URL: https://na.1950smusic.com/
Submission: On June 20 via manual from JP

Summary

This website contacted 26 IPs in 4 countries across 28 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3034::6815:5bc, located in United States and belongs to CLOUDFLARENET, US. The main domain is na.1950smusic.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2021. Valid for: a year.
This is the only time na.1950smusic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 2606:4700:303... 13335 (CLOUDFLAR...)
1 188.165.119.226 16276 (OVH)
1 31.3.2.72 21245 (NETSA-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
1 77.245.158.190 42868 (NIOBEBILI...)
1 89.252.178.203 51559 (NETINTERN...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 138.201.54.145 24940 (HETZNER-AS)
1 77.223.131.139 43391 (NETDIREKT-AS)
1 89.163.146.119 24961 (MYLOC-AS ...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 31.207.84.186 42807 (AEROTEK-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 94.130.190.107 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
44 26
Domain Requested by
9 na.1950smusic.com 1 redirects na.1950smusic.com
6 pagead2.googlesyndication.com na.1950smusic.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.facebook.com 1 redirects na.1950smusic.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 encrypted-tbn0.gstatic.com na.1950smusic.com
1 www.permolitboya.com.tr na.1950smusic.com
1 img.letgo.com na.1950smusic.com
1 lookaside.fbsbx.com 1 redirects
1 3.bp.blogspot.com na.1950smusic.com
1 www.metpordekor.com na.1950smusic.com
1 www.gigbi.com na.1950smusic.com
1 www.polzem.net na.1950smusic.com
1 www.unluboya.com.tr na.1950smusic.com
1 docplayer.net na.1950smusic.com
1 www.kraloyunskor.com na.1950smusic.com
1 modaboyarenkleri.com na.1950smusic.com
1 www.bebek.com na.1950smusic.com
1 i.hizliresim.com na.1950smusic.com
1 cdn.cimri.io na.1950smusic.com
1 www.minicadde.com na.1950smusic.com
0 www.evdemimar.com Failed na.1950smusic.com
0 www.uyur.com Failed na.1950smusic.com
0 www.tekhanboya.com Failed na.1950smusic.com
0 oyunlar.megaoyun.gen.tr Failed na.1950smusic.com
44 30
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-14 -
2022-06-13
a year crt.sh
webmail.minicadde.com
R3
2021-06-07 -
2021-09-05
3 months crt.sh
*.cimri.io
Sectigo RSA Domain Validation Secure Server CA
2019-11-05 -
2021-12-03
2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.hizliresim.com
R3
2021-05-03 -
2021-08-01
3 months crt.sh
bebek.com
cPanel, Inc. Certification Authority
2021-06-17 -
2021-09-15
3 months crt.sh
modaboyarenkleri.com
R3
2021-05-30 -
2021-08-28
3 months crt.sh
*.docplayer.net
R3
2021-05-05 -
2021-08-03
3 months crt.sh
www.unluboya.com.tr
Sectigo RSA Domain Validation Secure Server CA
2019-06-18 -
2021-06-24
2 years crt.sh
polzem.net
cPanel, Inc. Certification Authority
2019-09-07 -
2019-12-06
3 months crt.sh
metpordekor.com
cPanel, Inc. Certification Authority
2021-04-19 -
2021-07-18
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
*.letgo.com
DigiCert SHA2 Secure Server CA
2020-04-07 -
2021-07-07
a year crt.sh
permolitboya.com.tr
R3
2021-04-24 -
2021-07-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.google.de
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh

This page contains 6 frames:

Primary Page: https://na.1950smusic.com/
Frame ID: 86AF8DFFC590A0929BFAFAAF0A832EC9
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Frame ID: 17395072142CA87E3ABAE8AAE5905F44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2491266223357270&output=html&h=280&slotname=6094860864&adk=3843437353&adf=1850635622&pi=t.ma~as.6094860864&w=1200&fwrn=4&fwrnh=100&lmt=1624193949&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fna.1950smusic.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624193949018&bpp=10&bdt=259&idt=241&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2661213540519&frm=20&pv=2&ga_vid=2120621582.1624193949&ga_sid=1624193949&ga_hid=114367239&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060973%2C21065725&oid=3&pvsid=2791420289444126&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=fxbrcO5DcE&p=https%3A//na.1950smusic.com&dtd=286
Frame ID: 45BB418288FCB043E076DB2A84D17E40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2491266223357270&output=html&adk=1812271804&adf=3025194257&lmt=1624193949&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fna.1950smusic.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624193949333&bpp=2&bdt=573&idt=2&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=2661213540519&frm=20&pv=1&ga_vid=2120621582.1624193949&ga_sid=1624193949&ga_hid=114367239&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060973%2C21065725&oid=3&pvsid=2791420289444126&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&dtd=26
Frame ID: 67933B2C4E94240983350534D6A13645
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: A7320BD593E9B03975D5EB46B84A7A47
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9EA97FF1CECA0AC77218F902F84F4B92
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

44
Requests

89 %
HTTPS

62 %
IPv6

28
Domains

30
Subdomains

26
IPs

4
Countries

1625 kB
Transfer

2257 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://na.1950smusic.com/search?q=i%C3%A7+cephe+filli+boya+renk+kartelas%C4%B1&tbm=isch HTTP 301
  • https://na.1950smusic.com/search/?q=i%C3%A7+cephe+filli+boya+renk+kartelas%C4%B1&tbm=isch
Request Chain 16
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200 HTTP 301
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
Request Chain 22
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1824577411114899 HTTP 302
  • https://www.facebook.com/1824577411114899/photos/a.1824577551114885/1824577554448218/?type=3&is_lookaside=1 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2F1824577411114899%2Fphotos%2Fa.1824577551114885%2F1824577554448218%2F%3Ftype%3D3%26is_lookaside%3D1

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
na.1950smusic.com/
81 KB
16 KB
Document
General
Full URL
https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1906c66ecd674c9ea60b5200dc83a288e00d21a6360a0a3a4be0075231c8dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
na.1950smusic.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=3c827a414014a9862c74086c243c15c2; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://na.1950smusic.com/index.php?rest_route=/>; rel="https://api.w.org/"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
cf-request-id
0acb19f2dc00004e3d4a910000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FmycKV5QK0rvgkAIrWED%2F5e28SbpLAjFoQu6TStMEbMsSLNu6ZZXME72bNuEAZuxCwnyxDr2heudcqyzqNVBwV4cGL6t%2FIBW8csd0KpgIEip4PqyoDFIvuFDjAzEGIATXTtu43W3J68D4cQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66252c315cef4e3d-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.min.css
na.1950smusic.com/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://na.1950smusic.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=3c827a414014a9862c74086c243c15c2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
na.1950smusic.com
referer
https://na.1950smusic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3009142
vary
Accept-Encoding
cf-request-id
0acb19f47700000629a527f000000001
last-modified
Sat, 01 May 2021 03:40:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"608ccd9e-e33b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gTMjXVkZhhFNJ2on59N11jpW%2FrcBp9aL%2B86PvNnjq6eoiymdOjNDghVQZE%2B%2Fk3ejdeBDmgOwmSmh9ZKGCpFm1g6tQkU40MIzcNVWAXDuQtmrUgpnuH8Dh7c24mVYTpAsfgnlgIqDAwRLdvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
66252c33e90a0629-FRA
expires
Mon, 16 May 2022 17:06:46 GMT
theme.min.css
na.1950smusic.com/wp-includes/css/dist/block-library/
3 KB
1 KB
Stylesheet
General
Full URL
https://na.1950smusic.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.2
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=3c827a414014a9862c74086c243c15c2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
na.1950smusic.com
referer
https://na.1950smusic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3009145
vary
Accept-Encoding
cf-request-id
0acb19f47600000629da08d000000001
last-modified
Sat, 01 May 2021 03:40:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"608ccd9e-a9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a5b0fu8eDZxgU5qWHD0hA6nv5Pj2UVH5efxTBHIxAtcKgxMZrWvMCdxA6q6%2BEe8awm14v8%2F6M7dOump7PMl7Re2TPU%2FT2CMbNw55JA0Y3NGC%2BQ8J506CIl6TkEaNqB2fGffOTKt4opCNkYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
66252c33e9050629-FRA
expires
Mon, 16 May 2022 17:06:43 GMT
style.css
na.1950smusic.com/wp-content/themes/twentynineteen/
227 KB
27 KB
Stylesheet
General
Full URL
https://na.1950smusic.com/wp-content/themes/twentynineteen/style.css?ver=2.0
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca6b7a2f0f09436a30382b9cb8120aedda56773f913544a8b88ba298f744b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/twentynineteen/style.css?ver=2.0
pragma
no-cache
cookie
PHPSESSID=3c827a414014a9862c74086c243c15c2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
na.1950smusic.com
referer
https://na.1950smusic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3599107
vary
Accept-Encoding
cf-request-id
0acb19f47600000629e9bba000000001
last-modified
Sun, 09 May 2021 08:16:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60979a4e-38cfd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=41Ym2pDD6YzsXrF4E8zwVa68Bl0xoKDhrEGN2TmuUYYlt5enQ4H72Dybbowt8uzLKGgnqD67kTt1t2GtO3k0ijnXH51jH3a4QGzAGrqY%2BtzlWCoFE3fxvVLuIElTrksqWw0d66ewmo%2FA05s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
66252c33e9090629-FRA
expires
Mon, 09 May 2022 21:14:01 GMT
carioca-tita-jumbo-ucgen-kuru-boya-kalemi-12li-boya-kalemleri-carioca-74085-38-B.jpg
www.minicadde.com/
424 KB
424 KB
Image
General
Full URL
https://www.minicadde.com/carioca-tita-jumbo-ucgen-kuru-boya-kalemi-12li-boya-kalemleri-carioca-74085-38-B.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.119.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-188-165-119.eu
Software
/
Resource Hash
d65ba8d2783b6f9ed50ae1b2d178f4f1495a255f64292b578d24ab43a81f20ec
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
last-modified
Thu, 16 Jul 2020 07:35:04 GMT
etag
"69e42-5f100328-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
433730
x-xss-protection
1; mode=block
expires
Mon, 20 Jun 2022 12:59:08 GMT
cariocaligenkuruboya_12914499.jpg
cdn.cimri.io/image/1000x1000/
39 KB
40 KB
Image
General
Full URL
https://cdn.cimri.io/image/1000x1000/cariocaligenkuruboya_12914499.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.72 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2144 /
Resource Hash
bf3ae6a4802ce62c2b56a6d2910b61261f739cd7c76bc6bda650b6a6c79d9077

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
server
MNCDN-2144
x-mnrequest-id
80c9915037e0e6dd2f9a5db762a3b198
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-envoy-upstream-service-time
240
content-disposition
inline; filename="12914499_.webp"
x-request-id
04d6efd2-3513-46fa-b35f-393884cdfb42
content-length
40304
x-mserver
2177
expires
Mon, 20 Jun 2022 12:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
135 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f3ea9dda31c4f06f4a3ea880793f42de1a7b9b35047998872169aef3f9e15f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48872
x-xss-protection
0
server
cafe
etag
4842954625908305269
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 12:59:08 GMT
l09oRp.jpg
i.hizliresim.com/
0
0
Image
General
Full URL
https://i.hizliresim.com/l09oRp.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

5-aylik-bebek.jpg
www.bebek.com/wp-content/uploads/2017/12/
19 KB
19 KB
Image
General
Full URL
https://www.bebek.com/wp-content/uploads/2017/12/5-aylik-bebek.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.158.190 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
www.bebek.com
Software
LiteSpeed /
Resource Hash
1913a2bba9a8624575ab4c1f3f79510fb0a2ae5e829aa5302e7c6ec085f1a53d

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 13:01:21 GMT
last-modified
Thu, 14 May 2020 02:40:06 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
content-length
19094
expires
Sun, 27 Jun 2021 13:01:21 GMT
en-s%C3%BCper-filli-boya-d%C4%B1%C5%9F-cephe-duvar-boyas%C4%B1-renkleri-kartelas%C4%B1-ve-katalo%C4%9Fu-2016-2017.png
modaboyarenkleri.com/wp-content/uploads/2016/07/
188 KB
188 KB
Image
General
Full URL
https://modaboyarenkleri.com/wp-content/uploads/2016/07/en-s%C3%BCper-filli-boya-d%C4%B1%C5%9F-cephe-duvar-boyas%C4%B1-renkleri-kartelas%C4%B1-ve-katalo%C4%9Fu-2016-2017.png
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.252.178.203 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
server.ihaledersleri.com
Software
Apache / PleskLin
Resource Hash
c378068eb8e1a20e2fa680b0abe34cd7a27d157b97576a8f271db9589f776857

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 12:59:08 GMT
Last-Modified
Tue, 19 Jul 2016 17:47:03 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2ee0d-53800ac27d3c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
192013
/
na.1950smusic.com/search/
Redirect Chain
  • https://na.1950smusic.com/search?q=i%C3%A7+cephe+filli+boya+renk+kartelas%C4%B1&tbm=isch
  • https://na.1950smusic.com/search/?q=i%C3%A7+cephe+filli+boya+renk+kartelas%C4%B1&tbm=isch
64 KB
64 KB
Image
General
Full URL
https://na.1950smusic.com/search/?q=i%C3%A7+cephe+filli+boya+renk+kartelas%C4%B1&tbm=isch
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/search/?q=i%C3%A7+cephe+filli+boya+renk+kartelas%C4%B1&tbm=isch
pragma
no-cache
cookie
PHPSESSID=3c827a414014a9862c74086c243c15c2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
na.1950smusic.com
referer
https://na.1950smusic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0acb19f628000006296e013000000001
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0eZW2L%2BMB98p2%2F31MKOlIMRu2th0wWd1xUYPKyW0GZKc9%2F%2FvkDRzuXpuxsUJd5lqQI8B6SmojeWdS9x%2B%2BmI4zqXFHEVTNteIdg8JobTo7T2pBd9g3lV8qr6AAEUs4NhIsRte8iJmoRj3TfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
no-store, no-cache, must-revalidate
cf-ray
66252c36a8fe0629-FRA
link
<https://na.1950smusic.com/index.php?rest_route=/>; rel="https://api.w.org/"
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

date
Sun, 20 Jun 2021 12:59:09 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-redirect-by
WordPress
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0acb19f4b800000629f1126000000001
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lJde7NeMqQvwiWn9PCPbu3hT66mnYJXtRcrMOkkjAhTXH8ORpu8vInkOFcr8NjXFGANMK9LNhw7bnp0pyy3qakyN9xF3ZSemQ3RFEMKDdlsZookBmvbg5JK7vqX4crAtDplu%2FX5UkePUWNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://na.1950smusic.com/search/?q=i%C3%A7+cephe+filli+boya+renk+kartelas%C4%B1&tbm=isch
x-xss-protection
1; mode=block
cache-control
no-store, no-cache, must-revalidate
cf-ray
66252c345a680629-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
1338.jpg
oyunlar.megaoyun.gen.tr/db/resim/
0
0

caglar-boyu-savas-4-145x115.jpg
www.kraloyunskor.com/wp-content/uploads/
0
0
Image
General
Full URL
https://www.kraloyunskor.com/wp-content/uploads/caglar-boyu-savas-4-145x115.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:35d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

urun.gif
www.tekhanboya.com/images/
0
0

54-0.jpg
docplayer.net/docs-images/66/54606867/images/
2 KB
3 KB
Image
General
Full URL
https://docplayer.net/docs-images/66/54606867/images/54-0.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.54.145 Stuttgart, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.54.201.138.clients.your-server.de
Software
nginx /
Resource Hash
abc0b501298f0bd0b8dce11d406939cb651695e9f10293044673331796fbca7c

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 12:59:08 GMT
Last-Modified
Mon, 25 Sep 2017 05:15:55 GMT
Server
nginx
Cache-Backend-Server
slideplayer-98
ETag
"59c8910b-8ef"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Link
<https://docplayer.net/docs-images/66/54606867/images/54-0.jpg>; rel="canonical"
Content-Length
2287
841-seri.jpg
www.unluboya.com.tr/SF/942/
53 KB
54 KB
Image
General
Full URL
https://www.unluboya.com.tr/SF/942/841-seri.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
77.223.131.139 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4bc7c5e49980cc5da06a9cea37394146343118c02f2c8b6446cb1c4c18dd2dd8

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 12:59:07 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
public
Content-Length
54677
Expires
Sun, 19 Jun 2022 22:26:19 GMT
1556d9dc5d6ce2.jpg
www.polzem.net/images/hizmetler/
54 KB
54 KB
Image
General
Full URL
https://www.polzem.net/images/hizmetler/1556d9dc5d6ce2.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.163.146.119 Tettnang Castle, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
sunucu.tekmer.net
Software
nginx /
Resource Hash
00cf0fb36c7c8f1835c425a22ec0e32b250d5eed71004c85db3ac7f5a773ab4e

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
last-modified
Wed, 03 Jun 2015 11:47:40 GMT
server
nginx
accept-ranges
bytes
etag
"556ee95c-d911"
content-length
55569
content-type
image/jpeg
img.php
www.uyur.com/
Redirect Chain
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
  • https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
0
0

4-aylik-bebek-kilosu-2-600x474.jpg
www.gigbi.com/blog/wp-content/uploads/2017/10/
36 KB
37 KB
Image
General
Full URL
https://www.gigbi.com/blog/wp-content/uploads/2017/10/4-aylik-bebek-kilosu-2-600x474.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d7a091786a12e0bc5b377f7d88dfe706141655c9e0ba2e6f226b1f603bb6a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2306
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
37003
cf-request-id
0acb19f517000005fd9ea14000000001
last-modified
Wed, 11 Oct 2017 20:43:55 GMT
server
cloudflare
etag
"908b-55b4b7b6d78c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HyrP%2FGsgyEpDMr56Z6Nj%2Fvrfa8GSSPauUgoPTxdbdlSx5wkb%2F3%2FUtzHZEbKJkuLMmCQQm5nJImgmnTZ2P4KrGfBVsu7%2BBq3ky4bb82q8LpONGm0t3R1txXyZJiai9NK1mgNgCnkfEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66252c34ed4d05fd-FRA
1556620945_dis-cephe-boya-uygulamalari.jpg
www.metpordekor.com/uploads/posts/2019-04/
68 KB
68 KB
Image
General
Full URL
https://www.metpordekor.com/uploads/posts/2019-04/1556620945_dis-cephe-boya-uygulamalari.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.207.84.186 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS
srv1.comertteklif.com
Software
Apache /
Resource Hash
ae266619bb1a1527fcb20192d23240e6c95c8e5fda28a98084c1204fb2b3f281

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 12:59:09 GMT
Last-Modified
Thu, 09 Jan 2020 07:32:22 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
69505
20140711_112254.jpg
3.bp.blogspot.com/-Bt6ropmoLjM/U-vERTJEPNI/AAAAAAAADKs/2aTVQFAKRoANBSWiCBWx8lmAxTq2xeKBwCPcBGAYYCw/w1200-h630-p-k-no-nu/
119 KB
120 KB
Image
General
Full URL
https://3.bp.blogspot.com/-Bt6ropmoLjM/U-vERTJEPNI/AAAAAAAADKs/2aTVQFAKRoANBSWiCBWx8lmAxTq2xeKBwCPcBGAYYCw/w1200-h630-p-k-no-nu/20140711_112254.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
44a92b116ac5f3f12fec5035d6ca291ecf5e00588a323ee6aa4a1a004b1f397d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="20140711_112254.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121990
x-xss-protection
0
server
fife
etag
"vcab"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 20 Jun 2021 08:43:12 GMT
wp-emoji-release.min.js
na.1950smusic.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://na.1950smusic.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=3c827a414014a9862c74086c243c15c2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
na.1950smusic.com
referer
https://na.1950smusic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
214558
vary
Accept-Encoding
cf-request-id
0acb19f4b900000629ec39e000000001
last-modified
Sat, 01 May 2021 03:40:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"608ccd9e-3795"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jTRE8NHR6wH9iPAsC2lSZyefHole8J3C4l4m8wUuyUKGNnMTDbpga3c3R740AvyjSWmo6edih33PsU%2FJBM%2FpYdwZrX8tyzW1R1ah%2BbPUE0RmpMEEVUqBmwGpDCHVUM7j9uNjECzwqe%2BuqpE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
66252c345a720629-FRA
expires
Sat, 18 Jun 2022 01:23:10 GMT
print.css
na.1950smusic.com/wp-content/themes/twentynineteen/
4 KB
2 KB
Stylesheet
General
Full URL
https://na.1950smusic.com/wp-content/themes/twentynineteen/print.css?ver=2.0
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f111b1f427b5a8a9e99e36afb4c8c53c86ec6af60fe3274e43db9407073e5626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/twentynineteen/print.css?ver=2.0
pragma
no-cache
cookie
PHPSESSID=3c827a414014a9862c74086c243c15c2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
na.1950smusic.com
referer
https://na.1950smusic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3599107
vary
Accept-Encoding
cf-request-id
0acb19f4b900000629959b2000000001
last-modified
Sun, 09 May 2021 08:16:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"60979a4e-100f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dAz0Roc5yq8M55RRYNpGursXzEZd9zVuDT6tx6MCVcxNNayVRfxMK2L3KdtWNdHyTgD6FS8pZQx5RFP94JdIvv5CI0sFLZdDp3A8PkqJXpN2II5Q8QDzheSAzc5966G0sRn2jPjOgRH6qII%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
66252c345a780629-FRA
expires
Mon, 09 May 2022 21:14:01 GMT
/
www.facebook.com/login/
Redirect Chain
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1824577411114899
  • https://www.facebook.com/1824577411114899/photos/a.1824577551114885/1824577554448218/?type=3&is_lookaside=1
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2F1824577411114899%2Fphotos%2Fa.1824577551114885%2F1824577554448218%2F%3Ftype%3D3%26is_lookaside%3D1
0
0
Image
General
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2F1824577411114899%2Fphotos%2Fa.1824577551114885%2F1824577554448218%2F%3Ftype%3D3%26is_lookaside%3D1
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
P+pxKGcydLvaPBmbabLDrrFeiWcGxcLUZLchxIJQQ3tvEgkWvwtJ8tE1stFoH+UjGNSLQJzP3YE3IHI3IQpXLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 20 Jun 2021 12:59:09 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2F1824577411114899%2Fphotos%2Fa.1824577551114885%2F1824577554448218%2F%3Ftype%3D3%26is_lookaside%3D1
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
779686c2d1797389d6f1e7a6f156d0ab.jpg
img.letgo.com/images/77/96/86/c2/
23 KB
23 KB
Image
General
Full URL
https://img.letgo.com/images/77/96/86/c2/779686c2d1797389d6f1e7a6f156d0ab.jpg?impolicy=img_600_pwa
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:282::18e0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c0f8c92690cd34712928d1c2e52f3b08e6813c556b640f7d793f041723a58a12

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
last-modified
Sat, 19 Jun 2021 15:02:14 GMT
server
Akamai Image Manager
etag
"17ca90443536b4eacb163ea09e1ce04a"
content-type
image/webp
cache-control
no-transform, max-age=2592000
content-length
23432
expires
Tue, 20 Jul 2021 12:59:09 GMT
Permolit-ev-dekorasyonu-icin-renk-onerileri-rengin-psikolojik-etkisi-2018-07-28-5.jpg
www.permolitboya.com.tr/wp-content/uploads/2018/07/
270 KB
271 KB
Image
General
Full URL
https://www.permolitboya.com.tr/wp-content/uploads/2018/07/Permolit-ev-dekorasyonu-icin-renk-onerileri-rengin-psikolojik-etkisi-2018-07-28-5.jpg
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.190.107 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.107.190.130.94.clients.your-server.de
Software
nginx /
Resource Hash
0967ffb8284608756f19c80855a6a7a77ffb2ad6a8f6848870a9b5edc7f9803a

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
last-modified
Sat, 28 Jul 2018 21:49:38 GMT
server
nginx
etag
"5b5ce4f2-438ba"
content-type
image/jpeg
cache-control
max-age=315360000, public, no-transform
accept-ranges
bytes
content-length
276666
expires
Thu, 31 Dec 2037 23:55:55 GMT
grirenkevdekorasyonu.jpg
www.evdemimar.com/wp-content/uploads/2018/10/
0
0

wp-embed.min.js
na.1950smusic.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://na.1950smusic.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=3c827a414014a9862c74086c243c15c2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
na.1950smusic.com
referer
https://na.1950smusic.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3009142
vary
Accept-Encoding
cf-request-id
0acb19f4b900000629dcb57000000001
last-modified
Thu, 15 Apr 2021 06:02:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6077d706-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sIgwr2oVkSu66qI%2B7rMsHSHraq0FdbiYljjjc4z683AlN%2FRg8tVlFH1rHrT0KqrCL0q%2Fkts3jhE1plFQwH5m%2FxK33h%2BZBYFZcH9ULhroZGIepIqeDO3pUxFumXP6%2BIwld6nvVrNCDm6hdLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
cache-control
max-age=31536000
cf-ray
66252c345a760629-FRA
expires
Mon, 16 May 2022 17:06:46 GMT
truncated
/
808 B
808 B
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8

Request headers

Origin
https://na.1950smusic.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
images
encrypted-tbn0.gstatic.com/
2 KB
3 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Dec 2015 19:19:47 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2347
x-xss-protection
0
expires
Mon, 20 Jun 2022 12:59:09 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/
233 KB
86 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88106
x-xss-protection
0
server
cafe
etag
14514754445097133811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 12:59:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame 1739
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210616/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://na.1950smusic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://na.1950smusic.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 19 Jun 2021 19:02:37 GMT
expires
Sat, 03 Jul 2021 19:02:37 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
64592
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
204 B
662 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=na.1950smusic.com&callback=_gfp_s_&client=ca-pub-2491266223357270
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
866384aff1e6f694248813dcbb95d6ca9add9285b00f064f3767147ebc3a2ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=na.1950smusic.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Jun 2021 12:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=na.1950smusic.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Jun 2021 12:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 45BB
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2491266223357270&output=html&h=280&slotname=6094860864&adk=3843437353&adf=1850635622&pi=t.ma~as.6094860864&w=1200&fwrn=4&fwrnh=100&lmt=1624193949&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fna.1950smusic.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624193949018&bpp=10&bdt=259&idt=241&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2661213540519&frm=20&pv=2&ga_vid=2120621582.1624193949&ga_sid=1624193949&ga_hid=114367239&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060973%2C21065725&oid=3&pvsid=2791420289444126&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=fxbrcO5DcE&p=https%3A//na.1950smusic.com&dtd=286
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cd4c2c3af2c52242ed5ed5a258b2b75b31904a1c3a61cd686da9220ea1f002c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2491266223357270&output=html&h=280&slotname=6094860864&adk=3843437353&adf=1850635622&pi=t.ma~as.6094860864&w=1200&fwrn=4&fwrnh=100&lmt=1624193949&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fna.1950smusic.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624193949018&bpp=10&bdt=259&idt=241&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2661213540519&frm=20&pv=2&ga_vid=2120621582.1624193949&ga_sid=1624193949&ga_hid=114367239&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=4404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060973%2C21065725&oid=3&pvsid=2791420289444126&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=fxbrcO5DcE&p=https%3A//na.1950smusic.com&dtd=286
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://na.1950smusic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://na.1950smusic.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 20 Jun 2021 12:59:09 GMT
server
cafe
content-length
212
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 20-Jun-2021 13:14:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 20 Jun 2021 12:59:09 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:09 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842926269324"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28241
x-xss-protection
0
expires
Sun, 20 Jun 2021 12:59:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-2491266223357270&c=7&e=2570847921467975139&n=0&t=0&w=4019&x=6
Requested by
Host: na.1950smusic.com
URL: https://na.1950smusic.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Jun 2021 12:59:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6793
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2491266223357270&output=html&adk=1812271804&adf=3025194257&lmt=1624193949&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fna.1950smusic.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624193949333&bpp=2&bdt=573&idt=2&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=2661213540519&frm=20&pv=1&ga_vid=2120621582.1624193949&ga_sid=1624193949&ga_hid=114367239&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060973%2C21065725&oid=3&pvsid=2791420289444126&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2491266223357270&output=html&adk=1812271804&adf=3025194257&lmt=1624193949&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fna.1950smusic.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624193949333&bpp=2&bdt=573&idt=2&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=2661213540519&frm=20&pv=1&ga_vid=2120621582.1624193949&ga_sid=1624193949&ga_hid=114367239&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060973%2C21065725&oid=3&pvsid=2791420289444126&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=11&uci=a!b&fsb=1&dtd=26
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://na.1950smusic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://na.1950smusic.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 20 Jun 2021 12:59:09 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 20-Jun-2021 13:14:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 20 Jun 2021 12:59:09 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1653d9d77a367cf14ef2a36dabd42659d1b18d7d6f7bd29a0d20476d9f3636ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 20 Jun 2021 12:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7885
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2491266223357270&plah=na.1950smusic.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 20 Jun 2021 12:59:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame A732
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://na.1950smusic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://na.1950smusic.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 20 Jun 2021 12:40:58 GMT
expires
Mon, 20 Jun 2022 12:40:58 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9EA9
783 B
818 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d7418737f70576e0d99e2c536cf7025cad55b015759816b5f7a5eae4fa59fd1e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h3A88DAZ+LiFj/nVM1jAYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://na.1950smusic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://na.1950smusic.com/

Response headers

expires
Sun, 20 Jun 2021 12:59:19 GMT
date
Sun, 20 Jun 2021 12:59:19 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-h3A88DAZ+LiFj/nVM1jAYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js
pagead2.googlesyndication.com/bg/ Frame A732
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 12:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5758
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Jun 2022 12:46:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=2791420289444126&bg=!WFulWx_NAAZktE7iZLQ7ACkAdvg8WrkFVl_AslCMPB7cKXVXdphdNYLuRuKV5qYAeruls3bYRfPdvwIAAABdUgAAAAxoAQcKACU4EBBQPH6sqXwIVBgq3LdR5cSdIQsAqNilw0Iq4U_plrgUBqIvmQJzCjPPwqR4UlCzxlyGAANl8Vk4_AdIBXBaOPYW5NtRhfQDf0JWjBEBoNN9weM5AvAFw3JP93d2NqA_N_ushYf36isgstOLT_vRDfGGUqGr5ix9eC5QrlxghbkiwejFCsOg8vwAp4NkpxZeTcpPcBrvUsjMyxAUaSyPhTxC_MoznrTf_iAqFbwtKWaqZ8x_9WlMyHBQePsW-jlbZFl63kbdzgzDTbKx7Ss7xwm4MXoPZ8dgicIMMyapdTK_FW6gf00jQ9ep9SCnPRzbx0ZM8xcm2LMagr9ycgo24_lhOODfWdgpVm7yVQ0PEDd59SS6DLB6Oz9J475fZRpiH9SoAkDLz2zTm81ZcZsWeloQ5mUve7hUWQYI-Gtvq6erJ8grmzjBKpQ_YY68iV7XHPuPJ6jata6v_TQghKuoexF066ckNJUiVBYpuKWOOMPr-_bcPMaibcAOhn4_XAIfU-74Dvu1YLTfYYEXZXeAbAFwdOT96DaDr1ZIBD0nRgmoVvaJ-RvHRzNmgf_TuhMvEVkcv4Qjncu3KUC26KoF6cZS6FNulevRhIzGpPXmz41CA02FpuOVT5TkrW-cjpTHACz8ZrJdjNEq7Cgwky4DhXuWqf6CbPUzPCma2hzUUPJIWyxyuOgcAqqsRmYqHQ49VVknkp21RyO5nebYVha7o9QFiDFQ-MfM7lS291NXHXH8W5XLMWdyWe9mQST00Hoqsd86Otu0b7e84P0R007DtEUvcstHN2knVeSK86lPNPTlF-AtbDGs4LN5ILYtnG1n_swERHxE7HkyMerKyvrf6VBvB0fUeDdh9PqC9zwsm6yP7C8YHQ-nUEtK
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://na.1950smusic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Jun 2021 12:59:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
oyunlar.megaoyun.gen.tr
URL
https://oyunlar.megaoyun.gen.tr/db/resim/1338.jpg
Domain
www.tekhanboya.com
URL
https://www.tekhanboya.com/images/urun.gif
Domain
www.uyur.com
URL
https://www.uyur.com/img.php?src=up/2015/2015-07-06uyur-172b14eaae9c70dd.jpg&w=240&h=200
Domain
www.evdemimar.com
URL
https://www.evdemimar.com/wp-content/uploads/2018/10/grirenkevdekorasyonu.jpg

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| adsbygoogle object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
adservice.google.com
adservice.google.de
cdn.cimri.io
docplayer.net
encrypted-tbn0.gstatic.com
googleads.g.doubleclick.net
i.hizliresim.com
img.letgo.com
lookaside.fbsbx.com
modaboyarenkleri.com
na.1950smusic.com
oyunlar.megaoyun.gen.tr
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.bebek.com
www.evdemimar.com
www.facebook.com
www.gigbi.com
www.google.com
www.googletagservices.com
www.kraloyunskor.com
www.metpordekor.com
www.minicadde.com
www.permolitboya.com.tr
www.polzem.net
www.tekhanboya.com
www.unluboya.com.tr
www.uyur.com
oyunlar.megaoyun.gen.tr
www.evdemimar.com
www.tekhanboya.com
www.uyur.com
138.201.54.145
142.250.184.226
188.165.119.226
2606:4700:21::681b:c358
2606:4700:3030::6815:35d0
2606:4700:3033::ac43:b717
2606:4700:3034::6815:5bc
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a02:26f0:6c00:282::18e0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.207.84.186
31.3.2.72
77.223.131.139
77.245.158.190
89.163.146.119
89.252.178.203
94.130.190.107
00cf0fb36c7c8f1835c425a22ec0e32b250d5eed71004c85db3ac7f5a773ab4e
0967ffb8284608756f19c80855a6a7a77ffb2ad6a8f6848870a9b5edc7f9803a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8
1653d9d77a367cf14ef2a36dabd42659d1b18d7d6f7bd29a0d20476d9f3636ba
1913a2bba9a8624575ab4c1f3f79510fb0a2ae5e829aa5302e7c6ec085f1a53d
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
44a92b116ac5f3f12fec5035d6ca291ecf5e00588a323ee6aa4a1a004b1f397d
44d7a091786a12e0bc5b377f7d88dfe706141655c9e0ba2e6f226b1f603bb6a2
4bc7c5e49980cc5da06a9cea37394146343118c02f2c8b6446cb1c4c18dd2dd8
4ca6b7a2f0f09436a30382b9cb8120aedda56773f913544a8b88ba298f744b7f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f3ea9dda31c4f06f4a3ea880793f42de1a7b9b35047998872169aef3f9e15f3
7cd4c2c3af2c52242ed5ed5a258b2b75b31904a1c3a61cd686da9220ea1f002c
866384aff1e6f694248813dcbb95d6ca9add9285b00f064f3767147ebc3a2ffe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
abc0b501298f0bd0b8dce11d406939cb651695e9f10293044673331796fbca7c
ae266619bb1a1527fcb20192d23240e6c95c8e5fda28a98084c1204fb2b3f281
afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9
bf3ae6a4802ce62c2b56a6d2910b61261f739cd7c76bc6bda650b6a6c79d9077
c0f8c92690cd34712928d1c2e52f3b08e6813c556b640f7d793f041723a58a12
c378068eb8e1a20e2fa680b0abe34cd7a27d157b97576a8f271db9589f776857
d65ba8d2783b6f9ed50ae1b2d178f4f1495a255f64292b578d24ab43a81f20ec
d7418737f70576e0d99e2c536cf7025cad55b015759816b5f7a5eae4fa59fd1e
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
eb1906c66ecd674c9ea60b5200dc83a288e00d21a6360a0a3a4be0075231c8dd
f111b1f427b5a8a9e99e36afb4c8c53c86ec6af60fe3274e43db9407073e5626
fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9