed57ed9ba64aedc1344c051924b4427e129a31df2528bd7e53d5cb7b5

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"735a5f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
968
menu-hover.png
im.cdn.md/img5/
987 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/menu-hover.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
61ac0055643f185e2957d5a8c5d8e7c1f526101ed2394381207ba1ac49b7f4ed

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"735a5f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
987
menu-right-bg2.png
im.cdn.md/img5/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img5/menu-right-bg2.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
5ae42226599cbac001f2db8f5a32cb3f389de9893e4f9e1d88de3118fefa412f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"6d3480b3f984cd1:0"
Last-Modified
Tue, 28 Aug 2012 08:47:05 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1105
index-search-k.png
im.cdn.md/img5/
2 KB
2 KB
Image
General
Full URL
http://im.cdn.md/img5/index-search-k.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
812031ef332b67aa8f3efe65e4dec304864ceb58b8442e08cdbdd82be187ce55

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"54f5f1ad2845d01:0"
Last-Modified
Tue, 10 Feb 2015 11:57:01 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1741
bottom-menu-bg.png
im.cdn.md/img5/
973 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/bottom-menu-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
a6121e496afc82cd9dac0022c7824ef5af01e40e99e4f1171729d1e486ea20d6

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"33ff91f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
973
get.ashx
run.admost.com/adx/
914 B
2 KB
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=46597&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e339219d347effa315af137b67c0442a018ed4e5f38c2c2748d994644a372ab2

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Server
haproxy-go
Pbk
473044-328614-46597
Var
s:go601;c:1;e:14;hc:3;r:>473044-328614-46597-0;cs:cp:cache_z_46597_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
914
Expires
-1
gpt.js
securepubads.g.doubleclick.net/tag/js/
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
b430b9ac127cafc38ffc155ec9111c56f80e7c2b2e5d686796888b55ca16fcc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"862 / 144 of 1000 / last-modified: 1620166139"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21154
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:11 GMT
fpdata.js
tr.hit.gemius.pl/_sslredir/
Redirect Chain
  • http://tr.hit.gemius.pl/fpdata.js?href=arsiv.mackolik.com
  • https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
281 B
479 B
Script
General
Full URL
https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.182.200.29 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm7.host.hit.gemius.pl
Software
GHC /
Resource Hash
22a4d03cab85dbb00fc95dc69cd0ba33e69f3f58df274298a3815cab89235db5

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
281
expires
Fri, 04 Jun 2021 06:57:11 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Server
GHC
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Location
https://tr.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
0
Expires
Tue, 04 May 2021 06:57:11 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2071184808&t=pageview&_s=1&dl=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Mackolik.com%20-%20iddaa%2Ccanl%C4%B1%20ma%C3%A7%2Ciddaa%20sonu%C3%A7lar%C4%B1%2Csahadan%2Cfutbol%20%40%20Mackolik.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1638159401&gjid=484138764&cid=795096436.1620197832&tid=UA-241588-3&_gid=9162245.1620197832&_r=1&_slc=1&z=1038716881
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
123 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-241588-3&cid=795096436.1620197832&jid=1638159401&gjid=484138764&_gid=9162245.1620197832&_u=IEBAAEAAAAAAAC~&z=1372055129
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 05 May 2021 06:57:11 GMT
content-type
text/plain
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
panel-trans.png
cm.cdn.md/js5/jquery-galleryview-1.1/themes/red/
930 B
1 KB
Image
General
Full URL
http://cm.cdn.md/js5/jquery-galleryview-1.1/themes/red/panel-trans.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
037921b880f09ad6fadb833e28069c2dc8a6f5564587bad9695885b3b62ffae9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
Last-Modified
Wed, 08 Aug 2012 08:22:24 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
"138642f03e75cd1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
Expires
Fri, 04 Jun 2021 06:57:10 GMT
get.ashx
run.admost.com/adx/
23 B
707 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=49886&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Server
haproxy-go
Var
s:go602;c:1;e:24;hc:12
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/
300 KB
106 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:11 GMT
sticky-footer.js
cdn.eksiup.com/api/
8 KB
4 KB
Script
General
Full URL
https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupmackolik.com.arsiv.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384b935474ab09f84f7e845a6e91d8cbad2ff14ed25053d0be524d4624550875

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3170
cf-polished
origSize=9393
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09dcea0c3000004e0e4689b000000001
last-modified
Sat, 05 Dec 2020 00:45:47 GMT
server
cloudflare
etag
W/"5fcad83b-24b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pc9KUjKc25R7QZk1rJxljFo9O%2F88QmbD6FYi%2BmbdE9NUKHJQEC5i%2ByE7YSkmAmwrxs%2Fq%2FT8BkTghX0sbcKTOQGynRgAE7Fjl3RhBORqCSJZ%2B35e6WFZXs2RpZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
64a812c04a614e0e-FRA
expires
Tue, 04 May 2021 12:03:46 GMT
VideoPlayer.aspx
arsiv.mackolik.com/VideoPlayer/ Frame 1FD0
15 KB
4 KB
Document
General
Full URL
http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
94.130.143.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nvm-s1.cubecdn.net
Software
CCAcc (1.0.1/nvm-s1) / ASP.NET
Resource Hash
f20dafc9f52f410cb8d31261d8eb82197df655c212e3c4c679937553f9353526

Request headers

Host
arsiv.mackolik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/Default.aspx
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
am_cookie_test=true; _ga=GA1.2.795096436.1620197832; _gid=GA1.2.9162245.1620197832; _gat=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/Default.aspx

Response headers

Server
CCAcc (1.0.1/nvm-s1)
Date
Wed, 05 May 2021 06:57:10 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
public, max-age=742
Expires
Wed, 05 May 2021 07:04:27 GMT
Last-Modified
Wed, 05 May 2021 05:24:27 GMT
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
sloc
629
s
5
X-US
HIT
Content-Encoding
gzip
get.ashx
run.admost.com/adx/
23 B
706 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=14420&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Server
haproxy-go
Var
s:go593;c:1;e:29;hc:4
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
blue-bg.png
im.cdn.md/img5/
939 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/blue-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
f82fa028dce989ca4321ce730ff7ebdf14845f2529464866c95f2b64c68a118d

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"38a91f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
939
brown-bg.png
im.cdn.md/img5/
940 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/brown-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
a13329727556eb03b67a9ae8a13ced0ba088dc4d11dfa26570e78ff7cbe2bb56

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"637492f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
940
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 1FD0
91 KB
92 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 05:27:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
5354
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
93435
X-XSS-Protection
0
Expires
Thu, 05 May 2022 05:27:57 GMT
jquery.jsonp-2.1.4.js
cm.cdn.md/js5/ Frame 1FD0
7 KB
3 KB
Script
General
Full URL
http://cm.cdn.md/js5/jquery.jsonp-2.1.4.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Mar 2016 12:10:55 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"3375d2e5c57ad11:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:10 GMT
docs.min.css
js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/ Frame 1FD0
59 KB
21 KB
Stylesheet
General
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/docs.min.css
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-122.cdn77.com
Software
MerlinCDN /
Resource Hash
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:11 GMT
Via
HTTP/1.1 Merlin CDN
X-Content-Type-Options
nosniff
Age
49336
grace
none
Transfer-Encoding
chunked
X-Cache
CMISS_01
P3P
CP= CAO PSA OUR
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Allow
GET, HEAD, POST
Server
MerlinCDN
X-Midtier
de-fra-dp-s01
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge
de-fra-dp-s02
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
healthy
none
X-Age
0
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
X-VCT
0.000
beacon.js
sb.scorecardresearch.com/ Frame 1FD0
1 KB
2 KB
Script
General
Full URL
http://sb.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-129.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 05 May 2021 06:28:56 GMT
Via
1.1 713e5c81a0f7ad564b97cf451e92aaac.cloudfront.net (CloudFront)
Last-Modified
Fri, 26 Feb 2021 14:35:05 GMT
Server
AmazonS3
Age
1695
ETag
"1827f116c73f319409b97f10b8a58ade"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
MAD50-C1
Accept-Ranges
bytes
Content-Length
1469
X-Amz-Cf-Id
q5TMc78SIMVRohdAqHjsip2OgDRB-rlnysiqcNuc4mdS7H0YE517nA==
gstream.js
str.hit.gemius.pl/ Frame 1FD0
28 KB
8 KB
Script
General
Full URL
http://str.hit.gemius.pl/gstream.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
79.137.69.91 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm11.host.hit.gemius.pl
Software
GHC /
Resource Hash
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 11:13:20 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
8037
Expires
Wed, 05 May 2021 18:57:11 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1FD0
334 KB
115 KB
Script
General
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Length
117044
X-XSS-Protection
0
Expires
Wed, 05 May 2021 06:57:11 GMT
docs.min.js
js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/ Frame 1FD0
967 KB
312 KB
Script
General
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-122.cdn77.com
Software
MerlinCDN /
Resource Hash
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:11 GMT
Via
HTTP/1.1 Merlin CDN
X-Content-Type-Options
nosniff
Age
49335
grace
none
Transfer-Encoding
chunked
X-Cache
CMISS_01
P3P
CP= CAO PSA OUR
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Allow
GET, HEAD, POST
Server
MerlinCDN
X-Midtier
de-fra-dp-s01
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge
de-fra-dp-s02
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
healthy
none
X-Age
0
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
X-VCT
0.000
videojs-dock.js
cm.cdn.md/js5/ Frame 1FD0
13 KB
4 KB
Script
General
Full URL
http://cm.cdn.md/js5/videojs-dock.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
195.244.32.73 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/izm-nvme-s5) /
Resource Hash
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2016 09:38:40 GMT
Server
CCAcc (1.0.1/izm-nvme-s5)
ETag
W/"5f2740967e20d21:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 04 Jun 2021 06:57:10 GMT
sticky-footer.php
cdn.eksiup.com/api/
669 B
998 B
XHR
General
Full URL
https://cdn.eksiup.com/api/sticky-footer.php?siteid=25&slotid=25&width=1600
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f324e01e06560f8cf72e66ba86e85294b4ddb2775c3690b18efbb7e6ef6c68eb

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

xr-caches
slave
date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
xr-cache
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GsCq2Wip9g4zMoTExEQdECQkV5S5DNS8wIb%2F9PnqwRE%2BMnB2IEwAmNED7M0PcgyqMYGn93g6kDE3d0b4UYtF1pHidhiJGdylnQPQBzHDVVGeBROn5zlX3bL%2BWQ%3D%3D"}]}
content-type
application/json
access-control-allow-origin
*
cf-ray
64a812c09abd6395-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09dcea0c5e000063950cb75000000001
get.ashx
run.admost.com/adx/
871 B
2 KB
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=46595&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
81f5e8672a0895c95e0d3e3a500778d9f39c854fb3be84ebcc29846876cf30da

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Server
haproxy-go
Pbk
473043-328613-46595
Var
s:go593;c:1;e:-9223372036;hc:0;r:>473043-328613-46595-0;cs:cp:cache_z_46595_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
871
Expires
-1
truncated
/
352 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EE30
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/sticky-footer.js?siteid=25&slotid=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
b430b9ac127cafc38ffc155ec9111c56f80e7c2b2e5d686796888b55ca16fcc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"862 / 649 of 1000 / last-modified: 1620166139"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21154
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:11 GMT
pubads_impl.js
pagead2.googlesyndication.com/pagead/managed/js/m202102160101/
290 KB
102 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/m202102160101/pubads_impl.js?0.20398179125118276
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44488255f30bbe2a93d2d23f241683fd1d71e2c9aa5f6371335a1c2decd6c823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103739
x-xss-protection
0
server
cafe
etag
15617074219437704704
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 05 May 2021 06:57:11 GMT
integrator.js
adservice.google.fr/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
9 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=994027409612509&correlator=2658448199047973&output=ldjh&impl=fif&eid=31060959%2C31060187%2C31060824%2C31060839&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Ctopbanner_masthead_multisize_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C980x250%7C970x250&cookie_enabled=1&bc=23&abxe=1&lmt=1620197798&dt=1620197831857&dlt=1620197830679&idt=1164&frm=20&biw=1600&bih=1200&oid=3&adxs=320&adys=134&adks=821623584&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=960x90&msz=960x90&ga_vid=795096436.1620197832&ga_sid=1620197832&ga_hid=2071184808&ga_fc=false&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
113dc0a39cd08c560c47d4067cacfa781462e754488f09986965e84dfdb1197c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4624
x-xss-protection
0
google-lineitem-id
5592962289
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138337300740
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eaac02f77194982ef93924cecb4d40dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://eaac02f77194982ef93924cecb4d40dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

truncated
/ Frame 1FD0
1 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
http://arsiv.mackolik.com
Referer
http://js.duhnet.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
gemiuslib.js
str.hit.gemius.pl/ Frame 1FD0
37 KB
10 KB
Script
General
Full URL
http://str.hit.gemius.pl/gemiuslib.js
Requested by
Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gstream.js
Protocol
HTTP/1.1
Server
79.137.69.91 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm11.host.hit.gemius.pl
Software
GHC /
Resource Hash
3ef707fc4a3c01523d30510ce8a91d224e4b80d31be2fd7b18ceee18fb5c437b

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 11:13:20 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
10199
Expires
Wed, 05 May 2021 18:57:11 GMT
pubads_impl_2021042801.js
securepubads.g.doubleclick.net/gpt/ Frame EE30
300 KB
106 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 08:37:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108145
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:11 GMT
ads
securepubads.g.doubleclick.net/gampad/
8 KB
4 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=994027409612509&correlator=2658448199047973&output=ldjh&impl=fif&eid=31060959%2C31060187%2C31060824%2C31060839&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Ctopmpu_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1620197798&dt=1620197831903&dlt=1620197830679&idt=1164&frm=20&biw=1600&bih=1200&oid=3&adxs=972&adys=245&adks=3491219890&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=795096436.1620197832&ga_sid=1620197832&ga_hid=2071184808&ga_fc=false&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
848cd9209646f381596bf239a2f81742fc3aafff682f625f0682e62f64a6c8ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4540
x-xss-protection
0
google-lineitem-id
5592962289
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138337678456
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.ashx
run.admost.com/adx/
23 B
706 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=16998&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Server
haproxy-go
Var
s:go601;c:1;e:35;hc:3
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
standing-bg.png
im.cdn.md/img5/
966 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/standing-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
c45435989dbfa92ad5a498960feea35a92a8ccfa8032d929c29e6da89114e737

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"a34945f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
966
standing-hover.png
im.cdn.md/img5/
974 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/standing-hover.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
146c53518c6967e7e13ea9b117028f06b5af60bc1035e670ff35fede53253a30

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"33a946f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
974
menubar-bg.png
im.cdn.md/img5/
957 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/menubar-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
932bdfb828436b081101296ca3c21e1232156bb95ecce0ab39c0f34dc4086dc9

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"d3810f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
957
fpdata.js
str.hit.gemius.pl/_sslredir/ Frame 1FD0
Redirect Chain
  • http://str.hit.gemius.pl/fpdata.js?href=arsiv.mackolik.com
  • https://str.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
281 B
375 B
Script
General
Full URL
https://str.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.182.200.29 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm7.host.hit.gemius.pl
Software
GHC /
Resource Hash
1099daf3eff8bce7376a0d498f31fa22a1ac64198a688940e178393ad713d212

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
281
expires
Fri, 04 Jun 2021 06:57:12 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:11 GMT
Server
GHC
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Location
https://str.hit.gemius.pl/_sslredir/fpdata.js?href=arsiv.mackolik.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
0
Expires
Tue, 04 May 2021 06:57:11 GMT
analytics.js
www.google-analytics.com/ Frame 1FD0
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2280
date
Wed, 05 May 2021 06:19:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 05 May 2021 08:19:11 GMT
truncated
/ Frame 1FD0
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Origin
http://arsiv.mackolik.com
Referer
http://js.duhnet.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
1dlryyf7b8ahn1m9lzlff1gc2v_2400000.mp4
daznplayervod.daznservices.com/ePlayer2/20210504/ Frame 1FD0
5 MB
0
Media
General
Full URL
https://daznplayervod.daznservices.com/ePlayer2/20210504/1dlryyf7b8ahn1m9lzlff1gc2v_2400000.mp4
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Last-Modified
Tue, 04 May 2021 13:20:40 GMT
Server
AmazonS3
x-amz-request-id
69VSTTHKTH4S1FM9
ETag
"7f78344735986225eaf1f98950c847b4-9"
Content-Type
video/mp4
Content-Range
bytes 0-42099501/42099502
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42099502
x-amz-id-2
Pd+vZmDkHNPGJF/A587Du4X2da0T76Fh66SCJm2NGIEpqjWgUKFKFfPdDvkTd9atryCNkZZ9Rk8=
bridge3.453.0_tr.html
imasdk.googleapis.com/js/core/ Frame 85BB
570 KB
187 KB
Document
General
Full URL
http://imasdk.googleapis.com/js/core/bridge3.453.0_tr.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de00817d2456b6108f78a2774d70d1ab8658a5ba300ab4023c55dd2817de052a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Host
imasdk.googleapis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Content-Length
190928
Date
Wed, 05 May 2021 04:12:25 GMT
Expires
Thu, 05 May 2022 04:12:25 GMT
Last-Modified
Wed, 21 Apr 2021 20:50:03 GMT
X-Content-Type-Options
nosniff
Server
sffe
X-XSS-Protection
0
Age
9887
Cache-Control
public, max-age=31536000
client.js
s0.2mdn.net/instream/video/ Frame 1FD0
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:12 GMT
mackolik_emk3rudazsjg14plgfcgb585b.png
images.performgroup.com/di/library/eplayer3_user_guide/5a/e0/ Frame 1FD0
2 KB
3 KB
Image
General
Full URL
http://images.performgroup.com/di/library/eplayer3_user_guide/5a/e0/mackolik_emk3rudazsjg14plgfcgb585b.png?h=28
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=canlisonuc
Protocol
HTTP/1.1
Server
2.18.232.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9f3facbbca03a3c32a03c74da2152f3888997c01e9c523e8801cc7e0d89d516

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Last-Modified
Mon, 03 May 2021 16:40:44 GMT
Server
Apache
ETag
"96d-5c16f9f6ffb00"
Content-Type
image/png
X-Server-Id
62ff5c2cd20855624be087e9eecfdb9ec2d414af
Cache-Control
max-age=66631
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2413
Expires
Thu, 06 May 2021 01:27:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A581
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvrRcdhoywQ6F8UVLo3dewP7v2N0nu_Dx2LqPVGJ_v1TSHTA09GwPODlxpiDyeDYC7yck3my77AJG2dH7gLlNrDNke98xvgHOw3p0iLF_u_e9JiO0gohJb35m_iXvsS_5BP8Zf3ObiE-N1iYayQxPG1_7MMLpUMIAy4QqWR5VV7J1F6iT9MqOIenHgZN727ha7NSGmGghruhCDGfEg5dDdTJVKoX2WcBWKSflAGTzRM_-iK0fq6iLB1SLapCoGxwVJaD4e9SG8Nh4aXQ31L9j-_57B7sefvnbN_lU3eaVZwubkxMr9Z4BBgFO1jb1-z1u_OHFFPIr61cVG7iDXY4mB7Z42ndNArAQHrzEFvZMX_rHe5TPlpPb3qPj1b3nFd-0&sai=AMfl-YT2zykEG1PB2o-wTZgIFki3l22eIFXcojx5wx7qiY9Y24jscgrayJsMm_zPub_tq27xoGo0hD7Br8VcJqrdkmrDYSg4cid-ni3AqlJmNI5ecn-sjRMKgEr4gWY4P78g&sig=Cg0ArKJSzD6puAbyZbG-EAE&urlfix=1&adurl=
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 May 2021 06:57:12 GMT
t.js
randiul.com/ Frame A581
17 KB
17 KB
Script
General
Full URL
http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
385696ef2d8449d52d84587aa8470d1d4b797e6e1793901af605106f032cdec1

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
X-Amz-Cf-Id
2ICeHuZc3OA3Yo0a0jFn7Tka_a9Ud9kzvhZS4H5BEIFV7Wif1KDpSg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A581
116 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:12 GMT
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056503243602"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:12 GMT
like.php
www.facebook.com/plugins/ Frame 4F55
Redirect Chain
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&heig...
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&hei...
31 KB
13 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
92d07c5239095c047b7c3806667f8d471c0e20bd8050b67abfa1c4f74a9c63ef
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.mackolik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
RfomFEhTVaK41+MXO1KwI4U9MbshF7Q53d39J+7UligvihZwM8QxiqYDY2L5nF9ZdzQTusYDTwo9djLylrZoVg==
date
Wed, 05 May 2021 06:57:12 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Non-Authoritative-Reason
HSTS
rexdot.js
tr.hit.gemius.pl/__/_sslredir/_1620197832070/
Redirect Chain
  • http://tr.hit.gemius.pl/_1620197832070/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackol...
  • https://tr.hit.gemius.pl/_sslredir/_1620197832070/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Fa...
  • https://tr.hit.gemius.pl/__/_sslredir/_1620197832070/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%...
169 B
430 B
Script
General
Full URL
https://tr.hit.gemius.pl/__/_sslredir/_1620197832070/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=MODVsOogY76DOZtnVzqkb8Fpp..LHUZCc4AZlH36u07.D7&vis=1
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.182.200.29 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm7.host.hit.gemius.pl
Software
GHC /
Resource Hash
9b1edbaa82e316f59775f414613a89c811f3662640092d941062e8ec1fd9f1ab

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Tue, 04 May 2021 06:57:12 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_sslredir/_1620197832070/rexdot.js?l=100&id=nGuQbY.qP0PVuSig3A0pNGaErmEBn5ug5StqFbwNQiH.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=MODVsOogY76DOZtnVzqkb8Fpp..LHUZCc4AZlH36u07.D7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Tue, 04 May 2021 06:57:12 GMT
integrator.js
adservice.google.fr/adsid/ Frame EE30
107 B
122 B
Script
General
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EE30
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
popular-bg.png
im.cdn.md/img5/
958 B
1 KB
Image
General
Full URL
http://im.cdn.md/img5/popular-bg.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
3ae830068399ffead55c272748252cda43e6103da5e6b0d673ae751c27d52200

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"93472af43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:30 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
958
twit-top.png
im.cdn.md/img5/
1 KB
2 KB
Image
General
Full URL
http://im.cdn.md/img5/twit-top.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
5aff8b1abcb6212d44a19927db2e892166a403245e076a5f6b64e6d9dac3bbd2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:10 GMT
ETag
"437f92f43e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:31 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1263
ads
securepubads.g.doubleclick.net/gampad/ Frame EE30
489 B
277 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3871833307006147&correlator=2974488899624095&output=ldjh&impl=fif&eid=31060842%2C31060900%2C31060989%2C31060824%2C21066612&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Csticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C375x100%7C728x90%7C300x50%7C320x50%7C970x90&cookie=ID%3Dbadaa4785b9bea65-22603b3008c800af%3AT%3D1620197831%3AS%3DALNI_MZcplNGWdCZyR7szGV4oBF-B4cvDQ&cdm=arsiv.mackolik.com&bc=23&abxe=1&lmt=1620197832&dt=1620197832082&dlt=1620197831827&idt=247&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=800&adys=1317&adks=2617765872&ucis=oby2c8mf0x6e&ifi=1&ifk=984508663&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&ref=http%3A%2F%2Farsiv.mackolik.com%2F&top=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1x100&msz=1x100&ga_vid=795096436.1620197832&ga_sid=1620197832&ga_hid=307801783&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
f37518bfcc8ff442c9dec377f199a244883776d3e9398ccb0d9216cbf50bdcb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
34b25170a8e78b1a8586fdec834b7013.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE30
0
0
Other
General
Full URL
https://34b25170a8e78b1a8586fdec834b7013.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame EE30
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

collect
www.google-analytics.com/j/ Frame 1FD0
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=282524362&t=event&_s=1&dl=http%3A%2F%2Farsiv.mackolik.com%2FVideoPlayer%2FVideoPlayer.aspx%3Fid%3D10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v%26autoplay%3Dtrue%26showads%3Dtrue%26page%3Dcanlisonuc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=630x355&je=0&ec=Videos&ea=play&el=1dlryyf7b8ahn1m9lzlff1gc2v&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=795096436.1620197832&tid=UA-241588-3&_gid=9162245.1620197832&_slc=1&z=274673815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/668B)
Age
817
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
get.ashx
run.admost.com/adx/
277 B
1 KB
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=14421&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
98df8b1ca191f1ca6f0f6e40088c7835a7bddd048d87d658c408f35d65446781

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
haproxy-go
Pbk
431703-287981-14421
Var
s:go602;c:1;e:-9223372036;hc:0;r:>431703-287981-14421-0;cs:cp:cache_z_14421_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
277
Expires
-1
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_bvslt&pvsid=994027409612509&vrg=2021042801&nw_id=90851098&nslots=2&eid=31060959%2C31060187%2C31060824%2C31060839&pub_url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&t=244&f=1
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5CDA
36 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:38:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1113
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 05 May 2021 07:38:39 GMT
truncated
/ Frame A581
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b50728a4409bfbd46ff7102be4430b3709158de733856433393ffa8c3245d0c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A7EA
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjfVqRc7C9u2Mb7sDQYH--kN7SR2i7UuPnCtjhDvGSSwaeT9AjAUV8glWPx5lUjyyMPKZexO9UGe1-DTm1KEDE4aI_LOX6CCCdnyfQRgXRcSdzcPZbJUheSuhmQ9R_DKUAcqwBqV8cK2TeCY5jr86baC7Rz0XgGw9rHZ8jH4zz-NQBgg8tEVygSLPXLZtPkUXjVcGMCSDbkaZdFXGCiaZh7F934zlpCa89g70f79DHrmv41R-z1aZltlKYqi92djZjogOEFMbaAZEXWkLByrwQyL-55rzbpDC1jrxvctweXVTbBD8V6ILl8q7U2zLhd3aE7Nqy_0urxDgmhVitm5pxtI7lhP12EhXnLg&sai=AMfl-YTfH6QnRfxqE5-jaPP2fhjM_hJtURKcPgkKoOZjs2hwoEWUWY3n8ke4daZaXJ9UfsTsxVGu8ojZvhnfT5dNpgryco8GXY_W8huJMFB85iqqgotabI2iB1SCmLY6zC03&sig=Cg0ArKJSzMd00VudFsdgEAE&urlfix=1&adurl=
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
t.js
randiul.com/ Frame A7EA
17 KB
17 KB
Script
General
Full URL
http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
047f93beff6e385b47ad98b78106c1207977911ad4826c370b992d79e5b3c3aa

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
X-Amz-Cf-Id
U3TmeHs1VclE0n4g5qi81TJYGNB2PmA5YOmFFW8cG3AeA0H8wEjt-g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A7EA
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:12 GMT
spor_toto_5_300x250.png
admost-banner.b-cdn.net/admost/4/2017/6/
8 KB
9 KB
Image
General
Full URL
https://admost-banner.b-cdn.net/admost/4/2017/6/spor_toto_5_300x250.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
f40f602ff26e222ea2ae16e5a5f8ad96a52ca03e7473e998bb02e60da0a942e0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
x-downloadsize
39618
cdn-edgestorageid
632, 602
x-bo-processingtime
0
cdn-cachedat
2021-05-05 08:42:23
cdn-pullzone
178422
x-bo-server
DE-95
last-modified
Wed, 05 May 2021 06:42:20 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-bo-origindownloadtime
2604
content-type
image/webp
cdn-cache
HIT
cdn-uid
79355934-3932-41c0-9817-733cc0c4d7a6
cache-control
public, max-age=2592000
x-bo-compressionratio
78.34%
cdn-requestid
62b0b6ad6d37d303cd0d207b47e96520
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
get.ashx
run.admost.com/adx/
23 B
706 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=14472&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
haproxy-go
Var
s:go602;c:1;e:32;hc:8
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
truncated
/ Frame A7EA
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6372563089a21b381941d79768d9bff09afc0c73249060a0edf2c18e14a0a26c

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Cookie set async_usersync
randiul.com/ Frame AE8A
9 KB
10 KB
Document
General
Full URL
http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=8ef9bd6b8e048d32d0b2ff4a99f285d42&cb=9212881620197832251
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=b648f1f938eeaad6d0ae4af200529270e2e7f0d4; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
USFKKwraZsHH8Mo-GrRaodRb2F-FY7qC66CaORmpJEG-DSXfjW4NGQ==
Cookie set stat
randiul.com/ Frame DAFC
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stat?i=zq0eqoihjfrx9ad8e0hw3&a=3f499d6a7bf8f602abf6be5feb7273b21&cb=4838601620197832253
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=3351f902540bf4df4f73abea38cc46023d45f64d; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
3X8yDI3bgX9NpCSeP3VyUJG7XAUtiwH4Q1p-nAMeSLHX59iDbmZdGA==
Cookie set count
randiul.com/ Frame C7EF
9 KB
10 KB
Document
General
Full URL
http://randiul.com/count?i=zq0eqoihjfrx9ad8e0hw3&a=ecb56141ce8fdaa023ddf833e29988cb7&cb=1190081620197832254
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5de32e0c88c0eac8aadc5019f9623bb048138e0aac11dcf58b2031fd7551efd7

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=9ea65755489a89a18bd81f687ea3d9ddda6d184d; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
eAzsjVVjKt18nfDqFe4uhFVhcYo0hu3PLHMSubvhUCepB17pheGEQw==
Cookie set user
randiul.com/ Frame 53C3
9 KB
10 KB
Document
General
Full URL
http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=18cf07a61619546a36c7e896f40ac6251&cb=2180321620197832255
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=45e9daef35ffddcb86448e8febfbf4d831d29ef7; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
72XgLuY7rJ7oBNF0WQR0yKNZGBlbrxVcBuAFEnmcj_F1jjzQs0350w==
Cookie set async_usersync
randiul.com/ Frame 9B13
9 KB
10 KB
Document
General
Full URL
http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=46e0bed5c89fd1e248e629a10d5ad0f99&cb=8584121620197832256
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5de32e0c88c0eac8aadc5019f9623bb048138e0aac11dcf58b2031fd7551efd7

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=684c0cc8875f06c55b5b7c85fdaf13657b289205; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
aynHNI_dZbxSAwfQxyD7Nom_ISS4B_OtGh1z1YsHuY7_o-aBWTn7WA==
Cookie set send
randiul.com/ Frame B224
9 KB
10 KB
Document
General
Full URL
http://randiul.com/send?i=zq0eqoihjfrx9ad8e0hw3&a=3dc8884a491de59d16b77a88945d48e43&cb=9265591620197832257
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=472cc72f79082fe875afc0fd3d5a33b01576e5c6; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
2a6E9TxyelTTIO5Vzhz7GMQUzcb_IMXM1VwlmaR34SmjEN8NrV5-YQ==
Cookie set sync
randiul.com/ Frame F265
9 KB
10 KB
Document
General
Full URL
http://randiul.com/sync?i=zq0eqoihjfrx9ad8e0hw3&a=cecce1f1c5bb204b95519946123c157b7&cb=6274681620197832259
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=f49e671453771e0343e8429d5d4bee47313755c3; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
hVFFHeUWM6fkg1NwRKzrKQknHNNpIwKu9oOArztI6-4pgYs_nvZDiA==
Cookie set stat
randiul.com/ Frame 6551
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stat?i=zq0eqoihjfrx9ad8e0hw3&a=01112305d45c5056cbc035f5fc57d3bf7&cb=7696951620197832259
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=dbf0bca33996f43e7e32ff0ed5d35b45cf80bca3; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
kDz9znPMvxlyHP-IOWF-2BO-vgJwVCXcxmthhFcSzBDKqg-oL0gCbg==
Cookie set async_usersync
randiul.com/ Frame 25E4
9 KB
10 KB
Document
General
Full URL
http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=7053a6ae81a2e63879a3b9be890e65825&cb=4127471620197832260
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=b1034782013619dcc7d0f89c313a1c333df82e34; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
m8PA2lTbBB40KNmGIs3xD0IaYCwX-6Kc83ZkYS4cYQLrhy258cZ2XA==
Cookie set stats
randiul.com/ Frame 1379
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stats?i=zq0eqoihjfrx9ad8e0hw3&a=f2c4e28747c8df2380f8160d234201fd7&cb=3102141620197832261
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=ebac58bbeddabd1bee05246bc6b959b19975680d; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
iLEfWwqAACNkm0-2rgUksQFFYZ6WyTw2fviwd3AJDTixivpn_9p2tA==
Cookie set counter
randiul.com/ Frame 5D9B
9 KB
10 KB
Document
General
Full URL
http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=5e6f139c1ae4cbad3ebc43032e98ea8b3&cb=4902381620197832262
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=4cffc1daeb283187ccba9c9f3c13021697fffaf0; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
hf2shD0nsIeFoWwwZ_PoiSEhoMTswjzCaArQ91IoLZcSJKoWPcNQVg==
Cookie set user
randiul.com/ Frame E128
9 KB
10 KB
Document
General
Full URL
http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=e783a21ce56e0f1acea725538d6aee669&cb=1176521620197832263
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=52a90f9a609f3bc4dd0d18972eae92e88019d845; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
N2VYM_1neeXgw1Aex6CZSJfI11kK-PCZvKya83rMnNt4VlKJTtC4gA==
Cookie set syncro
randiul.com/ Frame F5F5
9 KB
10 KB
Document
General
Full URL
http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=31cd47ff3d08c30def2fca0fb13e6dab5&cb=6708081620197832264
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=8d64e0814fe04252e138e97fbd71d5360a52086b; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
dcAribyUl8SM_IpucxsVBwYGj-y-A8rUBiYPS6mEc7TNuDMl90Is4g==
Cookie set syncro
randiul.com/ Frame 51D2
9 KB
10 KB
Document
General
Full URL
http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=d632e1ca224d67be481c7981c0a176601&cb=9542921620197832265
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=1ce1ae29e150c853c016fec657e23d32a984b672; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
CgDwYInHpYDC0N94yZaHeD2dRriXfoElW7H2Bp9dUDfuvnqpG2bM7Q==
Cookie set counter
randiul.com/ Frame EF5F
9 KB
10 KB
Document
General
Full URL
http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=338836b239eb58ab68f020dc96c7a2699&cb=9048411620197832267
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=ce196448c87904d758d149c58698256b11ce63c3; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
A9K1w9-FAMBezswDtZ8EU97ytU0nUUEkeILNyT7aXOY1e-0TMTxtOg==
Cookie set syncro
randiul.com/ Frame 0DE1
9 KB
10 KB
Document
General
Full URL
http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=ff96599e11d24f608b64deb3cc47ac9c5&cb=7469241620197832268
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=a4f429d9f28e7a5ec6ecd1c88aba2691a0503551; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
EPY9hISSWs7WqSEg0auNrlhpgK9Y6zPHIj6IWPF1Ff9PJ2kIna7zDg==
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 4F55
400 B
449 B
Image
General
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
KASiXt3PX7nPgje7J4l5ABied9/uc3azD/KFHbLLtzeppCOVn3YN7PyrlmZqapdF3YYLaDijfr1eyYxu4akihg==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Tue, 27 Apr 2021 15:55:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
400
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Wed, 27 Apr 2022 15:55:46 GMT
EuFt3GEPmkb.js
www.facebook.com/rsrc.php/v3iR5z4/yM/l/tr_TR/ Frame 4F55
503 KB
132 KB
XHR
General
Full URL
https://www.facebook.com/rsrc.php/v3iR5z4/yM/l/tr_TR/EuFt3GEPmkb.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1970006acdf437a48e6fcad001faa0dfc7984d48c3d8612c0f68c048c09c9e28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 03:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HF5Rrm0SDFToVVHyoPrcKg==
cross-origin-resource-policy
cross-origin
content-length
134923
x-fb-rlafr
0
x-fb-debug
M971X4lO0xMvghO85Q4HjyPFTqdbbaywJ/9hRp19uYBF4Wh6ALIPN0tHJ1TiJ1bCkcTwQyJaNBfwoujVl9Npvg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 May 2022 03:07:53 GMT
Cookie set stats
randiul.com/ Frame D206
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stats?i=fkgqtha5989uefmm2fv4b&a=dbb5f90f002061fbc7a47db82fecaa326&cb=3685721620197832290
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=4d4f323f141065d9706913c04e6911e0181e1d75; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
dzv9_srFvSOwdQLYmEnGbiTiZaBb2X8nOQl5sst_8T0szsU5ui8clQ==
Cookie set stat
randiul.com/ Frame EF5F
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stat?i=fkgqtha5989uefmm2fv4b&a=7646ce6654e9f62ea6cb7e8e2ba32af23&cb=0474311620197832292
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=a6db2bf994aa58349b03f94c46778ac7a6a09856; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
0BIQtrMZowypCyoS7smQdhix23Wj3QT2NtQ0jVofK72-98c1ChtrnQ==
Cookie set async_usersync
randiul.com/ Frame 890C
9 KB
10 KB
Document
General
Full URL
http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=46359d5a1763166efe7f8ab86d225dc07&cb=3209751620197832293
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=b77a941b00424993fdf2ff46e5de1570752cc3a0; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
oAH9XpoK9Wmx7Xa9NpzetZ7Gz_LnBQOw2TPRsPuUknZ9zEgLbJmPqQ==
Cookie set usersync
randiul.com/ Frame F0FB
9 KB
10 KB
Document
General
Full URL
http://randiul.com/usersync?i=fkgqtha5989uefmm2fv4b&a=9f6cd564ab696d007f1e44f63ea0d9fb9&cb=9328321620197832294
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cc7bdb4edc007c99e5fb9349f1a971fa0ec59b3dfa4d69fbaae3681d5f0aa488

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=cc09fa684aa465b20f71cbce765987db12c6287e; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
8qiGx_rjN1okNQQJYsAmKVpc12oQrtcdcA1PnWeyYGdk9gNsR8aOLw==
Cookie set async_usersync
randiul.com/ Frame 483C
9 KB
10 KB
Document
General
Full URL
http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=3645241e8d854acd7a8aff0638ad9eb49&cb=5042491620197832295
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=d396a96da87033edfa6a9c849be1613a6c04639a; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
OSWi1LL_-jYFRXTyzcHmj7Z3JiFdlNe2akvkyH4Rn4cQYQT4k_hymg==
Cookie set stats
randiul.com/ Frame CA0E
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stats?i=fkgqtha5989uefmm2fv4b&a=5d6aaaa8feeec48a42385842a9db49499&cb=6455591620197832296
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=a780b21fd8f290231f7a738ef8ac6f323731b44d; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
WKmgPWKyQwlCB0x3LvVljb5bTVhSJM5t6jH9y1LfA9UbWYIi8HGLpw==
Cookie set user
randiul.com/ Frame F00E
9 KB
10 KB
Document
General
Full URL
http://randiul.com/user?i=fkgqtha5989uefmm2fv4b&a=ac309e07f46bd42d8a631081d8d3fe8e5&cb=7394971620197832297
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=4d20dcd6f93efaf1d56e68863050b6e013f253fd; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
rAoDdMXTNdST6psg-ebHjqobIPJ3RoRBnjeqNxz3qgIYvTl7-JH6DA==
Cookie set count
randiul.com/ Frame 481A
9 KB
10 KB
Document
General
Full URL
http://randiul.com/count?i=fkgqtha5989uefmm2fv4b&a=1721a8209652b0efa17550deb1f149621&cb=0739361620197832298
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=9542b600188f199d0a691537e3150005694c8057; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
q34K37UmOAiVl8JjXgp2h9DyJAJOn412TnmGtq9QUGbYC-uc1GzEEQ==
Cookie set count
randiul.com/ Frame FC56
9 KB
10 KB
Document
General
Full URL
http://randiul.com/count?i=fkgqtha5989uefmm2fv4b&a=136b4d0b7ca67a2b474436bf7691685b9&cb=3570901620197832298
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=60f0a1cc9b90e10b597485498ccfb480f8303098; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
pDrr-Gi8uQAbKjWA6m5JgAYZYt3DEu7HpRkCF_ROPfz4Zq1HZmyW-w==
Cookie set sync
randiul.com/ Frame 5E90
9 KB
10 KB
Document
General
Full URL
http://randiul.com/sync?i=fkgqtha5989uefmm2fv4b&a=7cf35644625737f8475f5884d5e22c627&cb=0652631620197832299
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=610b0f387b102b600aea9bf828dd05ff705c7f7d; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
29oDZPeSXCnys69D9FGu6fF9OL-DoReDwidX9bSgYbmW-F4rdQ2fkg==
Cookie set send
randiul.com/ Frame 8429
9 KB
10 KB
Document
General
Full URL
http://randiul.com/send?i=fkgqtha5989uefmm2fv4b&a=ad4726bc94d4c686f00a381d05c9b8e23&cb=2857781620197832300
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=14b9a46d01a03c5e91c32191cd8dbc5c2bcd4641; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
z6gD4qQ7rphVc9tIvh_tDvZeFH_hULu7fO6feqaLL4giGFCZTPNePw==
Cookie set counter
randiul.com/ Frame 95B1
9 KB
10 KB
Document
General
Full URL
http://randiul.com/counter?i=fkgqtha5989uefmm2fv4b&a=8cc10ed0bc5c55eb6856fec3705a7f841&cb=2933871620197832301
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=ef4d4acb46954850453dc5a7032490d81cd34b8b; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
R_VQc1sUQz2XLanHmo9JAvG_S9vlCEheXM3KNsBR6Yxn2uZ2hKSFVQ==
Cookie set syncro
randiul.com/ Frame A216
9 KB
10 KB
Document
General
Full URL
http://randiul.com/syncro?i=fkgqtha5989uefmm2fv4b&a=cde3c7794ea47222d84e04c903b61e8e9&cb=8936701620197832301
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=93ea95885b9b5ca0c30a176282a81f4d5b9def40; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
SY6PeuL3jCOQ_pJNcT_m7DGzZ_IqDm7EWs7g1Tmz-4e0L2U6LM_d2Q==
Cookie set stat
randiul.com/ Frame 8365
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stat?i=fkgqtha5989uefmm2fv4b&a=c89cdadc08b81b71fc696d2c4b227ab21&cb=9023071620197832302
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=e7c4b260fa20950f79d897afd35f40edbea4e181; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
mQj0VigA6qeYgN7a2SrGGkz59FzgvyYel9wEkty2AQxBePrM25wW9g==
Cookie set syncro
randiul.com/ Frame CBAB
9 KB
10 KB
Document
General
Full URL
http://randiul.com/syncro?i=fkgqtha5989uefmm2fv4b&a=a35baf2254add8eb771d580fd0db064a9&cb=0524971620197832303
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=8cf4cbd9b5f32e7c327426624cd419254c18feed; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
_gI-72I7wpdHsRYIzXiPnjC6oieoMBCIlX5-qxsWjLaPH3n2Z-JqAw==
Cookie set async_usersync
randiul.com/ Frame 61CE
9 KB
10 KB
Document
General
Full URL
http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=bfcff71adef813298ce580d8c8df78ed3&cb=4974371620197832304
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:12 GMT
Set-Cookie
SSID=478cac717b372c63671841c7a2c719fc97d01402; Path=/; Expires=Fri, 07 May 2021 06:57:12 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
YTasC1vxfxxhUKH2-1RX5qiBeeMNUZeUqdauxh8WLQYNQQ1XQxSR8w==
get.ashx
run.admost.com/adx/
23 B
706 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=26435&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
haproxy-go
Var
s:go601;c:1;e:37;hc:3
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ Frame EE30
10 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
333f55e46bba3b2a08e47042bea8b9452a9bd9528dc5a87a89205c093c62ac89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7523
x-xss-protection
0
cavalry_endpoint.php
www.facebook.com/common/ Frame 4F55
67 B
99 B
Image
General
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1620197832273&t_start=1620197832273&t_domcontent=1620197832288&t_layout=1620197832323&t_onload=1620197832323&t_paint=1620197832323&t_creport=1620197832323&t_tti=1620197832288&lid=6958696703229038153-0
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fmackolik&locale=tr_TR&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=175643229178651
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
dUgIS5Td42eLmJOxOjiolOprydwclg2AZrzZmgIKYEgbyMG3cpFjNmq3iHHWCqrogbegdSPty1+wETwv89YFJQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 05 May 2021 06:57:12 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
prebid_v4_21.js
hb.adpone.com/ Frame AE8A
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=8ef9bd6b8e048d32d0b2ff4a99f285d42&cb=9212881620197832251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k1swVowUPp%2FVcPmr44dps4zTtlHz%2FCaKSOI8M5lHBESyN6l0a07vV4WpDXyK4wuC2JO4Vd3wTtidqcUE0UrtopPGXxQsrU9t3sNVrbOD8PwwO6rZ3dFpOxYl"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0ebb00004e3d7f826000000001
cf-ray
64a812c459b14e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2rEhBI6xizrj3jB0yRZWrYCA0%2Bbid1EWbl822VP0THHT46oxli0BtgLjWqf%2BU7AqbXoKsRWhd%2BI0YZ2gx%2FBbOlejM0duuRzbhDZP7dfDiCyNp9%2ByFPsmFC0s"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c4197e05cc-FRA
cf-request-id
09dcea0e8f000005ccb6903000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame DAFC
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stat?i=zq0eqoihjfrx9ad8e0hw3&a=3f499d6a7bf8f602abf6be5feb7273b21&cb=4838601620197832253
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wYJjVU8tB48QI%2FO4B%2BMdRdvMfC2k2h7Endc0b0cLo2AfdJ3tDTUI5dXut8RP0ZAbNDCYalSD%2Bf716vJf2krbVjef4dxtIdZV4rVfVIHnVS6mVp9jxzp2Vi4a"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0eb700004e3d31b49000000001
cf-ray
64a812c459b44e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HABO4MtyaTsD2AUZXGQEwULcKLL0Tp3BihLuHUMcUKk8QjUOtgV7RkEDfuV7tJqx7UGjdpiW%2F7Hgf7EoBxuchVPuOoU2HvmbUN5a4zyACRsjc0U2p49g%2F4KC"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c4291d4d8a-FRA
cf-request-id
09dcea0e9900004d8acd848000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame C7EF
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/count?i=zq0eqoihjfrx9ad8e0hw3&a=ecb56141ce8fdaa023ddf833e29988cb7&cb=1190081620197832254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xVZOXEk%2FwtGGkntYmpIIJdyH2rJAo8weyPWMwUGwLhU6CKh7IuXcQ14Ombk%2BAqOcR29MZXiZ6BVgoXSVtqr%2BH0pHymzURgkSgRLNds9SCKOzP1mtsg3DGpDU"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0ebf00004e3d7d119000000001
cf-ray
64a812c469d14e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XJwFSa0Vz%2BTcOIX%2FR%2BWtiIi2BVyFGkmZFuDI6xS9feoN9lw2J7YbJlKTfM5bmEi1LTtmvUY7WzERPYYR4f0i1Zq7hphM1ederS16JcJruLVM3ffEymS3%2BRSt"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c449564d8a-FRA
cf-request-id
09dcea0eab00004d8ab5953000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EE30
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 9B13
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=46e0bed5c89fd1e248e629a10d5ad0f99&cb=8584121620197832256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CzzW%2FFBIJKyoS9NNzQYqI8QSvU9sOhTeXjZrLh8GuCsTunhvPTZF%2FILQn6riF6OYtxFU%2Fyl44AAesV7VGvruNS%2F%2B33jLGrd2bX5qfdUqFJdP1T6DXzmC6bRI"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0ec100004e3d3c9a3000000001
cf-ray
64a812c469d64e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IcAuQ63LLnAmyottrNWWmApCoypKE%2B5Sky2mxTe%2BqyQ0H984Aw9nwoN7WjcastbvNnwvpd6yIOKjiLq3fGL10JpfSkvcMiX90xeXdZb7BK00yPhxWKN8W4x2"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c449d405cc-FRA
cf-request-id
09dcea0eb0000005ccad003000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
pxl.jpg
randiul.com/ Frame A581
597 B
1 KB
Image
General
Full URL
http://randiul.com/pxl.jpg?i=zq0eqoihjfrx9ad8e0hw3&s=528&p=http%3A%2F%2Farsiv.mackolik.com%2Fdefault.aspx&rstk=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&h=3448391620197832381
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Cache
Miss from cloudfront
Content-Type
image/jpeg; charset=UTF-8
Connection
keep-alive
Content-Length
597
X-Amz-Cf-Id
lmSTwAU4hX9Y_4j00v-1oubZXjmwVcQfaq8hnSoSSFIAQDnWqxbvKA==
prebid_v4_21.js
hb.adpone.com/ Frame B224
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/send?i=zq0eqoihjfrx9ad8e0hw3&a=3dc8884a491de59d16b77a88945d48e43&cb=9265591620197832257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QCSSMDfWcj5eie6n7%2BYDVpcorKt6w9PeyG6XYjFc6LL1O%2FcG5B4XcDu5F%2FxKXEveizvODBxaGcCBElzXvCWmTYk9JHICaHicpeMDzKjCAC86gqqyDtQH7qXT"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0ed600004e3d1b07b000000001
cf-ray
64a812c48a1a4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fK3lQYgMMrLgAUq4KGOjAyoJUlRRMJ0iOsaOusCGkUlzchR0irWj48tCd8wmnK1hOfggFD9tOrkvWNQ5APQjR4YF1d4%2FxWU4KUR07pxKIkGei5%2BxJysvoyzB"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c47a1a05cc-FRA
cf-request-id
09dcea0ec6000005ccd7102000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 53C3
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=18cf07a61619546a36c7e896f40ac6251&cb=2180321620197832255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jL0Ahj7vImXmm%2BNlNQ0%2Bmi6%2B3wEr47Eq%2Fo4li9HOTJKCscfePr6attJZv7i0JWEVVA%2F%2FPM4ROQGFgAzGvpgajyqUQDUDIXAk69JIs0leFZLYuXafl7tO70qu"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0ede00004e3d7a9a2000000001
cf-ray
64a812c49a2b4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fvbCijymqkSsVhthg%2B5XxSBJY62pYHkFOxTcyLZFQLBn2u5UH3%2FJW%2FB%2B%2BBPH0G9rA%2BdtBgdGgrsGMtDfuv9ZeXSWT9PwsckOnQCHwtLY4eabx7zRMre1SrB8"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c479ac4d8a-FRA
cf-request-id
09dcea0eca00004d8a60b33000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame F265
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/sync?i=zq0eqoihjfrx9ad8e0hw3&a=cecce1f1c5bb204b95519946123c157b7&cb=6274681620197832259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cw4cH%2Bv5gQzuLSqV5eHluhYrckHjFZp8zx6DjCkOiZ733D2jerXmW47FNmgznUpI%2FmpfzzfnKQiU7WkyPvSc5euuha7R1YpIJ%2BkOayVraPG2MuSyXU0%2FYDwo"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0ede00004e3d700f0000000001
cf-ray
64a812c49a304e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eOWJ4bjdrb4TNV89gEFCGkeac5M%2FobFi3gaTWhUdWL1m2TBbrw9oYOncwyZKHFiCINbTpVmU6NnjahoJDWGMJq65QpgRigqSpI%2FD9jsTYLzROgMlfSP%2Bk5Z8"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c47a3805cc-FRA
cf-request-id
09dcea0ecf000005cce590d000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6BE0
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.mackolik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 05 May 2021 06:48:21 GMT
expires
Thu, 05 May 2022 06:48:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
531
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid_v4_21.js
hb.adpone.com/ Frame 6551
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stat?i=zq0eqoihjfrx9ad8e0hw3&a=01112305d45c5056cbc035f5fc57d3bf7&cb=7696951620197832259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QCIbYYtrbqLGoCMF1aaDeFBPfVKT8S5dc3%2FYHNRkljg9A2Z7eGkmle4Q6S%2FHeKl%2B5O2Q2efd3zHL7qUYlppIxDBEbNAIpq%2Fxr%2F0urcw83akfPGDp4acXoXV2"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0f1500004e3d1d281000000001
cf-ray
64a812c4eac94e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mrln9iFImfdWoFn5OVGv24i24Z6APwUFOAiatAHPNNC22o%2FFGMQjsA%2FMUKQFMn2bebxDwFUmrSeceZzTIr%2BlxV5uJB6bafCRkBaDNRgnKSCiN4iwOLj9H%2BzQ"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c48a5405cc-FRA
cf-request-id
09dcea0ed9000005ccd4026000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
get.ashx
run.admost.com/adx/
23 B
706 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=31811&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
haproxy-go
Var
s:go593;c:1;e:53;hc:3
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
pxl.jpg
randiul.com/ Frame A7EA
597 B
1 KB
Image
General
Full URL
http://randiul.com/pxl.jpg?i=fkgqtha5989uefmm2fv4b&s=528&p=http%3A%2F%2Farsiv.mackolik.com%2Fdefault.aspx&rstk=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&h=4287901620197832410
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Cache
Miss from cloudfront
Content-Type
image/jpeg; charset=UTF-8
Connection
keep-alive
Content-Length
597
X-Amz-Cf-Id
5Wk1oy210WbK0BFWHMCQ7Y5kVwzxC2SmMRh-ZBXRhbRCG4Fb0kNGzA==
prebid_v4_21.js
hb.adpone.com/ Frame 25E4
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/async_usersync?i=zq0eqoihjfrx9ad8e0hw3&a=7053a6ae81a2e63879a3b9be890e65825&cb=4127471620197832260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n40o3zmdzIzM2yhJIUDYCHY1nNAX3ps%2FjiwJkY%2BC6upzh2e2VKNRR7kXJjU9fZNosEHtZgmEOYFDl9v4hBf70GfIDnG6rFLmKAlQK2BXuzPvOJfyxlUGlqqJ"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0f1a00004e3d2129e000000001
cf-ray
64a812c4fae14e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GFZM8aGCTTqVwv9yMUQEtqUJim9jScKif6r7Wz3zlyMH3vfD5vulmBfhNI4uKinoOTDgDWLVtCBk8alHf2T%2Fb6N65yiKtH8wIwTnxQKBgn0EKe09GORceVQO"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c499f94d8a-FRA
cf-request-id
09dcea0ee000004d8a8e335000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 1379
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=zq0eqoihjfrx9ad8e0hw3&a=f2c4e28747c8df2380f8160d234201fd7&cb=3102141620197832261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kfdVQV0Qn79HeGnYHSLm4hJqqKWE0mbv7cLI8W62Ka60KBz82FvBzFvAGkTP29M7RSrweKv7oMR0sLYzPdgFU0EGa5XoJm2QXCe6LPwYUYmT%2FbKju1%2FFBI9v"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0f1d00004e3d780b5000000001
cf-ray
64a812c4fae54e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VjPrw7paOWnK0ekyInWkF5HezPgyKht5%2B2kxGuTFGg7Xz9go2qe5ph8gSVdeAo75YmfcyGRXOYWJZQeoIm1Acc4ndT%2FG4wUHydQPoGUc%2FrL8LklKRsjgybC8"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c4a9b32bc6-FRA
cf-request-id
09dcea0ee600002bc6c91d3000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 5D9B
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=5e6f139c1ae4cbad3ebc43032e98ea8b3&cb=4902381620197832262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KpQAK5IL6bbc%2FuXusDzD%2FaWbhIvX0d2prTP3KSdCuBcZ%2FH2%2FzLprzYJL1nSBa0Ww89s7yyj0LKoRcsl6rWP01h3RavBXNAd3etDCFNx6zB4ksIyMS3%2F2bplQ"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0f1d00004e3d59b37000000001
cf-ray
64a812c4faeb4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=80sJUADHNsjvDRn%2FvX6XEVN0aH1NqVEyMII%2BeV01JyqZJvXED7%2FSo8DdNQTdTIPcVGlzmtlE776U4W4wETofoVCLDDD7jR8z2qXLzgamCBESqH588DXst0GY"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c4aa1c4d8a-FRA
cf-request-id
09dcea0eec00004d8ad08b5000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
bid
ap.lijit.com/rtb/ Frame C7EF
24 B
751 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
93ea1d2a258636d9758b2f99f129af0dd82e841650a0bc0d4daa8114ad4d2ef5

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
adjson
ads.betweendigital.com/ Frame C7EF
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4758407825927562&tz=-120&fl=0&rr=false&s=4022876&bidid=40485591be3101&transactionid=8c31de4a-b246-4674-b947-95803b14bb5d&auctionid=91c6...
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4758407825927562&tz=-120&fl=0&rr=false&s=4022876&bidid=40485591be3101&transactionid=8c31de4a-b246-4674-b947-95803b14bb5d&auctionid=91c6...
2 B
213 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=4758407825927562&tz=-120&fl=0&rr=false&s=4022876&bidid=40485591be3101&transactionid=8c31de4a-b246-4674-b947-95803b14bb5d&auctionid=91c6ac99-1f95-426b-8122-f9a9b9f8a932&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=728x90&jst=hb&ord=4758407825927562&tz=-120&fl=0&rr=false&s=4022876&bidid=40485591be3101&transactionid=8c31de4a-b246-4674-b947-95803b14bb5d&auctionid=91c6ac99-1f95-426b-8122-f9a9b9f8a932&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://randiul.com
content-length
0
v2
i.connectad.io/api/ Frame C7EF
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C7EF
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1950012&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,39a22c8928f9976dbf1f,1,,,&rf=mackolik.com&tk_flint=pbjs_lite_v4.21.0&x_source.tid=8c31de4a-b246-4674-b947-95803b14bb5d&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7280351373404885
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b1223a0f30bd206a42d1405e07b50a0d0562ece2b7ca8bed8de5436483c07a7f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame C7EF
0
140 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=93037631250
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://randiul.com
date
Wed, 05 May 2021 06:57:12 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
arj
adpone-d.openx.net/w/1.0/ Frame C7EF
172 B
359 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Farsiv.mackolik.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=8c31de4a-b246-4674-b947-95803b14bb5d&nocache=1620197832503&schain=1.0%2C1!adpone.com%2C39a22c8928f9976dbf1f%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1620197832360&auid=543870366
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
bda7d4c80affb465e7119bcbfd215c5bc9031a2100e0e361577753d7660d944d

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://randiul.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C7EF
19 B
711 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.132:80
AN-X-Request-Uuid
062e0fe4-a6bc-4d87-9974-a8b21e6df800
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame C7EF
0
318 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
http://randiul.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
adx.adform.net/adx/ Frame C7EF
5 B
444 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTk1NzIyMCZ0cmFuc2FjdGlvbklkPThjMzFkZTRhLWIyNDYtNDY3NC1iOTQ3LTk1ODAzYjE0YmI1ZA%3D%3D&pt=gross&stid=91c6ac99-1f95-426b-8122-f9a9b9f8a932&fd=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ Frame 9B13
0
140 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=43893130252
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://randiul.com
date
Wed, 05 May 2021 06:57:12 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bid
ap.lijit.com/rtb/ Frame 9B13
24 B
751 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
08abbd26d6083e3f4958fda29a0fd85bacdabdad2793e804647495c30aa4e816

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
prebid
ib.adnxs.com/ut/v3/ Frame 9B13
19 B
711 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.152:80
AN-X-Request-Uuid
5f21b585-8d0a-4021-b547-5032d564a2dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9B13
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1950012&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,39a22c8928f9976dbf1f,1,,,&rf=mackolik.com&tk_flint=pbjs_lite_v4.21.0&x_source.tid=35513067-51db-4eef-83ea-00cdf55994fa&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.3823566211977385
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c481a54fe9fe7fb5966aa9520b3dfa322f4acf63f93353cde41742fbb2cd4922

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 9B13
172 B
557 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Farsiv.mackolik.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=35513067-51db-4eef-83ea-00cdf55994fa&nocache=1620197832515&schain=1.0%2C1!adpone.com%2C39a22c8928f9976dbf1f%2C1%2C%2C%2C&aus=728x90&divIds=adpn-adtag-1620197832366&auid=543870366
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
158e7678fcbefeef2649ea0fad2f9843c1fbdf2bbccad3d2594f244a3950749d

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://randiul.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adjson
ads.betweendigital.com/ Frame 9B13
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6139153404188613&tz=-120&fl=0&rr=false&s=4022876&bidid=12bb11166a749f8&transactionid=35513067-51db-4eef-83ea-00cdf55994fa&auctionid=4d6...
  • https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6139153404188613&tz=-120&fl=0&rr=false&s=4022876&bidid=12bb11166a749f8&transactionid=35513067-51db-4eef-83ea-00cdf55994fa&auctionid=4d6...
2 B
213 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=6139153404188613&tz=-120&fl=0&rr=false&s=4022876&bidid=12bb11166a749f8&transactionid=35513067-51db-4eef-83ea-00cdf55994fa&auctionid=4d6f5062-c622-4b77-9624-1ddaa2a30f50&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=728x90&jst=hb&ord=6139153404188613&tz=-120&fl=0&rr=false&s=4022876&bidid=12bb11166a749f8&transactionid=35513067-51db-4eef-83ea-00cdf55994fa&auctionid=4d6f5062-c622-4b77-9624-1ddaa2a30f50&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://randiul.com
content-length
0
v2
i.connectad.io/api/ Frame 9B13
0
0

/
adx.adform.net/adx/ Frame 9B13
5 B
445 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTk1NzIyMCZ0cmFuc2FjdGlvbklkPTM1NTEzMDY3LTUxZGItNGVlZi04M2VhLTAwY2RmNTU5OTRmYQ%3D%3D&pt=gross&stid=4d6f5062-c622-4b77-9624-1ddaa2a30f50&fd=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 9B13
0
318 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
http://randiul.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid_v4_21.js
hb.adpone.com/ Frame F5F5
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=31cd47ff3d08c30def2fca0fb13e6dab5&cb=6708081620197832264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yjZ18JuQHm7lahNbf8bbgDNiMiDUF%2F70GLniFvxPHB%2Bo%2BATkXjVtBdjmfbhdl6fAU2mHpInjcIyfHfpg1OOG8ZjnOdwL4ibPQk2oLq8q6XvCbr7q8GXzPcgk"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0fa800004e3d7d12d000000001
cf-ray
64a812c5dcd14e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e8Uh8f1haGlJbxO%2FXFz4wmvq8M3LxWjT9WvmpEEtgxHiYYvl4zN7scza2141IdbfU%2B%2FGDqU4HLTLQFrGJPXmpyvHapm0dLixd5tPNWJaIoif24e36BRu55n9"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c55b7b4d8a-FRA
cf-request-id
09dcea0f5300004d8aad3dd000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame E128
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=zq0eqoihjfrx9ad8e0hw3&a=e783a21ce56e0f1acea725538d6aee669&cb=1176521620197832263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4aidVrMUAT8IlNIcBthDlcEUxdlORxJATJtePt7twU26XykzVLIJqsT7KpKBxdQLFhgn7w71vKVCla1zUSfK9D%2B5BOrQeaIepwhJ1sVPSZBG%2BZ3tup3Oyfo5"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0fb800004e3d54a68000000001
cf-ray
64a812c5fd004e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TG%2BaczL99Ky4%2FY0amSSBUtjF5FbHp9Ey9aKSusLQRnadXP5vycE8apoIpQWDJojwWw%2F90u0xJma5P41F6HridglJBO4%2BkotPqJGVo%2B6pOb6rF0t2N0U1AfId"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c5bc7a4d8a-FRA
cf-request-id
09dcea0f9100004d8a5baf5000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
get.ashx
run.admost.com/adx/
23 B
706 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=36373&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
haproxy-go
Var
s:go593;c:1;e:28;hc:6
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
prebid_v4_21.js
hb.adpone.com/ Frame 51D2
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=d632e1ca224d67be481c7981c0a176601&cb=9542921620197832265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BNWpeJafIcKt4HmAwKGsFdR%2FwmvgNRrjBTTg4SqOAldvAPb7Uvo3ViB7M9JDsOQZT7JDQPqQ2nXNUhectsC0xsCmVvNfwmpNo41Af1vbKGWkIGMrraaePEpX"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0fdf00004e3d6893d000000001
cf-ray
64a812c63d794e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=klwL%2BfINAhaekgU5zrqXECzBrvPQHtqHZ0svro0c6l2y34zeuYV5KfED6wkCIgdZ4RsHVFZoEKnfcC0UpSEGf8iVupmwBCJ9REqR8qRo%2FK7i5NApU3Di3hI4"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c5cca54d8a-FRA
cf-request-id
09dcea0f9c00004d8ac516d000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame EF5F
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/counter?i=zq0eqoihjfrx9ad8e0hw3&a=338836b239eb58ab68f020dc96c7a2699&cb=9048411620197832267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fqcn1zuRBSfb%2BykEWW5HuptqY3q%2FtjcIthMiXjI0pZ4GS5pYO%2FJUDnCtzhAg1T%2F%2BFQlS7F7BV3yDHy9oLdCmQptjDUtthwNmjiYaBnn29rzCEef%2B3BpgnNyo"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0fe000004e3d733a3000000001
cf-ray
64a812c63d7e4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ykParWSlnN1HMBj8dj8ygrVk20RX46X5zWWj9xonq1mSWriduzL6TDHOvS0B%2B%2FAe2Bf%2BtcoVIo4%2Bta3X5K9lHiP0yosSrkDgMhTCXyzPL8InQ%2FAVmzGQZ%2BC4"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c5cc2f2bc6-FRA
cf-request-id
09dcea0fa100002bc67c188000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 0DE1
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/syncro?i=zq0eqoihjfrx9ad8e0hw3&a=ff96599e11d24f608b64deb3cc47ac9c5&cb=7469241620197832268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gAyNLH5axnboyk7Od63uuJCf%2FGcN%2BsuzcIO22eu7VP4w7wm3Coewb0QW8TwUWOpaEq4Ooc%2BXxqTPDsR8DWNuRKdgFNg%2FrSM%2FPJgUnUAAUpvZCAvrolR1QshZ"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0ff700004e3d2a978000000001
cf-ray
64a812c65dc64e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DF6TvmNIKc%2BOf%2FUdqytj7LxWnU2tNaW23rB7OYSdYN13swDsfCw1Bv0mKGylq0Q8QlrzoYt9yHm7MA1MVJpZEPLVxHtFdbfxITdDGnW1MAXZ7D60zf3nN51l"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c5ec6d2bc6-FRA
cf-request-id
09dcea0fb100002bc66ebaa000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame D206
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=fkgqtha5989uefmm2fv4b&a=dbb5f90f002061fbc7a47db82fecaa326&cb=3685721620197832290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YzfgyqBr0eBAQao0T4KEMLCyUwQ3QxreDhR%2FIn%2Bbg%2FLs6o81hL1X08qs393yFWEAgcs13fp5%2Fxq0C4VbKAGEpZLNw1PV4IZNVhux8BXw7UHeXbHJc%2Bs6MPFv"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea0ff600004e3d733a4000000001
cf-ray
64a812c65dbe4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T%2FBQcUcW8z1mISHW1uYTt3PEox80%2FZcueMMXnWMcZOvMF8SOvzhtmK8Oh6MHNIC2jURo9xNzeobW8QAxSo9RPYHwRZa9Tg4PocezSBKoInM3oGUj4HR9qLF7"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c5ecf74d8a-FRA
cf-request-id
09dcea0fb500004d8aa2a93000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
pagead2.googlesyndication.com/bg/ Frame 6BE0
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 23:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 12:48:00 GMT
server
sffe
age
26100
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5711
x-xss-protection
0
expires
Wed, 04 May 2022 23:42:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame EF5F
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stat?i=fkgqtha5989uefmm2fv4b&a=7646ce6654e9f62ea6cb7e8e2ba32af23&cb=0474311620197832292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tIKd1MtKX82tGvPDYOP3vYRwia7Ana0J%2FRdZwmbD80jolB29MtS%2BuQTd1vuOc3zqeXpsIEb2yKySzDW08P0f61uaLz3mHrq9m3dJxalt4NEVZ1vcuTMHjLZf"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea100600004e3d641cc000000001
cf-ray
64a812c67deb4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B1ZfAJfqxm1j9nWxcUrxhGn5Igogd5WZY7nHJAwy861pOyVxLIbfrtlwkXPFCPBpWzhVqG0KBB4i5btV7FVFkAAU9EVqiYMneUMrdp15f2DzEDozExD3qsqS"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c63d092bc6-FRA
cf-request-id
09dcea0fe500002bc66e19c000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 890C
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=46359d5a1763166efe7f8ab86d225dc07&cb=3209751620197832293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cXMgVWAASwpg4%2FKlZrn7A7B0xEJ%2F9lUpSZMwfuG214qhXJnfR9okhTsAGhaEGbk%2BvIUXvIsfLg0zSBrzFQwdWYK2qTToYQCjnszzeTen4ohLuNS8PeJ8A7mM"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea100800004e3d7a9bd000000001
cf-ray
64a812c67dee4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wYQQwqOR7GneV32l4DUNm3b0muDqt6H8rDeduh5XW2eW9xxcfbrtXTZTz3VM4t5Tcr%2F1zGZbqJBrfwvW%2FCOzhTcQgOe8thfpQy%2FbeSd%2B7Lq4%2FSWf0LTJHkA2"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c64dae4d8a-FRA
cf-request-id
09dcea0fe900004d8acca35000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame F0FB
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usersync?i=fkgqtha5989uefmm2fv4b&a=9f6cd564ab696d007f1e44f63ea0d9fb9&cb=9328321620197832294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IeEdVkPHENnrhazf0BxMCBLCwFhmbdN%2BOJwO7c4Ka8z%2B4LVqT2G1Bz3rh3BFEfDU37lRm4nh1HOrxYpxw4rKsBjOGxkOz4dAlauWelDSDcQGLBy%2BnfOmFD7%2F"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea102300004e3d59b4c000000001
cf-ray
64a812c69e3d4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DjYvG6wvAkgqML4fEsyZ2yFHIDLzMWny3tbbzJKpwF1lIIcdYYYv7K4yAWnDaD4ykWBIr3rDgnrBEVmOFhqkuZRFyuXuyRoi%2Bh3kNtSXSIHtabb03cYITLzd"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c64e0905cc-FRA
cf-request-id
09dcea0fed000005ccce300000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 483C
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=3645241e8d854acd7a8aff0638ad9eb49&cb=5042491620197832295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a8B70UYr6%2B4v%2BiDmN2Z9NEdFoGoCaKP71vB1XCA9UiRNc5VqYlgKP7E3S4rzhXxeCnZwgJ4VnVC6C0aM3wkyV2v%2B5IBZVpM3Gmg8sEzvkLGBLdt9Tz6T7KuX"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea102300004e3d139e3000000001
cf-ray
64a812c69e404e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t4wHUWoY2UfLsMY0Tpk41D08m5QmrnTGd50lqJ6VboOmUu%2FsBh5pLq1IrotyiP5AvBeA6qG1UTil%2FaVR7UwYg3MsamhMPHhifQbNLwkJdKoZFvBeioSM9ArH"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c64d302bc6-FRA
cf-request-id
09dcea0ff100002bc68e336000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame CA0E
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=fkgqtha5989uefmm2fv4b&a=5d6aaaa8feeec48a42385842a9db49499&cb=6455591620197832296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QgaRfq4LOa5XVHu0t3oQ%2FKljf1il1knzeqCvY4%2B%2BT327k8tRL5rhb96uC7bRMs5uVqA7n8GZqwRLH51K1GRj6cYXWeUYnoA%2BB%2FB80rZcFtPFzcaU753S%2BJ%2BZ"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea102400004e3d1b098000000001
cf-ray
64a812c6ae434e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E6IZdVMBfiX7TL3siByT1XQA6SVDW9%2B6tNM6EyJ7TVxLXbGMIW2nirQ%2BM5wpPboDYgvWnm%2BGdq1OrF6PgJHLGLPhvJ97oxNV9SF%2BKSj8NUtL%2BK7up%2FHS9W7m"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c65dcf4d8a-FRA
cf-request-id
09dcea0ff500004d8a7a9cc000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame F00E
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=fkgqtha5989uefmm2fv4b&a=ac309e07f46bd42d8a631081d8d3fe8e5&cb=7394971620197832297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5OgzELKLlDkjbweEcMKM%2Fjf03nhFiy%2BYVPCRCv6MZNXfPJh69kivcA0OFi%2BuOeW1ilYxH7HTzPveEey%2F2tXzDs6WC7Qo7ObClz%2FQjxDZvXeMs9T1TYVh%2BmPZ"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea102800004e3d69380000000001
cf-ray
64a812c6ae4c4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qiPAyqHZ1VOvSClitDkQWqc4%2FLKv565NTYv4%2FPSk3EIOg7F7k09ySLiwPFRvH6IfwjsrBs1IOvOkn1dwfhpZfWUdPSPREDbq0BOlKaDpuIGSODKNFV6PAAnx"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c66d582bc6-FRA
cf-request-id
09dcea0ffe00002bc69cae0000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 481A
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/count?i=fkgqtha5989uefmm2fv4b&a=1721a8209652b0efa17550deb1f149621&cb=0739361620197832298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jEao3z4FnQofszaIN%2FjW1%2FWc8f%2Bc05swjHsbKHeoDcSFbCi18GUCXruEIa0u5Wb2q2R1AqMfahM2HlVmdrGykBoYpOPd7QBEaH2BCQJjMjGMVqx7PdieZZwz"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea103500004e3d3c9bc000000001
cf-ray
64a812c6be6c4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0pqix5OLwjg7bvtLGJytUSg9ZnIzfNVVqYUmebKPFXW5C1ZPyy7uoBkQ6ICjzprl12TO0cKtyvDRYdkS1CB5rDzW5eP20PlLWAkvhZqzbjYOU2clnb%2B8Cgd4"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c66df44d8a-FRA
cf-request-id
09dcea100200004d8a959bd000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A581
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMxI_u_8bg-ZPQOfWdSVtyr_kpv2K7NDfzqBggzALPqOo3BrttG6v9M6WGL7U85IonhmjOXI3r3eIb5ZEtQ-4bbdgI_1Wv3L9yEqerFN5OCtLemhWWk_vfXyhH-D3opgTUhHiHE_E3g2Ii6HTTuUtqIlTtlvxMdFJBa1Rcm8vfBPYFKkd-CidUitPz9wG0469810_Wb1rkqFRfgkJno4_Ew2bwSjkZGc0UMblWFpX6iH7BaSdL-oa_QVV15-nS8JGBCWx6lTu0z6xcPfwnZWlFg2n7nyBnZxKmExYuuq727KdJk2-O14z93IaxD_j_LcG_TiNzgH1m5F0fb6rfrrWR_aY8xPZ-Jc2VhjqFKHwOqOV21Fs&sai=AMfl-YQ9z2JU-GWzZHH9OCvuus-s1uNkcXAZxZ7PleuPUw_ZlfYlUExEMbIn5mPw8Tv6QmdS7U85xoFlJp_S5-Zr7ET9tOtrWiGTTcJtDeMZt6fFARsM-Okge5JmD2-GS7wl&sig=Cg0ArKJSzD5U40GxXTFIEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 May 2021 06:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame FC56
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/count?i=fkgqtha5989uefmm2fv4b&a=136b4d0b7ca67a2b474436bf7691685b9&cb=3570901620197832298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AKUOIIJ0MrGVv6OftwThcI6nQrXHz9Oy1IZWVKsFZh5Fe%2FMMSsM3ykjce6tFy8LcaUwvFDlt%2F8ZlzB2eBEmUPVU93Z2%2BjVqinD8fkNoS4MwNrI0OI7UTYZ8a"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea103800004e3d28a75000000001
cf-ray
64a812c6be7a4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1t%2Bo6eLVoBOUywrIfgwRst7eBP3wF%2BQiBmLBKejSY5VADSrbzTO8MD9gvd%2Fd9b7HO31g%2BvbBVAG67xSGxfjbGq5QNO1HJ5sHXKPJ6d58CtOANVpsiE%2FyTeir"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c67e154d8a-FRA
cf-request-id
09dcea100c00004d8ad5b55000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 5E90
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/sync?i=fkgqtha5989uefmm2fv4b&a=7cf35644625737f8475f5884d5e22c627&cb=0652631620197832299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tNcVttv%2Bg3KKez9mjvsA3Pw39H0018Kz%2B0dxsygdh6nVQzqRdAGRhsCMnKveOlAclzNTdxPBV9HgyppSAwsiV0YyUgqyhKV8w82gU9EvRGE03YJNqoJpzxmb"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea103a00004e3d69381000000001
cf-ray
64a812c6ce844e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ie86nFKyPOEwNh%2Fx3rJz4SpsJG5W0yfO1SsWeGS8vSmfqaroHAHLiPOdWbpmZjaUrj5jVtaxPbCQpwyf65KW1KGKTIhsK3ireWyl1BgcdXkjmDKHm4GD%2FLTQ"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c68d872bc6-FRA
cf-request-id
09dcea101200002bc66ebb1000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 8429
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/send?i=fkgqtha5989uefmm2fv4b&a=ad4726bc94d4c686f00a381d05c9b8e23&cb=2857781620197832300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lt1hG%2FUYG7lbNJnERAISbLHFE23hq97ghXLX4tKd79LKr9Q%2FQcO%2FtqG%2F0Hgcks%2F%2Bohhy%2BEvgubDgxkcAU30bMG6WfgmBhvXwHGtwPktAA%2BEOughQQQyV5OUJ"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea105a00004e3d113ec000000001
cf-ray
64a812c6fef84e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9oJ22qJfpPBTCavAV0tefiD3sm1mF3HNGXrHRZxuBH0QUwf2P7cejaSCLYjMnG1jEBRQArQckhhOlhMLLSXycm1OiEsUPKnLGfTciDdbFX9Tvntlr59%2BtCCf"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c68e9005cc-FRA
cf-request-id
09dcea1014000005ccc28a1000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 95B1
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/counter?i=fkgqtha5989uefmm2fv4b&a=8cc10ed0bc5c55eb6856fec3705a7f841&cb=2933871620197832301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nbfMFDqqGL8hTITXm02UgCOg6JwX51pdJiVjK9DwOnw%2FnYAok29%2FZt0vjAV3rpC%2FyK1gW3Ap8wmpchB5KvnnZq59FQ9uccdkgnNRhuJxX3XlxcjMJyIZD0Z6"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea104500004e3d7f845000000001
cf-ray
64a812c6deb24e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D4k0jzNdhvMN9HLehNXU6SMh1JZUXbON5rCOi%2FA6TdJXDRkZ%2F%2F59b%2BbeVRL%2BXO8286VaMy5oOPSzM6FpYjL7T8ZjqzOE%2FYEkdS2Chk45HVZr2subX8XkbnmU"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c68e334d8a-FRA
cf-request-id
09dcea101700004d8ab99e1000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame A216
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/syncro?i=fkgqtha5989uefmm2fv4b&a=cde3c7794ea47222d84e04c903b61e8e9&cb=8936701620197832301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5sE7JG%2Byp0y%2BNXprZcDzTjtZSAdU05%2B6FSrFiKhKA%2BPdcYiTH%2BEr%2BadsXLBtdFuSO98ezRdNjT8lxbG%2FyiECY9oujbYBjcWuFwksXn2I7nX2O6QasiyqqEJP"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea106200004e3d4c38b000000001
cf-ray
64a812c70f154e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KfbplQrSYynXZ6E%2B%2FEUo3TMb3zLugrmsmpQmTEKT8fc0A2Nq2huOBGD7ZZbeYPszab9QOjAfCbD%2BSBjkWa3pszUDQkKn%2B9C2eOeerLhMbSdkIZQdn8A9k5oT"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c69fffc2c2-FRA
cf-request-id
09dcea101c0000c2c209bf3000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 8365
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stat?i=fkgqtha5989uefmm2fv4b&a=c89cdadc08b81b71fc696d2c4b227ab21&cb=9023071620197832302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f57r7ZaxzRDaQxIS9NolDAQgQWom%2BVUFQFy9z8qWqqCg3NHAwhIFthTLWqnlQUANy3rk0zc0AKhwpBLA6kMc2RcRElH861S4auKKC2NzMCu1bk8zDh3ONxWt"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea106200004e3d3e0e5000000001
cf-ray
64a812c70f104e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z2L1xXR449Tg2ragrkeenLaZWp1hoKGsYt0hvHBm34xsiBlXWH4xlMPeSJpJl8WhFnM3mctmhlQrw2K6f6PgQLfaswlOL3GM9504udLD97JAOZ1KS%2FGQNq%2Bn"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c69dad2bc6-FRA
cf-request-id
09dcea102200002bc6dc9c8000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
get.ashx
run.admost.com/adx/
23 B
706 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=46599&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
haproxy-go
Var
s:go601;c:1;e:35;hc:3
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
prebid_v4_21.js
hb.adpone.com/ Frame CBAB
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/syncro?i=fkgqtha5989uefmm2fv4b&a=a35baf2254add8eb771d580fd0db064a9&cb=0524971620197832303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dEaBSS6lxDjV4cdKuBGCqsZ7XzzcLG4VnWR2%2FaSYnmk0x6x5euMDuKVyjhMW%2FB1sA0GFZySEEAkyIPXD1I%2BMmw2iTOCBkQUhwIzcqvoDhIXRJ%2BWUINfBpmnP"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea107600004e3d4c38d000000001
cf-ray
64a812c72f724e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2QeC4lbEemdVetNwk2WQIHdgPzzy2o0w6V5O9x%2FUQUx47TKM5%2Fk0UoztXmUgeSVCB9qsYrwS%2BGPhOqm0XODzBah33ip9t7mQdjNuNNYrxjjQHpootoVCgT%2FA"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c6d868c2c2-FRA
cf-request-id
09dcea10480000c2c2e0b6b000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 61CE
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/async_usersync?i=fkgqtha5989uefmm2fv4b&a=bfcff71adef813298ce580d8c8df78ed3&cb=4974371620197832304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3980
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ANonYHgb%2FAo07GikHDwF1%2F2fKyki9IEowqs66QD34W%2BjxFeAST%2Fy6UlmPCPzGl3Bhq54aeIQk%2FyuMjXJnHdExzFlEgxEbZj45aZg25t9MkpuhPwkKZ3vnO9Z"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea109500004e3d45af9000000001
cf-ray
64a812c75fed4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:12 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OZaW4UtMn%2F5riuZT9IeS%2B6RAewo8A1O4LwO6oy6Smg%2FsUpHogTx5yVb798xzXs7MGmEhQQ3MGiAJi9948lgWwDrHCSnRK68e3CUWwhStdLaQIYG0cQ4J%2BG7s"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812c6f898c2c2-FRA
cf-request-id
09dcea105d0000c2c2ed1cf000000001
Expires
Wed, 05 May 2021 07:57:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A7EA
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx961JpiyXdWlPKzCW8DSvHI_haKRI7FgsL7nw6G6SVggHrNyT4v3RNBEZoUpAGUFmlqNPbkaOP_MMXRDO-0Lgriv5-i3UWvO1oMGWajXN6CylrGtMXXInB7emiXF8pM9tWP4U9i_YEETZIbPdAlHFxbRYTyDDsHvSwyOn6DP-gl4mwOE_YRrEALPmZuvzcsQj84ggRTvgY0QxH-qDYsUyvzD_iLRlpZhjy6hyVfC_4EEfl2bjcGhH9agS_xOduUtjj_lrrcZX37Pfa5x_rPd_33mkll7NWGOGQzRk6IRDFYVF1lxUG-yRE9j72FSmkorgmScXFHXavIXn1wq_Ig&sai=AMfl-YTZYYy_yN9Hrg3igD-ai-lptRKAzHnhsAtXaEVzrhieP-DOkgU2LyEBw1zfbXIXwc4BMTOIhn-ncoEvMUwGFyNabnrtunTEZRaE9PIgE2hEGhwM1KdZ5EAR8I65IOjS&sig=Cg0ArKJSzLUWVwlEVYTiEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 May 2021 06:57:12 GMT
get.ashx
run.admost.com/adx/
23 B
731 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=51257&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
haproxy-go
Var
s:go601;cs:cp:cache_z_51257_neq_TR_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
v1
prg.smartadserver.com/prebid/ Frame F0FB
0
318 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:11 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
http://randiul.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame F0FB
19 B
710 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid
48bf9ddd-4288-4c57-9511-d70eb8319179
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame F0FB
24 B
751 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
2936daf8b76e83abba612427b0ea8e6ab2d430088fb8361b7cbe4b2d7936e842

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
/
adx.adform.net/adx/ Frame F0FB
5 B
444 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPQk5NTcyMTcmdHJhbnNhY3Rpb25JZD1jMDMxYTIzNi0wZTMxLTQyNmItODI2My1kN2UyNTRlMmI5NDA%3D&pt=gross&stid=a97990a9-5359-410d-a26b-39f5dba07d50&fd=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F0FB
241 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1950012&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,39a22c8928f9976dbf1f,1,,,&rf=mackolik.com&tk_flint=pbjs_lite_v4.21.0&x_source.tid=c031a236-0e31-426b-8263-d7e254e2b940&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.629586781626406
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9e5364b0c4dd0ad718f0da0a1421d4d1cf984fec9b682695dd9e9e103e519f23

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:12 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame F0FB
0
140 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=10232024449
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://randiul.com
date
Wed, 05 May 2021 06:57:12 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
v2
i.connectad.io/api/ Frame F0FB
0
0

arj
adpone-d.openx.net/w/1.0/ Frame F0FB
172 B
355 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Farsiv.mackolik.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c031a236-0e31-426b-8263-d7e254e2b940&nocache=1620197832935&schain=1.0%2C1!adpone.com%2C39a22c8928f9976dbf1f%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1620197832683&auid=543870364
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
2f418940cfe6b5e3e738452e3916c5335ef4b5d9a6f753c09d7cf2ed1dd57687

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:12 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://randiul.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
adjson
ads.betweendigital.com/ Frame F0FB
2 B
213 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?sizes=300x250&jst=hb&ord=165863927148655.06&tz=-120&fl=0&rr=false&s=4022874&bidid=18c7500f1de2c5b&transactionid=c031a236-0e31-426b-8263-d7e254e2b940&auctionid=a97990a9-5359-410d-a26b-39f5dba07d50&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
get.ashx
run.admost.com/adx/
2 KB
2 KB
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=46601&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
d8f3158538563e9d17b8f1e736a6bba0edc169188048863bdbb6eb71a01f02ad

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:13 GMT
Server
haproxy-go
Pbk
473045-328615-46601
Var
s:go593;c:1;e:8;hc:5;r:>473045-328615-46601-0;cs:cp:cache_z_46601_*_*_*_*_*_*_*
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
1751
Expires
-1
gpt.js
securepubads.g.doubleclick.net/tag/js/
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: run.admost.com
URL: http://run.admost.com/adx/get.ashx?z=46601&accptck=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
b430b9ac127cafc38ffc155ec9111c56f80e7c2b2e5d686796888b55ca16fcc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"862 / 765 of 1000 / last-modified: 1620166139"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21154
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:13 GMT
integrator.js
adservice.google.fr/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.mackolik.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
8 KB
4 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=994027409612509&correlator=2658448199047973&output=ldjh&impl=fif&eid=31060959%2C31060187%2C31060824%2C31060839&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Cleft_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&cookie=ID%3Dbadaa4785b9bea65%3AT%3D1620197831%3AS%3DALNI_MZGCQZweMSvUhZlWdnsI8SZ6dDJjw&bc=23&abxe=1&lmt=1620197798&dt=1620197833168&dlt=1620197830679&idt=1164&frm=20&biw=1600&bih=1200&oid=3&adxs=150&adys=0&adks=267919333&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x1819&msz=120x-1&psts=AGkb-H-N98fYvjPZJSKKT_sfgN3k7Pw3giY7D4FUb-ghqHXHLj-5F7qmk9R5MoUJkb8znns91sSDo7sojzG9jsj_7xk%2CAGkb-H_Kssa-jOAjnKQkkDHCgpYtn61yZhpLXcTgHW10rUlRXmBBLBZI_8i4zkANI9xcLNghcx01gxSVgFz1MriARRc&ga_vid=795096436.1620197832&ga_sid=1620197832&ga_hid=2071184808&ga_fc=false&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
9e243eff10b8970310a2a811a167b9ec82360b23e9744b2a945e198fd67b65ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4193
x-xss-protection
0
google-lineitem-id
5592962289
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138337228196
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
401 B
192 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=994027409612509&correlator=2658448199047973&output=ldjh&impl=fif&eid=31060959%2C31060187%2C31060824%2C31060839&vrg=2021042801&ptt=17&sc=0&sfv=1-0-38&ecs=20210505&iu_parts=90851098%2Carsiv.mackolik.com%2Cright_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&cookie=ID%3Dbadaa4785b9bea65%3AT%3D1620197831%3AS%3DALNI_MZGCQZweMSvUhZlWdnsI8SZ6dDJjw&bc=23&abxe=1&lmt=1620197798&dt=1620197833169&dlt=1620197830679&idt=1164&frm=20&biw=1600&bih=1200&oid=3&adxs=1290&adys=0&adks=1264633616&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x1819&msz=120x-1&psts=AGkb-H-N98fYvjPZJSKKT_sfgN3k7Pw3giY7D4FUb-ghqHXHLj-5F7qmk9R5MoUJkb8znns91sSDo7sojzG9jsj_7xk%2CAGkb-H_Kssa-jOAjnKQkkDHCgpYtn61yZhpLXcTgHW10rUlRXmBBLBZI_8i4zkANI9xcLNghcx01gxSVgFz1MriARRc&ga_vid=795096436.1620197832&ga_sid=1620197832&ga_hid=2071184808&ga_fc=false&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
c6cc65216409b2e811f1b6c627c4be9a57d1970297abd60681fd16fd2eba5970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.mackolik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
footer.png
im.cdn.md/img5/
47 KB
47 KB
Image
General
Full URL
http://im.cdn.md/img5/footer.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
574f4a4a3338f3d2972c605bdccef07a223aa0bee14fdec68a8f7a4a41254273

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:11 GMT
ETag
"d3da7f33e75cd1:0"
Last-Modified
Wed, 08 Aug 2012 08:22:29 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47965
dimml.js
cdn.dimml.io/
18 KB
7 KB
Script
General
Full URL
http://cdn.dimml.io/dimml.js
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
baa9495d62f57a51e558c8eed6ee3c00f83b86a6cc22773fb540a151515f2372

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-NZT
AcO1ryyr9/vv0QQBAA==
Date
Wed, 05 May 2021 06:57:13 GMT
Content-Encoding
gzip
ETag
W/"89b16e35ecc3"
Server
CDN77-Turbo
X-77-NZT-Ray
mfebAAh4YXM=
Transfer-Encoding
chunked
X-77-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
X-Cache
HIT
Connection
keep-alive
X-Age
66769
X-77-POP
frankfurtDE
Expires
Wed, 5 May 2021 12:24:24 GMT
hotjar-314584.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-314584.js?sv=6
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2daa16355e9f256003ba9f61924f2d18c8d4ad2d8a5718ecddc9f46ce8c4a8a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:08 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
8
etag
W/a2ee9ee4ca422fb3e8e88cfd15b96a5d
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
AMS1-C1
content-length
1520
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-id
mXUja60s5i80EKTTAwGP8XODt9gDRdVP0FLYKgEaViZjHZB1WQqK9Q==
get.ashx
run.admost.com/adx/
23 B
705 B
Script
General
Full URL
http://run.admost.com/adx/get.ashx?z=52231&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.41887838842157343
Protocol
HTTP/1.1
Server
195.244.38.50 Izmir, Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
haproxy-go /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.mackolik.com/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:13 GMT
Server
haproxy-go
Var
s:go917;c:1;e:38;hc:12
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, max-age=0, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
23
Expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE30
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=3871833307006147&bg=!cXKlcjbNAAYXzPaOF8w7ACkAdvg8WsjtZk00YiOz-FAA3hDZ5LpELfmzA8NlvjULdzCZpcJ7Ke3fVwIAAAFYUgAAABZoAQcKAOWji1gQ-7JdLGkVg1fAJu_8Au5vr6DmPHFvwelYQt19YIN24XFK2RStsohtf7ULD9IepSKWaijrBIl6cUjoa004FPKgBUDxupCkmse-rORyVN3oaFZq14qhSAVxKZOuWii7HVPIJOWrMGOhXazl5DBBNcGs6yh-s6C-UyBbV78Kb4r-eVrEU3WBi0WSUg84PyAyHEb8wqA3pX9N2e00jg5wFdO8lCdywiZRRq6haL6uP0h3yAnLhORuZkaaXVkmRK1HphWtYX7v6yvhCHxoB_oM2oXzkf0lOc3z6ulXqhoD9DIwBUXwmQJuChEeK8BUOqtbOnWUUXOobfQmRT1RQLQuJhK9uiNLhA_l-gaNpLHEso_qSrIiZ4wVd2kAw5yBxcCrSCbmn4tciOTdMSS600UYtBCNAS3bsE1hHBjtnAzfOUMpUHsrFufTRQZuGuXcHW3FS5CutilNfhsLxWDLleF7h5_NvNambEkjvo-wzfk5CrbjTJsD8MXxROK2RvclprAGjKFVUP-3PqzEq83iwpWxb3O77eCJJo96ZAAOFtfJnboQnJLF7inBujekGWcw1GKwG4uKSbMVSZIn1Gizyb3JIWu0uEXuEo-jknnqLgIHAjbhWHkT1ObehfPvtwrBwNSRFtT3wWNYy4gArq9pkFvR9md2g94WHzdJUchXdoF2dr1FknNAJ88QtCd-ug6QSFAGyGbuwZUjTZ_EQYd1SaVIbG_dn8MCnmpZrS32YUNQOPnNeZ5yYhC8oUbYkWDbSPydszFAkO18wf1mHGo3nFZVCkynz_MtuEm7wrS-_BM1PyH4LzSEwiha9cMwNeKRuKs7jbsYrc95gnsRCve6Hkf_HGgH6otuOlUY8oEeYlXwNUR5hPrDOOQz7V4uAEQmYf7UAKjIHMv5dM2j2lbT7QEQuleglusAcmkQpWDv8ROCWTY-AYN4rKjO_OJ18JAWe1AbAmKlWcLyHte_QbBV7w8tdKE-418xsPW6b8OMxoAZ_cl6j_gCRGhCaD4ZS1ltW5X_JqH_FVHXO0x1Rl74lB1CoiT9gX-EdGZbuB49rMfkwlJhtENmDY1zg6UJTJf3nxi32PUxNxV_KoSDfm-Pz_HGLlbUrF7MhhaUdk1atwT6gh4XrIHtIA
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eb580be1a62d586912203fcb6fddc20712ea77b0.js
cdn.dimml.io/static/
611 B
822 B
Script
General
Full URL
http://cdn.dimml.io/static/eb580be1a62d586912203fcb6fddc20712ea77b0.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e3a18f24b2e9053869d6fb6745303dd7289043df0a84c92c1c71aee1e27f57d5

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Wed, 05 May 2021 06:57:13 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
X-77-NZT-Ray
jzG5dFGgOdc=
Transfer-Encoding
chunked
X-77-Cache
MISS
X-Cache
EXPIRED
Connection
keep-alive
X-77-NZT
AcO1rywly27LSgAAAA==
Server
CDN77-Turbo
ETag
W/"ed29949a5ef8"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=60
X-Age
74
Expires
Wed, 5 May 2021 06:58:13 GMT
rup.js
cdn.eksiup.com/api/native/
8 KB
4 KB
Script
General
Full URL
https://cdn.eksiup.com/api/native/rup.js?column=1&_=1620197833264
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e819dba55e363c3ff35efb9ae33c236175dc6f5ae7ee1bd7625a90fa69c620f

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09dcea123200004e0e391f8000000001
last-modified
Fri, 25 Dec 2020 07:20:54 GMT
server
cloudflare
etag
W/"5fe592d6-213f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pBBaawgyetQ8mlRmBWCImQXWeZcgu8LBdcwUAL4e1o84%2FmXHB3tc7%2BWM1gqcnB4vY1rlr12uAwDYvlHi1L%2FBID4KoxjqM%2F%2FYALDUTZsVyOSf%2Fi4Ibn97sFXrQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
64a812c9ee2c4e0e-FRA
expires
Wed, 12 May 2021 06:57:13 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 6AC9
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
556397
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 05 May 2021 06:57:13 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
slider-left.png
im.cdn.md/img5/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img5/slider-left.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
ddc21f2e288de35020ce7562ae82a1f3f1716996ccd3c52747b4fda5f2136631

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
ETag
"4b99b03619b1cd1:0"
Last-Modified
Tue, 23 Oct 2012 12:23:31 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1071
slider-right.png
im.cdn.md/img5/
1 KB
1 KB
Image
General
Full URL
http://im.cdn.md/img5/slider-right.png
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.136.104 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-istm-s4) / ASP.NET
Resource Hash
f9cc986ad446124bd63a173147db95b5736f89ce93d212db264049dad917211d

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:12 GMT
ETag
"6be7b03619b1cd1:0"
Last-Modified
Tue, 23 Oct 2012 12:23:31 GMT
Server
CCAcc (1.0.1/nvm-istm-s4)
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1070
modules.7225c79fe4e29708c611.js
script.hotjar.com/
219 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.7225c79fe4e29708c611.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-314584.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-9.mad50.r.cloudfront.net
Software
/
Resource Hash
bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
70805
x-cache
Hit from cloudfront
content-length
59087
access-control-allow-origin
*
last-modified
Tue, 04 May 2021 11:17:02 GMT
etag
"5a825663eb0181940c9c8432508f6197"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
cache-control
max-age=30758400
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
NmI4y6JLZrwZ1DityP8T334GfuqAWykOysuXa70TUUywdK02GQer2g==
settings
syndication.twitter.com/ Frame 6AC9
183 B
419 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=c20e27632e65f9b1883428ce29d117f9fb90d750
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Farsiv.mackolik.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:57:13 GMT
server
tsa_devel
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
f10a0c2616bb7e1af2d94b9e65b66fb2ebb9e07511fbc831a93f16e6e3582d36
content-length
152
4d984be9c3958ae34c902ccc8164863b1d4b6019.js
cdn.dimml.io/static/
2 KB
1 KB
Script
General
Full URL
http://cdn.dimml.io/static/4d984be9c3958ae34c902ccc8164863b1d4b6019.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
709edf07ebabeb5d4a2e3a0e7ac5fc920b86e8c8bfc27d5440f7b760b292953e

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Wed, 05 May 2021 06:57:13 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
X-77-NZT-Ray
7p6ukgy1DbI=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
AcO1ryyWe1bv4AQAAA==
Server
CDN77-Turbo
ETag
W/"d33a15f8e33f"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=1800
X-Age
1248
Expires
Wed, 5 May 2021 07:06:25 GMT
box-5e3cec51ed8e99df6977c199d27812d7.html
vars.hotjar.com/ Frame 5DA4
1 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-314584.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-5e3cec51ed8e99df6977c199d27812d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.mackolik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

content-type
text/html
content-length
684
date
Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"4e332edbbc3b46800c87f197cc7d3bb6"
last-modified
Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
YR3lY9YcRX2sq2JHpjr58JsGYVBCBv20GjWkiAatuCiNaBrPjJConQ==
age
3077201
4d984be9c3958ae34c902ccc8164863b1d4b6019.js
baltar.dimml.io/flow/gi94/
0
282 B
Script
General
Full URL
http://baltar.dimml.io/flow/gi94/4d984be9c3958ae34c902ccc8164863b1d4b6019.js?clientId=2&dom=arsiv.mackolik.com&url=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&gemius_sent_once=1
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
34.247.62.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-62-201.eu-west-1.compute.amazonaws.com
Software
dimml-2.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 5 May 2021 06:57:12 GMT
X-DimML-Version
2.2 vH8ffFv9
Server
dimml-2.2
Vary
*
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 01CC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuArT3N-Fbj5w9raTcWU10Blv5jKH1c29vFXBUXzzCwvz8mXgk44EtVXFFz1pubPyBf1fj4DvjQro1ck1k5uky5_5pfDxNaQLFpvgfjp_A75A1cg3VGOs8WjJt3DxFftSoSJ5LcmgOeLqfx-yiIlJA7FJ-18tfhU9D6uATjqBAjKyg6lUNN9g5HCFsyRvOt2IYXl74YCHzXZjYj_Aeq5F4ljeAqsRooPccjQGR69nYnUdkqt_VcIqPyPl0JDtp7acxUlV8sLxRQAAI-BvoDHeSCrE12pOUiLSJfMZjk-A82vgFQPP19kU61xMS1Un7XyBhCLkX7u4kC1tK4iZT1NUZi7lybHuYPn8Br34THTgcllgomLIgzgSoT&sig=Cg0ArKJSzH4nJ5p_0D1eEAE&urlfix=1&adurl=
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
t.js
randiul.com/ Frame 01CC
17 KB
17 KB
Script
General
Full URL
http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
14cd5caa8bf5aba3557187b546ba47cc6a59c69d22a616050f23d44b40634fd0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:13 GMT
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
X-Amz-Cf-Id
_PkqodZmV0r3StA2FbRTqvy9bzdi59YywG-ADasLfZkzZKaE9TxGsA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01CC
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620056514301796"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36023
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:13 GMT
truncated
/ Frame 01CC
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cd7484149386d698e0680aafb618591cf5950cb8279ade25596b206a1c5d2f2

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Cookie set usync
randiul.com/ Frame 7F8F
9 KB
10 KB
Document
General
Full URL
http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc2&cb=6611071620197833475
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=ac4de0dc6a698166b10fccca9386409836a8b40d; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
oOU_RHuk-hLDStyyr7a527svTzlDeVOeLPi-0y0BS9iEsUV1_noeHg==
Cookie set sync
randiul.com/ Frame DCF9
9 KB
10 KB
Document
General
Full URL
http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf5&cb=3704111620197833477
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=b75d58394897d7c8d281dc5b517cd282066aa748; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
VXf3BQclUcvcwqUxmUvmMNHwWqxygK4lz4lFVwSBSckMO3A5spYM3Q==
Cookie set count
randiul.com/ Frame E746
9 KB
10 KB
Document
General
Full URL
http://randiul.com/count?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144635&cb=8905921620197833479
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=dbe884002bcea5bd5be0118091a9f33f569d540f; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
QLvq1GGgzBoaf_-aDHGScj2-PsWl6v83kJRAxX1UmBUoTiVHqzOg3g==
Cookie set usync
randiul.com/ Frame 73F5
9 KB
10 KB
Document
General
Full URL
http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f5&cb=5233151620197833480
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=5d9eb4623f3b0e374c58cd5f464c549d92f484a3; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
rgRtRsoy770NEBh0eZRQjSnCVF1cfCfVss1M9y_N1eeNw_pbiVF8uw==
Cookie set sync
randiul.com/ Frame B632
9 KB
10 KB
Document
General
Full URL
http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b41&cb=6525121620197833480
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=9e46eceae29758d838319c317784e0e2c44693b6; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
1YSmOaQy62K-C3iLI0RSrqnzx852I4zeqPum-g80PuhSE1n29unEug==
Cookie set stats
randiul.com/ Frame 1BF1
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d89&cb=5865211620197833482
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
91efa6a1a0c5ad24ef521207ac840df4f5ff7ce6a21aa884dcc066780f919a3d

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=665b509967bc37aea433d66622bbb933ff338104; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
KJuO9GGXoH6RrIxprN0Lf1-XGRWXFllQuv0uPTTAv1vpI_r3TqGt9w==
Cookie set user
randiul.com/ Frame 95FF
9 KB
10 KB
Document
General
Full URL
http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d17&cb=3797231620197833483
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=2ac616d0432fb4428a512f440bfa1715694a4faa; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
kj-N-LUv6g_h6G00rlzFc3-j7RyDASUavzRG5KQcOiKxPV45MDqiQQ==
Cookie set stats
randiul.com/ Frame C96E
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11387&cb=6787991620197833484
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=0038ed8b6a0f7447e0d2de1522e354a155ed1c10; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
FTQ34OLkJ-AdV6pcIUlLiwqirXSrXbvRZ-uaaE6oN0E0E6gFN0AQGQ==
Cookie set counter
randiul.com/ Frame 0BC0
9 KB
10 KB
Document
General
Full URL
http://randiul.com/counter?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab3&cb=1354991620197833484
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=4f988935013e9d410c98f675976279acb9181b16; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
j3UXDErVsWVN-1_xueax9pR8w4NpC_t2A5zn90z4e72KNDSslo_AnQ==
Cookie set stats
randiul.com/ Frame 3548
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11203&cb=0534471620197833485
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=de11c3c8ddb93a435501760e4ccad2b12284a9d9; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
V2fItIi2RnbDYhFNCd-joOGPe0Kk1togA9u6YLBqOtjccpSTV9RD5Q==
Cookie set send
randiul.com/ Frame 81A8
9 KB
10 KB
Document
General
Full URL
http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c63&cb=4704261620197833486
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=aa7543570430d3685445ed64b51e08ee1fc0c7d8; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
D1VeoXvB22Q65NxYnwE8c3_A7cTutnPgrXETGil7UZgUS6i_fmxjUQ==
Cookie set user
randiul.com/ Frame 3386
9 KB
10 KB
Document
General
Full URL
http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3515&cb=1853111620197833487
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=b14051b5684d4d89292567a1fa701097e26f3a67; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
GDslveiXSVLtvkFLAZskhJXqZdvwhe9C43LkUrGfOE2rXCMApq-WzQ==
Cookie set usync
randiul.com/ Frame 0B59
9 KB
10 KB
Document
General
Full URL
http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d7&cb=5304931620197833488
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=23df6e32117e1b2df0c41bc41c9fac02565bfedd; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
tv9Uo0zGqwSmiFakzjIiETEWUqa81BcrVqjl836ZQoQAdMAZEue27Q==
Cookie set stat
randiul.com/ Frame 9668
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d3&cb=6588941620197833492
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=5652bcc261af0a977c6033996fe3798c9958d2a3; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
YEpyXEtDKgEjIKJaxvEYiCkBEK5LHtTNQCPLE5JvFLBfpMsRp3tgWg==
Cookie set stats
randiul.com/ Frame DAF9
9 KB
10 KB
Document
General
Full URL
http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f49&cb=8061841620197833493
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=de5a25c384cfea34dcc0d19c72b4331a33d6d5d1; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
j6drKhtUDiTyW3typss5KKh-njpx-2VkzGQWiaSGULRwqH8-ZUfOTg==
Cookie set count
randiul.com/ Frame 8F2F
9 KB
10 KB
Document
General
Full URL
http://randiul.com/count?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b5&cb=7640721620197833494
Requested by
Host: randiul.com
URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b

Request headers

Host
randiul.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Wed, 05 May 2021 06:57:13 GMT
Set-Cookie
SSID=30027a34aee99207a46d084681ff5d22ef432fc4; Path=/; Expires=Fri, 07 May 2021 06:57:13 GMT; HttpOnly; SameSite=None
X-Cache
Miss from cloudfront
Via
1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
qaFjJPHlB9eDJ5ZHFWqZO5dFyLk-0EaRu077mGUrXbNPCQjXuebv7A==
button.5573c974dc31bbdab5ea7923a0bd5cf3.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/6760)
Age
556398
Etag
"382be2960021b88f6ce982d997cdbd01+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
prebid_v4_21.js
hb.adpone.com/ Frame 7F8F
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=d050c52bdd6883ba985109b9a8c8dbfc2&cb=6611071620197833475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JTlY9tivhnJwFBAaIyuGiVx%2FpnJmmGZPrzrRQ%2B3haMnHQXc3afAx5SXyPOOYjFHQvwyUDV93zkMrEEtPzBzdKTOcYeL4jEiIk9H%2FW3H4ymWBHIsZfK%2BvGzrz"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea137100004e3d20a7d000000001
cf-ray
64a812cbea494e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W1qBkXlFhbvPnv6O41fmU%2Fs536RuncA67Of4aOHnS9r0CjEKujC3gXZFaOW5A6dMDHoKIblv0anGZkh%2FQ1EKjCtHx5IROOcmF5B%2FsDLCmZYlERzzRM28v%2Bgz"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cbbfbec2c2-FRA
cf-request-id
09dcea134e0000c2c2caab8000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame DCF9
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=8532c942a93c6249819307957e97deaf5&cb=3704111620197833477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ak3Qv9CtJidGRJZIqpe%2BYK53MuvWAeUfws5MGgU%2FKd%2B2fLLgsbC4PcZtHRJFbGy7lrud8ca6%2BceciCJTn0LzAWY2eqZIQmGBRIdR6SUfyxIOp%2B%2FredRE%2ByhD"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea137200004e3d4f234000000001
cf-ray
64a812cbea4d4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dL4hfAX6PUyXfL4s7FQz2L6XDa3aRkf%2Fe7wEKQ2ObKkvAe8zCwACY5uDzD2AkSBeEnmQxZ2Qn232Bgab0TUuERi%2BkgMPgKR7WdGK65CZc23BiTu4ovNjOy1U"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cbbe242bc6-FRA
cf-request-id
09dcea135400002bc6da167000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame E746
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/count?i=ojb32u3hlwggqu144yrdx&a=372391a348f7da1692060bd764e144635&cb=8905921620197833479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aBQYrIUM9%2F81WB8d9X6cl36r8jcouKHxjJJ1aBWqgF7QhU9cm1HpdikDWu9z5VR3dZguD1EXOqseeSpvkQNStSgOrpNTKZ3U6hVkI8ROVi2NDnqyxqpk7FS9"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea137600004e3d70156000000001
cf-ray
64a812cbea4e4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UVR%2F1nKhv4Ej1DoXyQhv1o0lFEsKX09UUBlRvk2iStzDgTHp3Bkb%2F%2Fh4mRihshwhVPIl5W1Ttj1KIVm2nlnjlqVGWa0E4hq5uXM2XiJOtnKePt2p1CTg6XYa"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cbc8c705cc-FRA
cf-request-id
09dcea1358000005cc9a13d000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 73F5
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=b024928c8882978034c90387283d126f5&cb=5233151620197833480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BTAmwtGKn0nzW01v93775ebNy%2BOyKH8X4VL%2Fly5UxXqaxoYUykDtK%2Bjm8yysV4Tl%2FFUkzJFdVXTQ1Zb6lgwnzZKwKse0pF7PzNALgM6G24yam2tJE8BfGLj7"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea137200004e3d40243000000001
cf-ray
64a812cbea514e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gs8UsLN%2BWVoQ7luB%2BEdimDshAoqymEfVFgYMeQM%2F9TSOYTqydKeYFWdlioz14%2FA6fnnxPMLy3bdDrkFxsne%2F29i26lyZ9EVDgPNmL8o2X3D009xistOaVYkx"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cbcfddc2c2-FRA
cf-request-id
09dcea135c0000c2c2028cd000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 1BF1
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=e07324e7b863c76bb1289590caf138d89&cb=5865211620197833482
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xn%2BNBNzMQuKP0e8qD9qrQXV8MqRTpdQOZThqGIhvFGUzfN89K0iL5%2BRzjeNM6iwt0sRA3%2B7MgAAqK8FUX%2BHyG%2BjWZYUhaZMvISFsVzedZxnLUbFTUQlDqW91"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea137300004e3d3835b000000001
cf-ray
64a812cbea544e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AR%2B966dkp8RCdmIS7lP24dAHh%2F6aRABN1kvU%2Fesu6Qao5IWHUKw2wamheJQ%2BLbAMo%2FX9qO2FE2ufgDthV1%2BhWlOagIoXO0%2BeH38%2FYdyKTyhNkumMX%2BbkOazS"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cbc8e905cc-FRA
cf-request-id
09dcea1362000005ccb6961000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame B632
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/sync?i=ojb32u3hlwggqu144yrdx&a=c09dbd0f7246aa15e66d81153fb482b41&cb=6525121620197833480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r5N6byNNCs4masMo0ZZRCEEQcmciKlaJvupp96VTQXKAF6CKEs9CW54uVTbMDmjT5yH4GpoVQ1iGpqexOs1sayg07%2Ftvmz0MDXDgbz5VoZrkihtr5WfW8mIg"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea137500004e3d6091b000000001
cf-ray
64a812cbea5d4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Nexr%2BtZRkrXSatLQjja55M6TZ0cDbsjjTRtu9D0kCEuKIK332ARebdniQuj6Q3XwnLiVLZvUys4Fs5LBGZs%2BCthbO1FCvYkh5BvSZNI8UUcZh78j%2FeJtzOd"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cbde4f2bc6-FRA
cf-request-id
09dcea136700002bc66ebe9000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
follow_button.06c6ee58c3810956b7509218508c7b56.tr.html
platform.twitter.com/widgets/ Frame 4020
37 KB
14 KB
Document
General
Full URL
https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.tr.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
73e458e1ca6caf7a393f417ee0aec26bfb3b178821b74e12d97644da528b6f2b

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://arsiv.mackolik.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
556388
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 05 May 2021 06:57:13 GMT
Etag
"d6e546d8fa1ae90bec42d430591f9bb1+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:46 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13911
truncated
/ Frame 4020
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxl.jpg
randiul.com/ Frame 01CC
597 B
1 KB
Image
General
Full URL
http://randiul.com/pxl.jpg?i=ojb32u3hlwggqu144yrdx&s=528&p=http%3A%2F%2Farsiv.mackolik.com%2Fdefault.aspx&rstk=http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx&h=9128751620197833621
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
HTTP/1.1
Server
65.9.84.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:13 GMT
Via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-C1
X-Cache
Miss from cloudfront
Content-Type
image/jpeg; charset=UTF-8
Connection
keep-alive
Content-Length
597
X-Amz-Cf-Id
XpdQWlmW44iD6JqmuSY-6hHLZgJbAbiGz1qROP3UXlF6eN0lZY43SQ==
prebid_v4_21.js
hb.adpone.com/ Frame 0BC0
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/counter?i=ojb32u3hlwggqu144yrdx&a=0ceab00f6aa2fa44097419a12b6178ab3&cb=1354991620197833484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x80MEioCF6NUwohtZcgT8JHMXsjsVzpklTysPJ0r1sl2Bj4uyeK6ZteYr6KJHo5fHkv6mpn5ERX4H428VyPolwvU6OVuigG%2FPBCP1AtsYswj8JAA8fVQtR0c"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea13f100004e3d282f3000000001
cf-ray
64a812ccbc104e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jr%2FwcgiLxfMJ2xZtNXWK1Rq%2F%2BoBVVWglXfHI6PJOGRhdkEZwH4BEfWuZYX5eUYAYedKuvj7XX8wPWrFGr0zhF6PNfGRazgf%2BqJNVAp7l1l1KjkLmF%2FrQvmHE"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cc3f1d2bc6-FRA
cf-request-id
09dcea13a600002bc6a4b5e000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 81A8
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/send?i=ojb32u3hlwggqu144yrdx&a=d220d3457426e10bf1c6fcfe7156c3c63&cb=4704261620197833486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5uOC%2BOreNH8raVCugZ2UuJsT9yB8UG2oG8OPCqU2wJ4JUx2QCuuran9xUVXFqPVntGpHdkBFY5YciF5B1thelO498%2F6KLtSLmRV%2FZYX%2FgbYnYkJbOQvwodSA"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea13f200004e3d1b0fa000000001
cf-ray
64a812ccbc124e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b%2B5BS3O1%2FVv7QqxcqSNIFRTriGiZieQAQlN9ZgPbJo1XqRb2A4LHGs11RrgqDJHnNNZ93KPSe5%2BlHhWssUbjXq7XUwuGphXd8IIWC75iqfr41FO2EWDqdwwT"}],"group":"cf-nel","max_age":604800}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cc49b105cc-FRA
cf-request-id
09dcea13ab000005cc96257000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 3548
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=ae7a4d7162c85e5c88a28e14dfee11203&cb=0534471620197833485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BYwHSCTDdM7v0QnZF3ieD4N%2FM%2BN4IR0u4fJmUXBOJTxySep6CQ3GVLmqrIe0e898KXA4qghicPwjdvI2i55DsnxWLZXjYz0IKeOoTo2utJG4DiHQrgnFCAHA"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea140300004e3d1b0fb000000001
cf-ray
64a812ccdc4b4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=63G9GcLi2R9QNTkbmZhLfQMkrCjqkOSHA%2FWKc7ZdQr00ZhY5LAUaGFAf5CjOme%2BbSA3jcIEW1m%2FR%2FV%2ByRRBNHe1Cpyt%2BkyLf9VaINDw2U6iRw4CDA64H47J2"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cc489bc2c2-FRA
cf-request-id
09dcea13b00000c2c2052fe000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 95FF
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=f87e5c8f7cfd18312c8b3d901f50f9d17&cb=3797231620197833483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EFAqCCGZbpByVilMxHr4jszyJyxMg4OSm%2BGy5gFYoz0136b9Vkfl6U9QeA5EADf5zesru2w09j1N5IPVI%2Bz87%2FUJodRR%2BniYhHu8v9dqbS69tNA%2FS5F8kS4S"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea140300004e3d63a50000000001
cf-ray
64a812ccdc4a4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6cK8QfJUuch%2BXcy2cKW1RPe1AtygeVLp1IewpG1vtAniZZqB45LMts3AYXz4u5kWzw5qdrboN94LrAy%2BqsFXuyqF3P7rve6o6NyUO3jHXu9MjW5491Te9%2Fmq"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cc4a384d8a-FRA
cf-request-id
09dcea13b100004d8a83b73000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame C96E
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=52f6a328dbddd0d88897f54da3db11387&cb=6787991620197833484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N1ver7lQgtOwVlxFFZ%2FQcSZC8ftoQmUA2af1BHubZx4fqY9DgZ6IC0grsM4wa37EwEAKq9iZpG3yzMIMLCjXRut724zXwry3b5AlaTyIAB3DSio8mBTt0eB%2B"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea140300004e3d4024e000000001
cf-ray
64a812ccdc4d4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t6Mb54OCTDqV9OR5tiIz2td9euONcvlxze6voDJX3l3FHIcpOAXSnpWmKj%2BUx58plF%2FWTVCDQvvTrmqpDiol8%2FPMgNrEkM52G4%2FctDIeusXFUjNDjMTpvfhW"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cc5f402bc6-FRA
cf-request-id
09dcea13b400002bc6948c6000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 3386
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/user?i=ojb32u3hlwggqu144yrdx&a=33201c76a9a8497517064f431b42e3515&cb=1853111620197833487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I93P6ER35MDC%2Fq%2FXYemHvt%2FxTXIRqT94lgASAwNU4tWfB%2FbglVw0jBAQIoqPgEoDzvmLhO6Li4Y3yx%2Byaoxnr1jnhbkE0zk7Iunank%2FWMnfKiLw6UnF3jJxi"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea141400004e3d4619e000000001
cf-ray
64a812ccec8b4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z6pKDArwb4CwdBiZDZGLr6rImvaLd6kevUdVNeNMux6Y0S6o2KDlUJA%2FiEbPr20ZL9jymhKYyu8tQLZIaHikreToD%2F32TWFBhmcXjwsdGUnmFLz0F6C5pX9h"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cc8fa42bc6-FRA
cf-request-id
09dcea13d300002bc6a4b61000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
adjson
ads.betweendigital.com/ Frame 1BF1
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=160x600&jst=hb&ord=3049300253897617.5&tz=-120&fl=0&rr=false&s=4022875&bidid=2bd7b407b3ac4b&transactionid=31e73495-7c2b-44e5-908f-43b019c1d895&auctionid=0...
  • https://ads.betweendigital.com/adjson?sizes=160x600&jst=hb&ord=3049300253897617.5&tz=-120&fl=0&rr=false&s=4022875&bidid=2bd7b407b3ac4b&transactionid=31e73495-7c2b-44e5-908f-43b019c1d895&auctionid=0...
2 B
213 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?sizes=160x600&jst=hb&ord=3049300253897617.5&tz=-120&fl=0&rr=false&s=4022875&bidid=2bd7b407b3ac4b&transactionid=31e73495-7c2b-44e5-908f-43b019c1d895&auctionid=0776d118-054c-4fa6-bcfc-986115fb6e62&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=160x600&jst=hb&ord=3049300253897617.5&tz=-120&fl=0&rr=false&s=4022875&bidid=2bd7b407b3ac4b&transactionid=31e73495-7c2b-44e5-908f-43b019c1d895&auctionid=0776d118-054c-4fa6-bcfc-986115fb6e62&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6ImFkcG9uZS5jb20iLCJzaWQiOiIzOWEyMmM4OTI4Zjk5NzZkYmYxZiIsImhwIjoxfV19&ref=http%3A%2F%2Farsiv.mackolik.com%2F&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://randiul.com
content-length
0
v2
i.connectad.io/api/ Frame 1BF1
0
0

v1
prg.smartadserver.com/prebid/ Frame 1BF1
0
318 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:13 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
http://randiul.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 1BF1
19 B
710 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:13 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid
9ff8b172-dbe3-4ece-8607-ad1cb82a015f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 1BF1
0
140 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0&cb=62169807889
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://randiul.com
date
Wed, 05 May 2021 06:57:13 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bid
ap.lijit.com/rtb/ Frame 1BF1
24 B
751 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.21.0
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
acd367c69a360a805ded0e0fda914790f5a48bfea4e50c0d35c5b767f2c9e7a3

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 May 2021 06:57:13 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://randiul.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1BF1
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=215624&zone_id=1950012&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,39a22c8928f9976dbf1f,1,,,&rf=mackolik.com&tk_flint=pbjs_lite_v4.21.0&x_source.tid=31e73495-7c2b-44e5-908f-43b019c1d895&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.373584319893582
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0ca9d487278edad0b3156a8f96dafe3a17012de548b3716d427971c7eabb4733

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:13 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://randiul.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adpone-d.openx.net/w/1.0/ Frame 1BF1
172 B
355 B
XHR
General
Full URL
https://adpone-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Farsiv.mackolik.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=31e73495-7c2b-44e5-908f-43b019c1d895&nocache=1620197833724&schain=1.0%2C1!adpone.com%2C39a22c8928f9976dbf1f%2C1%2C%2C%2C&aus=160x600&divIds=adpn-adtag-1620197833565&auid=543870365
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
ff1f86496f89b058d317a21feaaece9c9c044d217a38b755be8bf59ac317925b

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://randiul.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 1BF1
5 B
444 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTk1NzIxOCZ0cmFuc2FjdGlvbklkPTMxZTczNDk1LTdjMmItNDRlNS05MDhmLTQzYjAxOWMxZDg5NQ%3D%3D&pt=gross&stid=0776d118-054c-4fa6-bcfc-986115fb6e62&fd=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:13 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://randiul.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
jot
syndication.twitter.com/i/
43 B
329 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Farsiv.mackolik.com%2FDefault.aspx%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1620197833752%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: arsiv.mackolik.com
URL: http://arsiv.mackolik.com/Default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 05 May 2021 06:57:13 GMT
server
tsa_devel
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f10a0c2616bb7e1af2d94b9e65b66fb2ebb9e07511fbc831a93f16e6e3582d36
x-transaction
371674e8fd3c4334
expires
Tue, 31 Mar 1981 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A581
42 B
501 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi-X4Xdy5HTpB1pWYQmFGeKFozobnaepayvD-bRReEaW_FVsvijeHK6VI9jvxl9P_qTncMV5CC5b8TyP8onD4x28sIYkKovhUWCq2tO80&sig=Cg0ArKJSzGYmMbLsb-PAEAE&id=lidar2&mcvt=1017&p=134,436,224,1164&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=821623584&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620197832061&dlt=0&rpt=225&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 01CC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBqf2iCK9yrywmn312ZdL16TKVYWyW-fnli4lavXHVv4VexEV7iRjXvz5kPWnx0skLTSMk8RpTlI7BDXQRyt3aybark2MYlZob5vRX-NnGNx1ufzBvp7gaBmGRiXE3gJn7X8-1sWz_Qzv6zRPPlnyj0tWorfXXaZ4uHvXON7AF2ayeZAQsCG9O2uB5DAENV83epepvwd9n-gd2rNYoPaeWcnMWPGKmn2CGY7RUmovWF_QUwf3966H6r8Us1tlE_vbXTQETVZpfnkfZ1t-rJMZVL2W0jR_rtkEOkubtN04piBvMLDUj526U1ZrwC2HiQ0wyoH2Z5_DKnI7knBvByBxkh_GYVbwuz_ioRa1G&sig=Cg0ArKJSzP19O8cvFXVdEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 05 May 2021 06:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 9668
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stat?i=ojb32u3hlwggqu144yrdx&a=9cf6e67faca94146d7fa322769bc417d3&cb=6588941620197833492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=988o7qWVhFc54NIXdOyyyG14K9B%2F2tIQN1AcpxTF9ZBC986Kk68fQaWnUypFZtWx7gLLnwBko4Z9MjA9MeGFHyxwcUc0cxsVtXvfrXxkr0b%2Fm3feoVq8C2be"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea149800004e3d5b92f000000001
cf-ray
64a812cdbe444e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9%2BF1RvzLpSWwOw3MHs6mJA%2Bz3qA2emJFOO16Sc6ga91tqfZ78J2yj1ecg%2FT13DYQnRautrFOtZU%2FKnZzVpRNxtDIcVZuJO5%2BLsYwXyHDKG0BKP4FsPXEn5J3"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cd59112bc6-FRA
cf-request-id
09dcea145500002bc6d10ee000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 0B59
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/usync?i=ojb32u3hlwggqu144yrdx&a=c3afc70488875e49613c775c64163c0d7&cb=5304931620197833488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C6NcFMzuUuwtTYgpmPlYOFNyGyw8Fkqkwa%2BPTdI7NsisKzHYR01Zjqe0tLKQ7XItDAaSIc9jxrLWXFxFyZ1XxV0gLLiLapCg3kQ5Qf%2Bju07mSZu4daLQaU46"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea149900004e3d311f3000000001
cf-ray
64a812cdce524e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0rUiM%2FjQYW3TyUAHj9xPCGiSSSwuBcwYabe3WB%2FGva%2FihpyyNS5cICum9AAIywyX%2B%2B1rBszRzXgkB0Cdc08IrI3NJ%2B6EVx6AlFepnE6x4BMuGaJQJGuvowVQ"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cd6a06c2c2-FRA
cf-request-id
09dcea145d0000c2c2e39a2000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame DAF9
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/stats?i=ojb32u3hlwggqu144yrdx&a=eddfcbfb128a526f56e05c92a9b481f49&cb=8061841620197833493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kl8fEwXyNzzc98fxepdCo1rnnj5dhb%2FVzakupz23WXU%2BMkVCNBxqERIKOec%2BdKSWE2TCYwahVCB1f%2Fuj8uHFCAsNcmsThAYVY2kShcBxFbQVoJ3Vq6wm8K4l"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea14a500004e3d1d2fd000000001
cf-ray
64a812cdde794e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=79lGlB4JEtdjBEbHCxr%2BXlxkKRn9Jxb5hGCTj6UF1pdqW6oBlnK1qgRPU7BHF3lmxrwxVNsNXjQtb9A%2BZYitsKdlSCu1khfjtN5ya0HEtkCD9tlWNr6gxr6s"}]}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cd693c2bc6-FRA
cf-request-id
09dcea146300002bc6d7bf1000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 8F2F
Redirect Chain
  • http://hb.adpone.com/prebid_v4_21.js
  • https://hb.adpone.com/prebid_v4_21.js
302 KB
88 KB
Script
General
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: randiul.com
URL: http://randiul.com/count?i=ojb32u3hlwggqu144yrdx&a=265e42e3ace33c8282484bff3757965b5&cb=7640721620197833494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3981
content-type
application/javascript
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aVPdRgMtwkwFN1CahBE7B1W7iJsY9lqh4gybPgAEUq7gxV62xEZDcKSwcpm76sp%2BJtz7PBLtFfu8opCX6vtx9yKf%2FnGsEZ%2FYtqYI03ykPNMC6ZRbaHKBRymz"}]}
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cache-control
max-age=14400
cf-request-id
09dcea14a600004e3d7016f000000001
cf-ray
64a812cdde7a4e3d-FRA

Redirect headers

Date
Wed, 05 May 2021 06:57:13 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EiTpNIVH37CFDRNaZEX05YEGLgP0gmWoBSgZFge%2FUcUUMMfbFvo26Iw0kCqWOMS45BUFRAZm67c7MVVO1pTnln9xLb2iBveTNGT%2BP8YiJl5j1RcdAj1sJiRJ"}],"group":"cf-nel"}
Location
https://hb.adpone.com/prebid_v4_21.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64a812cd7cf64d8a-FRA
cf-request-id
09dcea146700004d8a90934000000001
Expires
Wed, 05 May 2021 07:57:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A7EA
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstByI4UNyevsIF-WFu3GT8s--qlYsfYjZ9RAbTInMp5w-HQqi8PTbe2hC-6EVFOLbJEGgYBFonI7XFEDmmuDaYDvVk_HL2uTPRRdQP0144&sig=Cg0ArKJSzAr2Pq5hRn-yEAE&id=lidar2&mcvt=1038&p=245,972,495,1272&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3491219890&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620197832144&dlt=0&rpt=126&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dark-bottom.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
3 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d2af3977cc879022d4f18d519ac1bce009ef573d3676b719d93d4752f4cda51
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2895646
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
702
cf-request-id
09dcea153d00004a6e4231a000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-c28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=imv7UQjmPQELs380T1Gplt2%2F6dXPcSDF9uKTPGCpRo4r70m8UU8Y7RbAwFjzSD%2B%2BIIzmteK%2BwlBBISI6w%2FR6EPhg9waDFA8MEkUJW135vtE2P1De26jC1TYXCifcW5YsMA%3D%3D"}],"max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64a812cecbb94a6e-FRA
expires
Mon, 25 Apr 2022 06:57:14 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
Non-Authoritative-Reason
HSTS
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1896ebf19cadfdaa433689c55261cb81ad06ddb1fdd45b6c3d8051f6657df89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7712
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 05 May 2021 06:57:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BBB8
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://arsiv.mackolik.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://arsiv.mackolik.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 05 May 2021 06:48:21 GMT
expires
Thu, 05 May 2022 06:48:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
533
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
pagead2.googlesyndication.com/bg/ Frame BBB8
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 23:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 12:48:00 GMT
server
sffe
age
26102
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5711
x-xss-protection
0
expires
Wed, 04 May 2022 23:42:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=994027409612509&bg=!DQ6lDkrNAAYXzPaOF8w7ACkAdvg8WtOtlYUZ4fYIlt9xwov-mwkgYMsEsK5VUFqpYHYRSmj6HuAl8QIAAABDUgAAAAtoAQcKALqLKCm7GZZK9pdNnPhtUsDepU6rz917mzmeIKXqqTlx685lxcK4HObbS-x6Opll2rJsbug6hjL2j49AiHCg94_pO1JzWQVZwS7f_QZgjIM7Dlr-wlqK2G8Zwr0tgIsukBWSXu0739qIOjRy2ebJp6DUWvuwZqRUVZThg5xWmvdTXLW6Cfte4LNMJbfaKwagSzw-TKxTvIYQdeThoi7RnnI24eM-5nIc2Vu8s3HIxk_LcqdPvk_W1b1dVueZAlYhQrb4KkbC9Fmpga7FKtvL_a8znpHWRL6QtptYTjyy6sRqETnJlWpb3zCBnneIVRNazc-BxoHI9eXnZBotWD4q6IUhnFwOTbu8DumwztMjcAd8pPtakW9mB18Tf7UkwbIOpmamuVq2_iobcjgzgCMjBYFGzTM7TKnHXtslxnhsZ74ajhCFVXxf5Sn5s96MdS0XNJABbB-VIYhp68wwytAwcYRHMLhL-s54hahotQN8vDOVR7WGLpCDlsNRi8bOk2fLQ8A3_ZhpC0kz8KDcW6MxTEQCaxTE5cLhp_XPtot0g6SeqpxMkRHL7lzMqe9H9NKPVNrnuMmPZ6UYMc8VsiPRApfh-Mp_Y1cCI29e3Rk_4mttvyMtd9QjYVPnuCCZP21OUWUG3ZhNhhhaCpZBEp2NEjsCkdsf2Ts2sWl_pJzNwv_wD7HQLVxsI-G8kbtUB23r--7IY1jkCuQHriHzycnHO94b9Y8IkKHdEGBQf7cNCADchbSzV3MWVQYh2rzHWgLWRj3TDVklKurbstoqVZBPkKRUMwaNZCKYdpcSuJ-cnzrLo7UwX1MgXVAIzoIi3b5G43nKSkuS858ufgQMeX3uUxRwVISjHNzB6IVtnvjeOEbPCSzji2eN4EQUzguIuphxP4SPATWhS1b2QWdybJYuddnvNU30iV8uHwTAIz-IhXxQALMb0edumGGwg_rSu1XfKvYiHCrlpR_g_pk8mzgIT3n_hVC5wMKwnhETQ-Q6hdRbQWyZmSSsl4FTaG-8Jvol2IgZyUDAVChrdw49DyFmgBfy3Ry1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C7EF
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:57:14 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9B13
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:57:14 GMT
syncframe
gum.criteo.com/ Frame 0CE3
0
193 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=arsiv.mackolik.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1748
date
Wed, 05 May 2021 06:57:14 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C7EF
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:57:14 GMT
syncframe
gum.criteo.com/ Frame 7859
0
193 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=arsiv.mackolik.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1564
date
Wed, 05 May 2021 06:57:14 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9B13
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:57:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 01CC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvves64em5QmkwplGHKwpWuGjpohk0jSb5m6Rw9vWsfbCBuxjQevKRMFBU60-n8BFkCzTqLRbF8vJIzHRTptbAcuq9X9MfftZNzAdJCqmI&sig=Cg0ArKJSzDplQGQkyVM9EAE&id=lidar2&mcvt=1000&p=0,150,600,310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=267919333&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1620197833396&dlt=0&rpt=50&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://arsiv.mackolik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame F0FB
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:57:14 GMT
syncframe
gum.criteo.com/ Frame F9DD
0
193 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=arsiv.mackolik.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1521
date
Wed, 05 May 2021 06:57:14 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame F0FB
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:14 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:57:14 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1BF1
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:15 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:57:15 GMT
syncframe
gum.criteo.com/ Frame AFB0
0
193 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=arsiv.mackolik.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=arsiv.mackolik.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1489
date
Wed, 05 May 2021 06:57:15 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1BF1
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
http://randiul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:15 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 May 2021 06:57:15 GMT
usync.html
eus.rubiconproject.com/ Frame 3D7F
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOB3YHHS-1-7V4V; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J57ieEXOusT2oCGLGFUTOXCT2K12t8QVSuQw1v0N7O/GHFHIlogX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0b7c9zvUuGez2EVT+cKs1w81vXQ==; ses9=; vis9=215624^1; audit=1|0o8zzNO5o4YW6x+yL2omhXQnVL2heOLCaEsKMHtqGBupTx/dq8AZEfg2cbyfMDYbaNgdOVL2Yy8K2yMHxwu6l7KpUjWTmmg0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 May 2021 06:57:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 3FCA
0
0
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

date
Wed, 05 May 2021 06:57:15 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
set-cookie
__cfduid=dd888ff3b209ef716369c209500a7a9e71620197835; expires=Fri, 04-Jun-21 06:57:15 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-request-id
09dcea1bfe00004e13dc952000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64a812d99a6f4e13-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
pd
eu-u.openx.net/w/1.0/ Frame 4236
668 B
735 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
d51dc3c1f3f4a552f73542eccd3a0caa2ebc58a0b1ecb087d41ba22144cad42d

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6394ae06-9b06-0c62-1eac-3876e4876058|1620197833
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6394ae06-9b06-0c62-1eac-3876e4876058|1620197833; Version=1; Expires=Thu, 05-May-2022 06:57:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620197835|gekin0vNiygu; Version=1; Expires=Thu, 20-May-2021 06:57:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 05 May 2021 06:57:15 GMT
content-type
text/html
content-length
423
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2C7C
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 03 May 2021 04:58:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 05 May 2021 06:57:15 GMT
Age
7146
X-Served-By
cache-lga21934-LGA, cache-hhn4046-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 119150
X-Timer
S1620197836.844566,VS0,VE0
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 66E4
657 B
749 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
63286fc0078a3b2679e483540d888ce92a89a5b40dbd67b580424495e6fdbc58

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e; ut=YJJByQALPuh59dEXrCHdP5Lhm0RFNTldjHfIKg==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
657
sd
eu-u.openx.net/w/1.0/ Frame 4236
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4a396092-41cb-4e00-adca-7360f224f01e
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4a396092-41cb-4e00-adca-7360f224f01e
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 05 May 2021 06:57:15 GMT
Server
MT3 3709 11aaa92 master zrh-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4a396092-41cb-4e00-adca-7360f224f01e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 May 2021 06:57:14 GMT
sd
us-u.openx.net/w/1.0/ Frame 4236
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wY2H3sOM3Y7a3offkt-T3s7e34jaioiIk41dIffr
43 B
122 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wY2H3sOM3Y7a3offkt-T3s7e34jaioiIk41dIffr
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wY2H3sOM3Y7a3offkt-T3s7e34jaioiIk41dIffr
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4236
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4851975818363996493
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4851975818363996493
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4851975818363996493
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4236
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=b038915f-3281-3395-447a-f09e80a053a5&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4236
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM1NzQyOTUtZmJmNi02ZDMxLTUxOWEtYWEyNzRhNDI5ZGM1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM1NzQyOTUtZmJmNi02ZDMxLTUxOWEtYWEyNzRhNDI5ZGM1&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM1NzQyOTUtZmJmNi02ZDMxLTUxOWEtYWEyNzRhNDI5ZGM1&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWM1NzQyOTUtZmJmNi02ZDMxLTUxOWEtYWEyNzRhNDI5ZGM1&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4236
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkQ64fZ2Q3VYQVQP7JZj4k&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkQ64fZ2Q3VYQVQP7JZj4k&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEkQ64fZ2Q3VYQVQP7JZj4k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ads.betweendigital.com/ Frame 66E4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=b8ce3a88-7f2f-4306-9714-8c5bcf3c61a8&ssp=between
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d9fcec6-ffd3-4910-a86d-28d1282268b3
68 B
159 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d9fcec6-ffd3-4910-a86d-28d1282268b3
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=3d9fcec6-ffd3-4910-a86d-28d1282268b3
date
Wed, 05 May 2021 06:57:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame 66E4
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eLqnxDYNiE2.AikABlF5O1EE1Q
68 B
159 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eLqnxDYNiE2.AikABlF5O1EE1Q
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f13-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=eLqnxDYNiE2.AikABlF5O1EE1Q
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 66E4
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjLg8mEBlIFvp7KygpiJDJlODliZTMzLTg1YWItNTI3ZC1iZDY1LWI2ZDdkZGY3ZjcxZQ**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjLg8mEBlIFvp7KygpiJDJlODliZTMzLTg1YWItNTI3ZC1iZDY1LWI2ZDdkZGY3ZjcxZaIBECBWP2itbxHrpukAJZDIJDc*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjLg8mEBmIkMmU4OWJlMzMtODVhYi01MjdkLWJkNjUtYjZkN2RkZjdmNzFlogEQIFY_aK1vEeum6QAlkMgkNw**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjLg8mEBmIkMmU4OWJlMzMtODVhYi01MjdkLWJkNjUtYjZkN2RkZjdmNzFlogEQIFY_aK1vEeum6QAlkMgkNw**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=20563f68-ad6f-11eb-a6e9-002590c82437
68 B
159 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=20563f68-ad6f-11eb-a6e9-002590c82437
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 05 May 2021 06:57:16 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//ads.betweendigital.com/match?bidder_id=18&external_user_id=20563f68-ad6f-11eb-a6e9-002590c82437
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
match
ads.betweendigital.com/ Frame 66E4
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8fcb658cdbc491dd0754fdaf
68 B
159 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8fcb658cdbc491dd0754fdaf
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 05 May 2021 06:57:15 GMT
Server
nginx
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8fcb658cdbc491dd0754fdaf
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 48C1
4 KB
1 KB
Document
General
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&CACHEBUSTER=39795
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.254.23.213 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
801739505e546b0de4cc1be031d92e22aa81668a2720e49648ec45fec81b0a2c

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&CACHEBUSTER=39795
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.betweendigital.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e; ut=YJJByQALPuh59dEXrCHdP5Lhm0RFNTldjHfIKg==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Wed, 05 May 2021 06:57:15 GMT
content-type
text/html
last-modified
Fri, 23 Apr 2021 10:45:01 GMT
etag
W/"6082a52d-1080"
content-encoding
gzip
usync.js
eus.rubiconproject.com/ Frame 3D7F
30 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e34aa23aef15b4ecbbe85d15993e6dbea355c5e98e1cab40253fd720d2c917bb

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17764
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Wed, 05 May 2021 11:53:19 GMT
bounce
ib.adnxs.com/ Frame 2C7C
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
820 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:15 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid
3bf29e3f-05f1-4284-853e-bc94319479e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:15 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.202:80
AN-X-Request-Uuid
2fff3862-c89e-4aed-a77c-cdd0aad238fc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sspmatch-iframe
ads.betweendigital.com/ Frame 8D31
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e; ut=YJJByQALPuh59dEXrCHdP5Lhm0RFNTldjHfIKg==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
connectmyusers.php
cdn.connectad.io/ Frame 7715
0
0
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

date
Wed, 05 May 2021 06:57:15 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
set-cookie
__cfduid=dbcb5d48dfd2a5f96767e34ec8bd76e941620197835; expires=Fri, 04-Jun-21 06:57:15 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-request-id
09dcea1c7a00002bdd39b17000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64a812da5da02bdd-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
pd
eu-u.openx.net/w/1.0/ Frame 2FC7
498 B
627 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
7e3822722ed5a0140923ae5f16fda9ca01949e0381f5a1d5b4ebe19fbed6b666

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6394ae06-9b06-0c62-1eac-3876e4876058|1620197833; pd=v2|1620197835|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6394ae06-9b06-0c62-1eac-3876e4876058|1620197833; Version=1; Expires=Thu, 05-May-2022 06:57:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620197835|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Thu, 20-May-2021 06:57:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 05 May 2021 06:57:15 GMT
content-type
text/html
content-length
314
content-encoding
gzip
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame 19F4
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOB3YHHS-1-7V4V; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J57ieEXOusT2oCGLGFUTOXCT2K12t8QVSuQw1v0N7O/GHFHIlogX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0b7c9zvUuGez2EVT+cKs1w81vXQ==; ses9=; vis9=215624^1; audit=1|0o8zzNO5o4YW6x+yL2omhXQnVL2heOLCaEsKMHtqGBupTx/dq8AZEfg2cbyfMDYbaNgdOVL2Yy8K2yMHxwu6l7KpUjWTmmg0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 May 2021 06:57:15 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7E8E
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 03 May 2021 04:58:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 05 May 2021 06:57:15 GMT
Age
7146
X-Served-By
cache-lga21934-LGA, cache-hhn4046-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 119153
X-Timer
S1620197836.914374,VS0,VE0
Vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame 2FC7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8288568004759377021&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8288568004759377021&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8288568004759377021&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 2FC7
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=b24bY5sHiruiDrwpU7lpHw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
146 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
2oqulma9m91vvrgae0pvivnfp47cn4nq

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
24fff71b-a22d-a1dc-75ad-e66b7ff79eec
pr-bh.ybp.yahoo.com/sync/openx/ Frame 2FC7
43 B
840 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/24fff71b-a22d-a1dc-75ad-e66b7ff79eec?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2FC7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8OCOlNaP1LEbta5
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8OCOlNaP1LEbta5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:15 GMT
Server
PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-06d48491beb38f0d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8OCOlNaP1LEbta5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2FC7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7B...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&ssp=openx&expires=30&user_group=1
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=3d9fcec6-ffd3-4910-a86d-28d1282268b3
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=3d9fcec6-ffd3-4910-a86d-28d1282268b3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=3d9fcec6-ffd3-4910-a86d-28d1282268b3
date
Wed, 05 May 2021 06:57:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 2FC7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDY3ZFN0JKSVFBQUMwdlBWdWVPQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-106-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 05 May 2021 06:57:16 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7E8E
0
749 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:15 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.208:80
AN-X-Request-Uuid
4d336146-6b76-40f6-8c8b-b7a083e3bef4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 19F4
30 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e34aa23aef15b4ecbbe85d15993e6dbea355c5e98e1cab40253fd720d2c917bb

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17764
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Wed, 05 May 2021 11:53:19 GMT
match
ads.betweendigital.com/ Frame 48C1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=3d9fcec6-ffd3-4910-a86d-28d1282268b3
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=3d9fcec6-ffd3-4910-a86d-28d1282268b3
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=35254e88-bca5-434a-bf8d-4b2e23be95ec&user_group=1&ssp=between&bsw_param=3d9fcec6-ffd3-4910-a86d-28d1282268b3
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d9fcec6-ffd3-4910-a86d-28d1282268b3
68 B
159 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d9fcec6-ffd3-4910-a86d-28d1282268b3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=3d9fcec6-ffd3-4910-a86d-28d1282268b3
date
Wed, 05 May 2021 06:57:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3D7F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzkzZjMzMWY4ZGJiY2UyNjFmYTRkNDRlOTRjMmQ4OTBlNzUxZjFhMg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzkzZjMzMWY4ZGJiY2UyNjFmYTRkNDRlOTRjMmQ4OTBlNzUxZjFhMg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzkzZjMzMWY4ZGJiY2UyNjFmYTRkNDRlOTRjMmQ4OTBlNzUxZjFhMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 3D7F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOB3YHHS-1-7V4V&sigv=1&esig=2~d013f0c9ec71122efa2d4a24735f717438dd83a9
0
444 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOB3YHHS-1-7V4V&sigv=1&esig=2~d013f0c9ec71122efa2d4a24735f717438dd83a9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:16 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOB3YHHS-1-7V4V&sigv=1&esig=2~d013f0c9ec71122efa2d4a24735f717438dd83a9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3D7F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CM1lISFMtMS03VjRW
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CM1lISFMtMS03VjRW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09CM1lISFMtMS03VjRW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3D7F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4a396092-41cb-4e00-adca-7360f224f01e
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4a396092-41cb-4e00-adca-7360f224f01e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Wed, 05 May 2021 06:57:15 GMT
Server
MT3 3709 11aaa92 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4a396092-41cb-4e00-adca-7360f224f01e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 May 2021 06:57:14 GMT
709414.gif
id.rlcdn.com/ Frame 3D7F
0
0
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tap.php
pixel.rubiconproject.com/ Frame 3D7F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/HVppBOiwEXXgXjCtsgufzQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7842513381051793958
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7842513381051793958
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Wed, 05 May 2021 06:57:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7842513381051793958
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 3D7F
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 3D7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELg-usciUkx2rdXJUJhELKs&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELg-usciUkx2rdXJUJhELKs&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELg-usciUkx2rdXJUJhELKs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sspmatch-iframe
ads.betweendigital.com/ Frame 42AB
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e; ut=YJJByQALPuh59dEXrCHdP5Lhm0RFNTldjHfIKg==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
connectmyusers.php
cdn.connectad.io/ Frame CAAA
0
0
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

date
Wed, 05 May 2021 06:57:16 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
set-cookie
__cfduid=d467ed5ae0ec8194d9b7c49b555bd69fb1620197836; expires=Fri, 04-Jun-21 06:57:16 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-request-id
09dcea1d1500002bdd1dae5000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64a812db58392bdd-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
async_usersync.html
acdn.adnxs.com/dmp/ Frame A544
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=848197195258146193
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 03 May 2021 04:58:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 05 May 2021 06:57:16 GMT
Age
7147
X-Served-By
cache-lga21934-LGA, cache-hhn4046-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 119154
X-Timer
S1620197836.063841,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D206
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOB3YHHS-1-7V4V; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J57ieEXOusT2oCGLGFUTOXCT2K12t8QVSuQw1v0N7O/GHFHIlogX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0b7c9zvUuGez2EVT+cKs1w81vXQ==; ses9=; vis9=215624^1; audit=1|0o8zzNO5o4YW6x+yL2omhXQnVL2heOLCaEsKMHtqGBupTx/dq8AZEfg2cbyfMDYbaNgdOVL2Yy8K2yMHxwu6l7KpUjWTmmg0; pux=1512%3D99415%262249%3D99415%262307%3D99415%262974%3D99415%262249-DV360-Hosted%3D99415%26brx%3D99415%26goog%3D99415%26idl%3D99415%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 May 2021 06:57:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 4B79
631 B
736 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
8bcfb5196f0db021a4563c4caded64d753da2c9e5cd75797a304ad3c08fa4677

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6394ae06-9b06-0c62-1eac-3876e4876058|1620197833; pd=v2|1620197835|mWkigqiysLommOgevNgunsn0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6394ae06-9b06-0c62-1eac-3876e4876058|1620197833; Version=1; Expires=Thu, 05-May-2022 06:57:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620197835.1|mWkigqiysLommOgevNgunsn0.j8fcsHqGiSgi; Version=1; Expires=Thu, 20-May-2021 06:57:16 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 05 May 2021 06:57:16 GMT
content-type
text/html
content-length
412
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync
ib.adnxs.com/ Frame A544
0
748 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:16 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.73:80
AN-X-Request-Uuid
6b433bd2-6cee-474e-a0d7-eb2b0ec761f4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4B79
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=848197195258146193
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=848197195258146193
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:16 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.52:80
AN-X-Request-Uuid
742e686a-b5d3-4808-b74a-f9c2963a4eb0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=848197195258146193
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
openx2-match.dotomi.com/match/bounce/ Frame 4B79
0
104 B
Image
General
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 4B79
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:15 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 4B79
43 B
324 B
Image
General
Full URL
https://match.justpremium.com/match/ox?ex_uid=fab95faf-6530-09ff-1664-76a881d5109f
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.177.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:16 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 4B79
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YJJBzAAAvlVkawA4
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJJBzAAAvlVkawA4&_test=YJJBzAAAvlVkawA4
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJJBzAAAvlVkawA4&_test=YJJBzAAAvlVkawA4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620197836.294966,VS0,VE0
x-served-by
cache-hhn4029-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YJJBzAAAvlVkawA4&_test=YJJBzAAAvlVkawA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 4B79
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=rCyQlxgdcWwLw9nqvNabWwRh&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=89dc2416570d552b598409a7ddbfac08&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DrCyQlxgdcWwLw9nqvNabWwRh
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=rCyQlxgdcWwLw9nqvNabWwRh
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=rCyQlxgdcWwLw9nqvNabWwRh
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=rCyQlxgdcWwLw9nqvNabWwRh
date
Wed, 05 May 2021 06:57:16 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame D206
30 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e34aa23aef15b4ecbbe85d15993e6dbea355c5e98e1cab40253fd720d2c917bb

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17763
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Wed, 05 May 2021 11:53:19 GMT
DE13B155BF60BD5C
an.yandex.ru/setud/adsniper/ Frame 48C1
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=20563f68-ad6f-11eb-a6e9-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=20563f68-ad6f-11eb-a6e9-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=vXzOSyRDTClplaevgEtsig&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=vXzOSyRDTClplaevgEtsig&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=vXzOSyRDTClplaevgEtsig&extra2=aidata&google_gid=CAESEFdWXnZc4fZy6g4b0_GOkXM&google_cver=1
  • https://sync.bumlam.com/?src=ggl&extra1=vXzOSyRDTClplaevgEtsig&extra2=aidata&google_gid=CAESEFdWXnZc4fZy6g4b0_GOkXM&google_cver=1
  • https://an.yandex.ru/setud/adsniper/DE13B155BF60BD5C?sign=1232466238
  • https://an.yandex.ru/setud/adsniper/DE13B155BF60BD5C?redir-setuniq=1&sign=1232466238
43 B
185 B
Image
General
Full URL
https://an.yandex.ru/setud/adsniper/DE13B155BF60BD5C?redir-setuniq=1&sign=1232466238
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:17 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:57:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 05 May 2021 06:57:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:16 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:57:16 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/setud/adsniper/DE13B155BF60BD5C?redir-setuniq=1&sign=1232466238
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 05 May 2021 06:57:16 GMT
async_usersync
ib.adnxs.com/ Frame 2C7C
0
749 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:16 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.155:80
AN-X-Request-Uuid
1aeb57b8-ba80-4e40-a5ae-ccbbd67f34c0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame 6786
634 B
763 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
d20aa7e53fd6df3bea50aee3cfd5c51cb3cf6574bfb7b09f831a596d618b1c8c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6394ae06-9b06-0c62-1eac-3876e4876058|1620197833; pd=v2|1620197835.1|mWkigqiysLommOgevNgunsn0.j8fcsHqGiSgi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6394ae06-9b06-0c62-1eac-3876e4876058|1620197833; Version=1; Expires=Thu, 05-May-2022 06:57:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620197835.1|mWkigqiysLommOgevNgunsn0.j8gmtujofcsHqGmuvQiSsfgi; Version=1; Expires=Thu, 20-May-2021 06:57:16 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 05 May 2021 06:57:16 GMT
content-type
text/html
content-length
429
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 802B
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=848197195258146193
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 03 May 2021 04:58:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 05 May 2021 06:57:16 GMT
Age
7147
X-Served-By
cache-lga21934-LGA, cache-hhn4046-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 119169
X-Timer
S1620197837.913103,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4BB0
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://randiul.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOB3YHHS-1-7V4V; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J57ieEXOusT2oCGLGFUTOXCT2K12t8QVSuQw1v0N7O/GHFHIlogX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0b7c9zvUuGez2EVT+cKs1w81vXQ==; ses9=; vis9=215624^1; audit=1|0o8zzNO5o4YW6x+yL2omhXQnVL2heOLCaEsKMHtqGBupTx/dq8AZEfg2cbyfMDYbaNgdOVL2Yy8K2yMHxwu6l7KpUjWTmmg0; pux=1512%3D99415%262249%3D99415%262307%3D99415%262974%3D99415%262249-DV360-Hosted%3D99415%26brx%3D99415%26goog%3D99415%26idl%3D99415%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 May 2021 06:57:16 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame F225
0
0
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

date
Wed, 05 May 2021 06:57:16 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
set-cookie
__cfduid=d467ed5ae0ec8194d9b7c49b555bd69fb1620197836; expires=Fri, 04-Jun-21 06:57:16 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-request-id
09dcea206700002bddd6213000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
64a812e0a9b62bdd-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
sspmatch-iframe
ads.betweendigital.com/ Frame AEFA
0
72 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: hb.adpone.com
URL: http://hb.adpone.com/prebid_v4_21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://randiul.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e; ut=YJJByQALPuh59dEXrCHdP5Lhm0RFNTldjHfIKg==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://randiul.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame 6786
0
136 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:16 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6786
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e8eeed22-2e2b-886f-8474-7209e8939845
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e8eeed22-2e2b-886f-8474-7209e8939845&dcc=t
43 B
433 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e8eeed22-2e2b-886f-8474-7209e8939845&dcc=t
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=e8eeed22-2e2b-886f-8474-7209e8939845&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6786
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=2112fe87-ad6f-11eb-87ca-83e5b245c725
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=2112fe87-ad6f-11eb-87ca-83e5b245c725
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:17 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=2112fe87-ad6f-11eb-87ca-83e5b245c725
Date
Wed, 05 May 2021 06:57:17 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
2112fe88-ad6f-11eb-87ca-83e5b245c725
us.php
gu.dyntrk.com/adx/ox/ Frame 6786
0
215 B
Image
General
Full URL
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.8.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3184584.ip-135-125-8.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sd
us-u.openx.net/w/1.0/ Frame 6786
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=64853DD647AC427DB68DF0EC98AC1523
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=64853DD647AC427DB68DF0EC98AC1523
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:17 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 05 May 2021 06:57:17 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=64853DD647AC427DB68DF0EC98AC1523
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 04 May 2021 06:57:17 GMT
c.html
j.mrpdata.net/ Frame 6786
0
75 B
Image
General
Full URL
https://j.mrpdata.net/c.html?ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.240.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-240-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
async_usersync
ib.adnxs.com/ Frame 802B
0
749 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:16 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.151:80
AN-X-Request-Uuid
726c2295-1aa2-4167-a857-a6e7dc98588c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7E8E
0
749 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:16 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.100:80
AN-X-Request-Uuid
673bd08d-67a1-4107-b46f-002cdfb770a0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4BB0
30 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e34aa23aef15b4ecbbe85d15993e6dbea355c5e98e1cab40253fd720d2c917bb

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17763
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Wed, 05 May 2021 11:53:19 GMT
usync.html
eus.rubiconproject.com/ Frame B77E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&CACHEBUSTER=39795
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cache.betweendigital.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOB3YHHS-1-7V4V; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J57ieEXOusT2oCGLGFUTOXCT2K12t8QVSuQw1v0N7O/GHFHIlogX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0b7c9zvUuGez2EVT+cKs1w81vXQ==; ses9=; vis9=215624^1; audit=1|0o8zzNO5o4YW6x+yL2omhXQnVL2heOLCaEsKMHtqGBupTx/dq8AZEfg2cbyfMDYbaNgdOVL2Yy8K2yMHxwu6l7KpUjWTmmg0; pux=1512%3D99415%262249%3D99415%262307%3D99415%262974%3D99415%262249-DV360-Hosted%3D99415%26brx%3D99415%26goog%3D99415%26idl%3D99415%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 May 2021 06:57:17 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Wed, 05 May 2021 06:57:17 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
async_usersync
ib.adnxs.com/ Frame A544
0
748 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:17 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.28:80
AN-X-Request-Uuid
67e5f5a3-dfd5-4029-b754-47fa7ce03a5c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B77E
30 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e34aa23aef15b4ecbbe85d15993e6dbea355c5e98e1cab40253fd720d2c917bb

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 06:57:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17762
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Wed, 05 May 2021 11:53:19 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame B77E
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
pixel.gif
sync.1dmp.io/ Frame 48C1
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&cs=1
35 B
376 B
Image
General
Full URL
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&cs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-213-228.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:17 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&cs=1
date
Wed, 05 May 2021 06:57:17 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
39795
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 48C1
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/39795
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/39795
43 B
297 B
Image
General
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/39795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
tns-counter-3.1.0/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:17 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
tns-counter-3.1.0/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:17 GMT
server
tns-counter-3.1.0/1.18.0
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/39795
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
betweendata
api.rees46.com/profile/ Frame 48C1
43 B
158 B
Image
General
Full URL
https://api.rees46.com/profile/betweendata?rand=39795
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.99.242.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 06:57:17 GMT
access-control-allow-credentials
true
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/ Frame 48C1
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&expires=30
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3d9fcec6-ffd3-4910-a86d-28d1282268b3&gdpr=&gdpr_consent=&gdpr_pd=
46 B
545 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3d9fcec6-ffd3-4910-a86d-28d1282268b3&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 05 May 2021 06:57:17 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
46
x-mnet-hl2
E
expires
Wed, 05 May 2021 06:57:17 GMT

Redirect headers

location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3d9fcec6-ffd3-4910-a86d-28d1282268b3&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 05 May 2021 06:57:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
async_usersync
ib.adnxs.com/ Frame 802B
0
749 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 06:57:17 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.135:80
AN-X-Request-Uuid
d3466eb4-d5ca-4f29-b2bf-d87b05a72130
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ Frame 278F
2 KB
818 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=2e89be33-85ab-527d-bd65-b6d7ddf7f71e&CACHEBUSTER=39795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=5d1628750185ace
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cache.betweendigital.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
2e89be33-85ab-527d-bd65-b6d7ddf7f71e
an.yandex.ru/mapuid/betweendigitalis/ Frame 48C1
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F2e89be33-85ab-527d-bd65-b6d7ddf7f71e
  • https://an.yandex.ru/mapuid/betweendigitalis/2e89be33-85ab-527d-bd65-b6d7ddf7f71e
43 B
171 B
Image
General
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/2e89be33-85ab-527d-bd65-b6d7ddf7f71e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:18 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:57:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 05 May 2021 06:57:18 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/2e89be33-85ab-527d-bd65-b6d7ddf7f71e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync.html
s.adtelligent.com/ Frame 48C1
0
0
Image
General
Full URL
https://s.adtelligent.com/sync.html?aid=582266
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://cache.betweendigital.com
Access-Control-Allow-Credentials
true
sync
t.adx.opera.com/ Frame 48C1
0
393 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60039&uid=2e89be33-85ab-527d-bd65-b6d7ddf7f71e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 06:57:18 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| DP_jQuery_1620197831185 function| parseFloat2 number| popupWidth function| popMatch function| popBasketMatch function| getBasketMatchLink function| popBasketPlayer function| popTeam function| getTeamLink function| getBasketTeamLink function| getMatchLink function| getComparisonLink function| getBasketComparisonLink function| translateChars function| popStadium function| popTeamTab function| popTahmin function| popBasketTeam function| popVolleyTeam function| popVolleyMatch function| popLeague function| getLeagueLink function| getLeagueSeasonLink function| getBasketballLeagueSeasonLink function| popBasketLeague function| popLeagueSeason function| popF1Driver function| popF1Team function| popF1Race function| popAnket function| popLeagueNews function| popLeagueForum function| popStatistics function| popPlayer function| getPlayerLink function| popManager function| popBasketManager function| popComparison function| popBasketComparison function| popReferee function| popBasketLeagueSeason function| popVolleyLeagueSeason function| popCoupon function| popCouponDetail function| block function| fadeIn function| fadeOut object| SortedColumn function| submitenter function| StringBuilder function| getCookie function| setCookie function| highlight function| blinkIt function| replaceTurkish function| isToday undefined| ieversion function| NavigationChangePageSize function| popDuelloDialog function| popDuelloDialogUser function| popBasketDuelloDialogUser function| popDuelloDialogResult function| isIddaaCode function| openNesineCanli function| openNesineMarket function| openNesineBCanli function| openNesineIddaa function| openNesineBIddaa function| openNesineMacDetay function| openNesineBMacDetay object| Medyanet_Display_Settings string| dtCh number| minYear number| maxYear function| isInteger function| stripCharsInBag function| daysInFebruary function| DaysArray function| isDate function| ValidateForm object| Mackolik object| AdmostClient boolean| _cookieTest string| SMALL_FLAG_PATH string| ICON_PATH string| GROUP_FLAG_PATH string| TEAM_LOGO_PATH string| BTEAM_LOGO_PATH string| USR_APP_ROOT string| APP_ROOT string| IMG_PATH string| JS_ROOT string| LOGO_PATH string| BASKET_GROUP_PATH undefined| windowProxy function| OpenForgotDiv number| firstDotIndex function| Class object| Porthole string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| udm_ object| _comscore object| COMSCORE object| ns_p string| GoogleAnalyticsObject function| ga string| ua object| cookieconsent_options boolean| hasCookieConsent function| search function| validateIddaaText function| searchIddaa number| activeMenu object| _0x5928 function| _0x385b function| _typeof undefined| ReklamUpArsivMackolikCom object| googletag function| screenArea function| infiniteAds object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _amw1 function| openWapIframe object| jQuery182049163563175544445 number| activeNewsPage boolean| boolSlideNews function| gotoNews boolean| has_panels boolean| has_filmstrip number| strip_size object| ggeac object| google_js_reporting_queue number| slide_direction undefined| ReklamUpStickyFooter number| _timer function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id number| google_global_correlator function| showBanner object| data number| j object| cell object| jQuery18206764004361864813 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests object| closure_lm_119995 object| __twttrll object| twttr object| __twttr function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| cintvls object| expireTime number| begin number| end number| cont function| sticky_relocate_master function| hj object| _hjSettings object| tmp object| dimml string| nextContent string| nextType string| prevContent string| prevType object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| k function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray undefined| ReklamUpNativeBox function| update_cookieconsent_options object| GoogleGcLKhOms

0 Cookies

8 Console Messages

Source Level URL
Text
console-api log URL: http://cm.cdn.md/js5/porthole.js(Line 123)
Message:
Porthole: Using built-in browser support
console-api log URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
Safari control removed!
console-api log URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
QUARK PLAYER: Version 1.20.1
console-api error URL: http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js(Line 1)
Message:
GEMIUS PLUGIN NOT LOADED
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js(Line 6)
Message:
[GPT] Consider setting min-width= 300px, min-height=50px or larger styles ondiv with id /90851098/arsiv.mackolik.com/sticky, dom id div-gpt-ad-1609847808956-0, to reserve space and avoid layout shifts. Learn more: https://developers.google.com/publisher-tag/guides/minimize-layout-shift
console-api log URL: http://randiul.com/t.js?i=zq0eqoihjfrx9ad8e0hw3&cb=7688011620197832061(Line 30)
Message:
%c [object HTMLImageElement]
console-api log URL: http://randiul.com/t.js?i=fkgqtha5989uefmm2fv4b&cb=3835071620197832145(Line 30)
Message:
%c [object HTMLImageElement]
console-api log URL: http://randiul.com/t.js?i=ojb32u3hlwggqu144yrdx&cb=1484181620197833395(Line 30)
Message:
%c [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

34b25170a8e78b1a8586fdec834b7013.safeframe.googlesyndication.com
a.sportradarserving.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
admost-banner.b-cdn.net
adpone-d.openx.net
ads.betweendigital.com
ads.yahoo.com
adservice.google.com
adservice.google.fr
adx.adform.net
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
api.rees46.com
arsiv.mackolik.com
b.scorecardresearch.com
baltar.dimml.io
bidder.criteo.com
c1.adform.net
cache.betweendigital.com
cdn.connectad.io
cdn.dimml.io
cdn.eksiup.com
cdnjs.cloudflare.com
cm.cdn.md
cm.g.doubleclick.net
contextual.media.net
daznplayervod.daznservices.com
eaac02f77194982ef93924cecb4d40dc.safeframe.googlesyndication.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
go.admost.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.adpone.com
hm.cdn.md
i.connectad.io
ib.adnxs.com
id.rlcdn.com
im.cdn.md
images.performgroup.com
imasdk.googleapis.com
j.mrpdata.net
js.duhnet.tv
loada.exelator.com
mackolik.com
mackolik.us
match.adsrvr.org
match.justpremium.com
match.prod.bidr.io
onetag-sys.com
openx2-match.dotomi.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
px.adhigh.net
randiul.com
rtb.openx.net
run.admost.com
s.adtelligent.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
str.hit.gemius.pl
sync-tm.everesttech.net
sync.1dmp.io
sync.bumlam.com
sync.ipredictive.com
sync.mathtag.com
sync3.adsniper.ru
sync3.sniperlog.ru
syndication.twitter.com
t.adx.opera.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tr.hit.gemius.pl
um.simpli.fi
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.mackolik.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
i.connectad.io
104.108.144.24
104.111.230.142
104.244.42.72
13.224.111.129
13.224.111.9
13.248.242.197
135.125.8.70
142.250.186.130
146.59.148.16
151.101.113.108
151.101.114.49
169.50.137.190
172.217.23.98
178.250.2.131
18.158.240.83
18.159.17.140
18.198.69.109
185.29.132.69
185.42.236.147
185.59.220.199
185.86.139.59
188.42.196.115
193.232.148.152
195.244.32.55
195.244.32.73
195.244.38.50
2.16.186.91
2.18.232.159
2001:678:cb4:bbbb::11
2001:6d0:4001::226
213.19.162.21
217.182.200.29
217.19.248.132
23.37.42.132
23.45.99.241
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:36ce
2606:4700:20::ac43:49e4
2606:4700:3033::ac43:9ddd
2606:4700::6810:125e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:400c:c04::9d
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00::210:ba28
2a02:6b8::90
2a02:6ea0:c700::1
2a02:fa8:8806:12::1370
2a03:2880:f11c:8183:face:b00c:0:25de
2a0c:5c81:5139::2
3.120.52.76
3.220.131.242
31.172.81.159
31.172.81.160
31.172.81.172
34.247.62.201
34.96.105.8
34.98.64.218
35.157.48.14
35.186.253.211
35.210.53.219
35.244.174.68
37.157.3.29
37.157.6.246
37.252.172.36
5.254.23.213
51.38.120.206
52.19.106.86
52.58.177.37
52.95.123.41
65.9.84.39
65.9.84.55
65.9.84.6
66.155.71.150
69.173.144.138
69.173.144.165
72.251.249.14
77.223.136.104
79.137.69.91
82.145.213.8
87.98.242.60
88.99.213.228
88.99.242.108
89.108.119.28
89.187.169.122
94.130.143.246
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
037921b880f09ad6fadb833e28069c2dc8a6f5564587bad9695885b3b62ffae9
03c5ecd23de9807d07b82e5273dac606b5369ce5e1f838593f0a672408917032
047f93beff6e385b47ad98b78106c1207977911ad4826c370b992d79e5b3c3aa
051bcb4e7ec2e3a0a3e136cc2cc74f650f78a389ac7e4d88a8bc2d27d10859c1
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
08abbd26d6083e3f4958fda29a0fd85bacdabdad2793e804647495c30aa4e816
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be4f543ecce71aa0e5096763d2834f52ff57e754e2f549219c3148c17534aab
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ca9d487278edad0b3156a8f96dafe3a17012de548b3716d427971c7eabb4733
0f2942b414a2db8e19bc57379fc2292df05dc4fa675979aa7063af6e5fa36d34
1099daf3eff8bce7376a0d498f31fa22a1ac64198a688940e178393ad713d212
113939c820b3432933472ce3a627acd88c9ff77b7ed47b57c8e23a48edd347a0
113dc0a39cd08c560c47d4067cacfa781462e754488f09986965e84dfdb1197c
12bb3a8cbbbbe578fc0e90eae189437733fc4cae4a46679c6e0e5269fde0932e
12ede91a905350378daf0b12a4c34e774f688a67f98c9becc8793277e8c05b24
146c53518c6967e7e13ea9b117028f06b5af60bc1035e670ff35fede53253a30
14cd5caa8bf5aba3557187b546ba47cc6a59c69d22a616050f23d44b40634fd0
158e7678fcbefeef2649ea0fad2f9843c1fbdf2bbccad3d2594f244a3950749d
1820b768bbed677d552ebb3a64b1141c0c48c64acd3dba9cd63c188ca5c87da9
1970006acdf437a48e6fcad001faa0dfc7984d48c3d8612c0f68c048c09c9e28
1c0ebfe3482cef643ce84216797b38555c84feacc385807066ce1c9d34c12f26
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1cac081799a0f288c62d4ad60a40e417f74dc3e3a1768d04f7a03de722cca911
1e089fe4af7bafaac381f0e4504e20ec5251795a7024ad64ecbda182d73dd2cb
22a4d03cab85dbb00fc95dc69cd0ba33e69f3f58df274298a3815cab89235db5
2936daf8b76e83abba612427b0ea8e6ab2d430088fb8361b7cbe4b2d7936e842
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ccffddd7ff2e9c0cb1325a12c4786ece0872eac077ee85c4068482270e7f647
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
2daa16355e9f256003ba9f61924f2d18c8d4ad2d8a5718ecddc9f46ce8c4a8a5
2f418940cfe6b5e3e738452e3916c5335ef4b5d9a6f753c09d7cf2ed1dd57687
3177712e455be4da8e6afb3efe5d1f5dd26346917d63c22becb6d1c953102362
333f55e46bba3b2a08e47042bea8b9452a9bd9528dc5a87a89205c093c62ac89
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
384b935474ab09f84f7e845a6e91d8cbad2ff14ed25053d0be524d4624550875
385696ef2d8449d52d84587aa8470d1d4b797e6e1793901af605106f032cdec1
3955a3073559f4f51c645bcef25f023a7c7cfba87d3bb1fb4a6c5fde2760e865
3ae830068399ffead55c272748252cda43e6103da5e6b0d673ae751c27d52200
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8
3ef707fc4a3c01523d30510ce8a91d224e4b80d31be2fd7b18ceee18fb5c437b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43522c2bf8d77ccab466f6334c7621176e0bcb6fe8604de4f56a2b6f8f615e0d
441f219ed57ed9ba64aedc1344c051924b4427e129a31df2528bd7e53d5cb7b5
44488255f30bbe2a93d2d23f241683fd1d71e2c9aa5f6371335a1c2decd6c823
47c9ac90d4519600c96b8e3a69bb9f6d6bf39cdf1dff9aae44306e0ceeab02d0
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4cd7484149386d698e0680aafb618591cf5950cb8279ade25596b206a1c5d2f2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c
51f90affe5485638262b10990148c15d34b4a1bd0b7e46f06b0cfa0060e15283
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
574f4a4a3338f3d2972c605bdccef07a223aa0bee14fdec68a8f7a4a41254273
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
58f047e5fdba8b46c00955c2986b253772a95da12ffdaa2eda3742a63d24ce30
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5ab2cb2850706571717a74499e8430164270ac8305586d45e1d0a3581f43a8b9
5ae42226599cbac001f2db8f5a32cb3f389de9893e4f9e1d88de3118fefa412f
5aff8b1abcb6212d44a19927db2e892166a403245e076a5f6b64e6d9dac3bbd2
5b50728a4409bfbd46ff7102be4430b3709158de733856433393ffa8c3245d0c
5d0070afe85ad97f374bb2c0e442853497a1c9aba921a320c7667ffc3cd6d34a
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5de32e0c88c0eac8aadc5019f9623bb048138e0aac11dcf58b2031fd7551efd7
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
611a7dd3b2291b8d305deaf3398c20aa9f7418f1d7bbfa7d64fa6396682bfdc4
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
61ac0055643f185e2957d5a8c5d8e7c1f526101ed2394381207ba1ac49b7f4ed
63286fc0078a3b2679e483540d888ce92a89a5b40dbd67b580424495e6fdbc58
6372563089a21b381941d79768d9bff09afc0c73249060a0edf2c18e14a0a26c
6793b37a48a4b85151458405cf6c5b9e4f18039328cb14fc8e32e29177a08b65
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6997ed5d149499d545612b3dffb3b16f2ae9b3f10c7193533115e09ae4733012
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df79e98ac3f39a612316d11ac887567173d8b940ca5ca1c48582e5ac57e79b0
709edf07ebabeb5d4a2e3a0e7ac5fc920b86e8c8bfc27d5440f7b760b292953e
71da956c41c2147c988d4d8c98db749c20b9e4f50f51a4a8c665c12c962d54b3
71de2b556685fe99997bb893a59d4a6aaa0c915633f646db2ce030bbda438de1
73e458e1ca6caf7a393f417ee0aec26bfb3b178821b74e12d97644da528b6f2b
7709df895a6a66348aaf1b8045c84eb9032075ec9e2f94ef03a2ca03b01c35f9
796027d4dba4cd6269e6f40609144c06aaff52be2ae40faa09e8240d19d0215f
7acea79c2521213b0e379bcb9c0fe0c690e5cb7ccad1998c5920b2a5699843ad
7be05514fe338ed6cfbab82e994319ab6bab03cc038a24e6e6bbf99980e9e5f2
7e3822722ed5a0140923ae5f16fda9ca01949e0381f5a1d5b4ebe19fbed6b666
801739505e546b0de4cc1be031d92e22aa81668a2720e49648ec45fec81b0a2c
812031ef332b67aa8f3efe65e4dec304864ceb58b8442e08cdbdd82be187ce55
81f5e8672a0895c95e0d3e3a500778d9f39c854fb3be84ebcc29846876cf30da
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848cd9209646f381596bf239a2f81742fc3aafff682f625f0682e62f64a6c8ee
86efa42fcec119039e2eb953c8030585e3831fcbd38f2b9e3c342e1437feb35c
87067822b7a1880e918f8d8648a8df3bbc9ac01c1fb0cec2aefa15e8f5751ec8
873ebd413711780ef503eb0d9adc5f26a8f1addb18e5b407fb345ec51d61a61e
8985bad9bc1075a1519bc3cc1baba8fd995256b3f8f6d6a511de5302077a05fd
8bcfb5196f0db021a4563c4caded64d753da2c9e5cd75797a304ad3c08fa4677
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec3eb4e98e6667ad6a6ab471e6de5ba7d8bdd2caedde38d888ba5dfaad30599
8f748c119d9d5751485d0df940353e5e21757a21874166a52e71fdd67a409f97
91365534c6efb0b5b61a167af1e26b5be0cc73a60db9d1cfb898bb2adc6d3bb6
91efa6a1a0c5ad24ef521207ac840df4f5ff7ce6a21aa884dcc066780f919a3d
92d07c5239095c047b7c3806667f8d471c0e20bd8050b67abfa1c4f74a9c63ef
932bdfb828436b081101296ca3c21e1232156bb95ecce0ab39c0f34dc4086dc9
939ec52ac0dd04dc5bcbd3fe8f4027e42a79989d9a7588fecd2c85aaa2987ba2
93ea1d2a258636d9758b2f99f129af0dd82e841650a0bc0d4daa8114ad4d2ef5
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
97d4d828b296784064da5cb5cd0ff1bfb74d87a79714d117bdf6896b31d94ced
983cfd08e05acbb6688d3b881f39dc1d875970138ff41c4c9a1374f4cb399014
98df8b1ca191f1ca6f0f6e40088c7835a7bddd048d87d658c408f35d65446781
98ed689434c165dcaee863a2f9d1880d3c8827f1133a1ff1051e74d2e2b51166
99b5e9bdcd8b2fe01d9952d123885bbc4d0b9db3c6ac42774e82607ca0bd3147
99e55b7c506804ba286a8b3e3ad537d7a92b2938a500a6d74752df22b2a4aa3e
9b1edbaa82e316f59775f414613a89c811f3662640092d941062e8ec1fd9f1ab
9d2af3977cc879022d4f18d519ac1bce009ef573d3676b719d93d4752f4cda51
9e243eff10b8970310a2a811a167b9ec82360b23e9744b2a945e198fd67b65ba
9e5364b0c4dd0ad718f0da0a1421d4d1cf984fec9b682695dd9e9e103e519f23
9e819dba55e363c3ff35efb9ae33c236175dc6f5ae7ee1bd7625a90fa69c620f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a13329727556eb03b67a9ae8a13ced0ba088dc4d11dfa26570e78ff7cbe2bb56
a156603d59ff5dfa2ffadffe143de68ce7eb50071ba19a45ccaa2c54d7beb1cc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54bba77b3aeac1b0a38caee5711c2c452e3eac65ae4238f5b0716b9436e6e56
a6121e496afc82cd9dac0022c7824ef5af01e40e99e4f1171729d1e486ea20d6
a91d2339b87d400657d27011d1e418ad9e65d7d60727101a64f12278b42f5412
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd367c69a360a805ded0e0fda914790f5a48bfea4e50c0d35c5b767f2c9e7a3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
affa7d0257fe05717ee0484e34d3747939c9f66cbffd49a6b62c15781d427b11
b08835e0e96d0237ab2ed9d316a032b5219ed5b68c201cca1eb48180aa13149e
b1223a0f30bd206a42d1405e07b50a0d0562ece2b7ca8bed8de5436483c07a7f
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b430b9ac127cafc38ffc155ec9111c56f80e7c2b2e5d686796888b55ca16fcc0
b653f066f750ee7c49d7625ecca7cf8c9aa713e7c2aed11255c663b43479d732
b9373534d408ef10e20b3e0653c9d4b901e94a81237b9cdef1cc06c8a0464756
b9a09427f1a1422f7302c8eaf58695c42f47466675e86202ebe401a9548adddb
baa9495d62f57a51e558c8eed6ee3c00f83b86a6cc22773fb540a151515f2372
bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af
bd5fcf182e343c02c360c3a5080eb4499a4a5e297783b2728306443dd54c4bae
bda7d4c80affb465e7119bcbfd215c5bc9031a2100e0e361577753d7660d944d
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c123ad847c18a2ec3113d9754a655569ee100e494f0cee10c574008c16ab64a7
c13f5ac7ae0e10138056f4c238226392ad28e883f78d3e19fb43dcb9c1b58582
c1517ff23b17159795e65199e7fc06805bc36c10fe95ef8cd6b696b0fc3b7744
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1
c45435989dbfa92ad5a498960feea35a92a8ccfa8032d929c29e6da89114e737
c481a54fe9fe7fb5966aa9520b3dfa322f4acf63f93353cde41742fbb2cd4922
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6cc65216409b2e811f1b6c627c4be9a57d1970297abd60681fd16fd2eba5970
c8793509b08afcc3849deecb90ecb38d6ac55937b2035cae4b686f447900100c
caa8795fdc2d03becd1b1fadaf4ba16ca8a02a18bc901b67a305ad70ab39c9e3
cc7bdb4edc007c99e5fb9349f1a971fa0ec59b3dfa4d69fbaae3681d5f0aa488
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ccfbcccdd761f6901f9c2225e022cc7fd07f82a15df3170c210996e9d6cae089
ce94599488ec9e8c575525914a25e9c7d97fabebf8570ce64939fea303cca39f
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1a95693da4f11aa4645d8ed704614f14679cb6d46e3a2b67137d81f036eaba2
d20aa7e53fd6df3bea50aee3cfd5c51cb3cf6574bfb7b09f831a596d618b1c8c
d34307c9a22438c45e974f24d07f41f83227ecbf729a1a3b0f36cb0c38f1b30c
d5004a9ada961a31405757982290a429a8c264b2a154659e32fab194b53d140c
d51dc3c1f3f4a552f73542eccd3a0caa2ebc58a0b1ecb087d41ba22144cad42d
d7771dde2892e058642cecd14c076c7d5290028bad01d52bbbff01ddcd17867b
d7e0dd16fd23f938f3e3b584256b980ff8b850a96bbad0df37f145887eab581b
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561
d8f3158538563e9d17b8f1e736a6bba0edc169188048863bdbb6eb71a01f02ad
da6abd5cd7d7da4e9caaee5f07b1a613641a2ddb09f0934917fa7b31003c7797
dce881df37ece3503fb95205b1392bb7c8c1aabc95d084e4d0df71ceef7a39c1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc21f2e288de35020ce7562ae82a1f3f1716996ccd3c52747b4fda5f2136631
de00817d2456b6108f78a2774d70d1ab8658a5ba300ab4023c55dd2817de052a
e05877ec1cc3a0f91bd0726fab6baca1bbf8caf6048941bd6fbf805088e357d7
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e2f2d6f1a0e415a937f0510cfd9810b6d989afff2a566f1215f02d105cd5c6aa
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395
e339219d347effa315af137b67c0442a018ed4e5f38c2c2748d994644a372ab2
e34aa23aef15b4ecbbe85d15993e6dbea355c5e98e1cab40253fd720d2c917bb
e3a18f24b2e9053869d6fb6745303dd7289043df0a84c92c1c71aee1e27f57d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335
e471e87ed4beab1580036363f9cf3a9877751cacbffa0bab58b83cc6cf944f8b
e85ed70f54fcdcdbf8739151b7398df3e8bcb38f4afd38dba0e6ac802dd30995
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0754ba26b5564598ef1b014fd26e849540f2fe60303f91522f25d2a65b04f0f
f1896ebf19cadfdaa433689c55261cb81ad06ddb1fdd45b6c3d8051f6657df89
f20dafc9f52f410cb8d31261d8eb82197df655c212e3c4c679937553f9353526
f2746d579ec65d660dbf80cd603d3aa0d9e00378fcf9d912fef9989a1e044920
f2ff5e9280f6a481345116d335ff6f334378f045afed98c85815e3c3a717dbd3
f324e01e06560f8cf72e66ba86e85294b4ddb2775c3690b18efbb7e6ef6c68eb
f37518bfcc8ff442c9dec377f199a244883776d3e9398ccb0d9216cbf50bdcb8
f40f602ff26e222ea2ae16e5a5f8ad96a52ca03e7473e998bb02e60da0a942e0
f46774ce119fe427877f181509287b971834830f0b61155e904d123bfce03bfe
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f82fa028dce989ca4321ce730ff7ebdf14845f2529464866c95f2b64c68a118d
f99658f600eb7f107a3504c806a5a5865d173edfe3de1b5e2c4d9593e234886a
f9cc986ad446124bd63a173147db95b5736f89ce93d212db264049dad917211d
f9f3facbbca03a3c32a03c74da2152f3888997c01e9c523e8801cc7e0d89d516
fa589b0dc7e5cbc8fb038114db91bb6ecd872408092a0624fb47e798db79f56f
fc4c88210236fb8e2e96c0e8b048470b77b6a6067a20c8d1a18e0b94085b06e2
fcea0b2bf6dd0c2433efd74345c2bb5fbfb0b017ba404de6373d14b9596d872c
ff1f86496f89b058d317a21feaaece9c9c044d217a38b755be8bf59ac317925b
ff9e832991a492c92de8dca85225f55e5f19b3290292f411c9ef2ba31e59bdee