URL: https://eyardmdestklerm.online/edevlet.php
Submission Tags: @ecarlesi threat phishing trcert Search All
Submission: On December 29 via api from IT — Scanned from SG

Summary

This website contacted 46 IPs in 6 countries across 73 domains to perform 150 HTTP transactions. The main IP is 45.32.116.103, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is eyardmdestklerm.online.
TLS certificate: Issued by R3 on December 28th 2023. Valid for: 3 months.
This is the only time eyardmdestklerm.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.32.116.103 20473 (AS-CHOOPA)
19 2a03:3f00:1::62 21245 (MEDIANOVA...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.64.153.173 13335 (CLOUDFLAR...)
1 67.202.105.34 32748 (STEADFAST)
3 13.224.250.80 16509 (AMAZON-02)
1 13.33.33.69 16509 (AMAZON-02)
1 67.202.105.33 32748 (STEADFAST)
1 13.33.88.100 16509 (AMAZON-02)
2 4 209.191.163.152 32475 (SINGLEHOP...)
4 54.192.150.70 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 141.94.171.216 16276 (OVH)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 104.18.35.167 13335 (CLOUDFLAR...)
9 17 18.140.27.177 16509 (AMAZON-02)
10 13 142.251.10.154 15169 (GOOGLE)
1 4 13.229.174.164 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 52.46.155.104 16509 (AMAZON-02)
1 2 23.106.127.169 59253 (LEASEWEB-...)
3 4 67.199.150.81 62713 (AS-PUBMATIC)
10 13.215.71.16 16509 (AMAZON-02)
3 3 34.225.109.145 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
7 7 15.197.193.217 16509 (AMAZON-02)
4 5 34.111.113.62 396982 (GOOGLE-CL...)
1 104.17.215.204 13335 (CLOUDFLAR...)
1 52.0.156.250 14618 (AMAZON-AES)
1 3.120.45.29 16509 (AMAZON-02)
5 5 13.57.161.129 16509 (AMAZON-02)
4 4 54.190.93.49 16509 (AMAZON-02)
2 3 35.244.154.8 396982 (GOOGLE-CL...)
1 2 18.155.68.41 16509 (AMAZON-02)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 216.46.185.183 13649 (ASN-FLEXE...)
2 2 54.146.46.22 14618 (AMAZON-AES)
5 5 103.43.90.21 29990 (ASN-APPNEX)
1 1 52.74.26.171 16509 (AMAZON-02)
2 2 122.248.253.6 16509 (AMAZON-02)
2 2 2001:df2:a300... 6336 (TURN-US-ASN)
5 5 18.143.106.89 16509 (AMAZON-02)
2 2 98.98.134.242 21859 (ZEN-ECN)
1 69.173.158.64 26667 (RUBICONPR...)
3 3 151.101.194.49 54113 (FASTLY)
1 3 184.26.21.187 16625 (AKAMAI-AS)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 35.230.38.116 396982 (GOOGLE-CL...)
4 63.251.14.3 14744 (INTERNAP-...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2404:6800:400... ()
3 23.44.0.196 ()
1 5 34.98.64.218 ()
2 2 13.33.88.71 ()
11 207.65.33.82 ()
1 1 18.138.18.111 ()
1 1 2620:116:800e... ()
1 2 35.186.193.173 ()
1 182.161.73.146 ()
1 1 103.3.63.48 ()
1 2406:da18:929... ()
1 207.65.33.76 ()
2 2 2a02:fa8:c411... ()
150 46
Apex Domain
Subdomains
Transfer
19 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 793
ads.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
38 KB
19 e-devlet.gov.tr
cdn.e-devlet.gov.tr — Cisco Umbrella Rank: 118647
247 KB
18 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
42 KB
17 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
9 KB
13 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
2 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
10 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
data.adsrvr.org
3 KB
6 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com
2 KB
5 openx.net
us-u.openx.net
jp-u.openx.net
1 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
4 KB
5 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1768
2 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4856
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6028
data-beacons.s-onetag.com — Cisco Umbrella Rank: 14842
15 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
778 B
3 w55c.net
i.w55c.net — Cisco Umbrella Rank: 1431
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
d.agkn.com — Cisco Umbrella Rank: 686
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
896 B
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 13327
ic.tynt.com — Cisco Umbrella Rank: 11417
de.tynt.com — Cisco Umbrella Rank: 1577
11 KB
3 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 14358
5 KB
2 dotomi.com
pubmatic-match.dotomi.com
744 B
2 ctnsnet.com
ipac.ctnsnet.com
664 B
2 ladsp.com
cr-p3.ladsp.com
1 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1554
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
958 B
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
ad.turn.com Failed
868 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
2 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1285
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
2 KB
2 eyardmdestklerm.online
eyardmdestklerm.online
5 KB
1 appier.net
gocm.c.appier.net
436 B
1 criteo.com
dis.criteo.com
363 B
1 quantserve.com
cms.quantserve.com
495 B
1 ambientdsp.com
cm.ambientdsp.com
655 B
1 2mdn.net
s0.2mdn.net
490 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 648
404 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
454 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-eu.rubiconproject.com Failed
pixel-us-east.rubiconproject.com Failed
675 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1812
72 B
1 sharethis.com
sync.sharethis.com — Cisco Umbrella Rank: 2848
549 B
1 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1408
299 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2193
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 24329
444 B
1 33across.com
cdn-tc.33across.com — Cisco Umbrella Rank: 25423
459 B
1 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2888
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2916
400 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 15253
614 B
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 17707
206 B
1 waust.at
waust.at — Cisco Umbrella Rank: 43427
7 KB
0 adform.net Failed
c1.adform.net Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 iprom.net Failed
core.iprom.net Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 socdm.com Failed
tg.socdm.com Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 blismedia.com Failed
tr.blismedia.com Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 opera.com Failed
t.adx.opera.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
150 73
Domain Requested by
19 cdn.e-devlet.gov.tr eyardmdestklerm.online
cdn.e-devlet.gov.tr
17 ps.eyeota.net 9 redirects eyardmdestklerm.online
bcp.crwdcntrl.net
data-beacons.s-onetag.com
13 cm.g.doubleclick.net 10 redirects bcp.crwdcntrl.net
us-u.openx.net
10 sync.crwdcntrl.net bcp.crwdcntrl.net
ads.pubmatic.com
6 simage2.pubmatic.com ads.pubmatic.com
6 match.adsrvr.org 6 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 aorta.clickagy.com 5 redirects
5 pixel.tapad.com 4 redirects ads.pubmatic.com
4 us-u.openx.net 1 redirects ce.lijit.com
us-u.openx.net
4 ce.lijit.com ap.lijit.com
ce.lijit.com
us-u.openx.net
ads.pubmatic.com
4 dpm.demdex.net 4 redirects
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
4 tags.crwdcntrl.net t.dtscout.com
cdn-tc.33across.com
tags.crwdcntrl.net
4 ap.lijit.com 2 redirects eyardmdestklerm.online
data-beacons.s-onetag.com
ce.lijit.com
3 ads.pubmatic.com ce.lijit.com
ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 ib.adnxs.com 3 redirects
3 idsync.rlcdn.com 2 redirects bcp.crwdcntrl.net
3 i.liadm.com 3 redirects
3 get.s-onetag.com t.dtscout.com
get.s-onetag.com
3 t.dtscout.com waust.at
t.dtscout.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 cr-p3.ladsp.com 2 redirects
2 x.dlx.addthis.com 1 redirects
2 um.simpli.fi 2 redirects
2 px.ads.linkedin.com 1 redirects
2 secure.adnxs.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 d.turn.com 2 redirects
2 pm.w55c.net 2 redirects
2 sync.srv.stackadapt.com 2 redirects ads.pubmatic.com
2 aa.agkn.com 1 redirects bcp.crwdcntrl.net
2 sync.smartadserver.com 1 redirects bcp.crwdcntrl.net
2 s.amazon-adsystem.com 1 redirects bcp.crwdcntrl.net
ce.lijit.com
2 eyardmdestklerm.online cdn.e-devlet.gov.tr
1 image4.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 jp-u.openx.net us-u.openx.net
1 s0.2mdn.net ce.lijit.com
1 data.adsrvr.org 1 redirects
1 trc.taboola.com
1 tags.bluekai.com bcp.crwdcntrl.net
1 token.rubiconproject.com bcp.crwdcntrl.net
1 i.w55c.net 1 redirects
1 global.ib-ibi.com bcp.crwdcntrl.net
1 d.agkn.com 1 redirects
1 sync.sharethis.com bcp.crwdcntrl.net
1 loadus.exelator.com bcp.crwdcntrl.net
1 dmp.truoptik.com bcp.crwdcntrl.net
1 i6.liadm.com bcp.crwdcntrl.net
1 a.dtssrv.com t.dtscout.com
1 cdn-tc.33across.com de.tynt.com
1 spl.zeotap.com eyardmdestklerm.online
1 pixel.onaudience.com 1 redirects
1 t.dtscdn.com t.dtscout.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 de.tynt.com cdn.tynt.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 ic.tynt.com eyardmdestklerm.online
1 cdn.tynt.com waust.at
1 whos.amung.us waust.at
1 waust.at eyardmdestklerm.online
0 c1.adform.net Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 dps.jp.cinarra.com Failed ads.pubmatic.com
0 sync-dsp.ad-m.asia Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 tg.socdm.com Failed us-u.openx.net
0 creativecdn.com Failed ce.lijit.com
0 tr.blismedia.com Failed ce.lijit.com
0 ums.acuityplatform.com Failed ce.lijit.com
0 bh.contextweb.com Failed ce.lijit.com
0 cs.krushmedia.com Failed ce.lijit.com
0 pixel-us-east.rubiconproject.com Failed ce.lijit.com
0 x.bidswitch.net Failed ce.lijit.com
ads.pubmatic.com
0 t.adx.opera.com Failed ce.lijit.com
ads.pubmatic.com
0 match.prod.bidr.io Failed ce.lijit.com
0 rtb.mfadsrvr.com Failed ce.lijit.com
0 ad.turn.com Failed ce.lijit.com
us-u.openx.net
ads.pubmatic.com
0 pixel-eu.rubiconproject.com Failed ce.lijit.com
150 95

This site contains links to these domains. Also see Links.

Domain
giris.turkiye.gov.tr
www.turkiye.gov.tr
whos.amung.us
Subject Issuer Validity Valid
eyardmdestklerm.online
R3
2023-12-28 -
2024-03-27
3 months crt.sh
cdn.e-devlet.gov.tr
GlobalSign RSA OV SSL CA 2018
2023-02-07 -
2024-03-10
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-06-04 -
2024-06-03
a year crt.sh
dtscout.com
GTS CA 1P5
2023-11-20 -
2024-02-18
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-05 -
2024-09-30
a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M03
2023-11-04 -
2024-12-01
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
dtscdn.com
GTS CA 1P5
2023-11-15 -
2024-02-13
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
dtssrv.com
GTS CA 1P5
2023-11-25 -
2024-02-23
3 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-29 -
2024-06-11
a year crt.sh
sharethis.com
Amazon RSA 2048 M02
2023-07-03 -
2024-07-31
a year crt.sh
*.ib-ibi.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-21 -
2024-04-02
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-11 -
2024-12-11
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
eyeota.net
GoGetSSL RSA DV CA
2023-03-08 -
2024-04-07
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-13 -
2024-11-10
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh

This page contains 32 frames:

Primary Page: https://eyardmdestklerm.online/edevlet.php
Frame ID: 78412A94AB1DD325A4BCDA983B3979AD
Requests: 53 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001703824049E1888C943FC079E620
Frame ID: F36E8B9B6A7A0022A2E01EE8D1556B86
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 41B7A8BC5358FE299FD89D11C1153D10
Requests: 3 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 66FE43E21738E78E1E3335D327A942CD
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: B15F87DB1BB4427197D0834329E62EED
Requests: 24 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B0885D84CC5BC274BEAEE4C1535A541E
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 993FA07EBE37C3A938D6EB88E2097A0A
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: ACE64B5925FDF508AE326F5D94B7D80F
Requests: 15 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: BCF148E1897CF13C9107F4DF997F6544
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: C03FDA988188FD256FD87BEB66118FC5
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 8F7633637913D49A1B3A2D13A519CF67
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2033964874176587787&gdpr=0&gdpr_consent=
Frame ID: BA37E870CE8BAA267FDB8D232B23E84B
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C5BE6FAC130552917C2A5D5EB622F584
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12vz7gz7o4il
Frame ID: 9E899245E71F40F746E7F5FDBC8C59C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H3himx0sOMkEfWzLSyt3nBF0Y5sEfDzNEX1Bqm5I
Frame ID: FD2B99588E337DD3089E4DB00413B18F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 6F120CDE01B12F359B955694541F7498
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 26733C13E784A0A83ED1A5E797302914
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=ad711c9542814b0f925d428bfc3b077c
Frame ID: D713FDC6D3F356B2ECF2D0285FEBA0A4
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2CA63ABB53E4EBD25F0DF3960E6008EB
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9DB72FF39F9C364C632B37860D57A3D6
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 0BFF87B7C32C9F029EEC85B2E43DCFAD
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 96FF34F873472DFD46914C696CB3D44A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=sqpr5nBuAzSbHSOKt0qOZQ
Frame ID: B726976CD4132B8D1AFE64CF96FB5A8C
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 587F5E0F149C26EC15E94FFA17528E62
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 2893BCB7B813604CAEA3D61D5DAC9DFD
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=A6A32691-C220-4578-B9DA-9F2B713D8CEE
Frame ID: FA1039A99CB9C11D23BB079C8B0031CE
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 64041BD89787B643F1315AC8BF46C578
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7CDF6EEA703CF49DE8EA539C40BC47AF
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 038F3716DF7626F2F7F4ADCF79770640
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 058B20A35904021BEF07FA99F85F92AA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:w2PwiIZn1Rj4t55&gdpr=0&gdpr_consent=
Frame ID: 30A9B48CBB31F12969981B01623EAB4E
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=A6A32691-C220-4578-B9DA-9F2B713D8CEE
Frame ID: D78D0A6D1387BA298A14EDA31414CEA7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

e-Devlet Kapısı

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

150
Requests

48 %
HTTPS

25 %
IPv6

73
Domains

95
Subdomains

46
IPs

6
Countries

392 kB
Transfer

715 kB
Size

78
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 35
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001703824049E1888C943FC079E620 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=8abd63740d055c2a
Request Chain 37
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=k3eNWWWOSrIHOLzCT9SSNQ%3D%3D&us_privacy=&33random=1703824050354.1&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=k3eNWWWOSrIHOLzCT9SSNQ%3D%3D&us_privacy=&33random=1703824050354.1&cat=33across HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjhzZTJrMmtXSW5pVFl2SHlEcmNkbXp0NV9TUm00bkRzZHJxNkxjRmtLTTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjhzZTJrMmtXSW5pVFl2SHlEcmNkbXp0NV9TUm00bkRzZHJxNkxjRmtLTTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEDgxYpz8DklCHA5UtLsLpac&google_cver=1
Request Chain 38
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=k3eNWWWOSrIHOLzCT9SSNQ%3D%3D&us_privacy=&33random=1703824050354.3&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=k3eNWWWOSrIHOLzCT9SSNQ%3D%3D&us_privacy=&33random=1703824050354.3&cat=33across HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjhzZTJrMmtXSW5pVFl2SHlEcmNkbXp0NV9TUm00bkRzZHJxNkxjRmtLTTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjhzZTJrMmtXSW5pVFl2SHlEcmNkbXp0NV9TUm00bkRzZHJxNkxjRmtLTTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEAbhFPDlIrnJg6r8DyrfAYk&google_cver=1
Request Chain 46
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=31769d339fb0819d128420ac7008a2a6 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=31769d339fb0819d128420ac7008a2a6&dcc=t
Request Chain 47
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Request Chain 48
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A6A32691-C220-4578-B9DA-9F2B713D8CEE&gdpr=0
Request Chain 49
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=31769d339fb0819d128420ac7008a2a6 HTTP 303
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=31769d339fb0819d128420ac7008a2a6&_li_chk=true&previous_uuid=68fef71f18cc4047aa7928017959c683 HTTP 303
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=31769d339fb0819d128420ac7008a2a6
Request Chain 50
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3/gdpr=0/gdpr_consent=
Request Chain 51
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=31769d339fb0819d128420ac7008a2a6&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=31769d339fb0819d128420ac7008a2a6&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8efd5c0c-e8b3-46dc-aba2-da15ad37db78%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D8efd5c0c-e8b3-46dc-aba2-da15ad37db78%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3&ttd_puid=8efd5c0c-e8b3-46dc-aba2-da15ad37db78%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D8efd5c0c-e8b3-46dc-aba2-da15ad37db78%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8efd5c0c-e8b3-46dc-aba2-da15ad37db78
Request Chain 55
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=31769d339fb0819d128420ac7008a2a6 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:4749fc4cff7635038f2a9e2f4c7e7d8d&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:4749fc4cff7635038f2a9e2f4c7e7d8d&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=01259425453145656780959881531314863491 HTTP 302
  • https://idsync.rlcdn.com/420246.gif?partner_uid=c:4749fc4cff7635038f2a9e2f4c7e7d8d HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJbTGRIuCioIARD1lgkaImM6NDc0OWZjNGNmZjc2MzUwMzhmMmE5ZTJmNGM3ZTdkOGQQABoNCLSVuawGEgUI6AcQAEIASgA HTTP 307
  • https://aorta.clickagy.com/pixel.gif?ch=114&cm=2fc7ad7054bb75e430f8ddb0378a265e9285af115804bde6d6e11d13feead4d725abae5358c0e7bc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Yzo0NzQ5ZmM0Y2ZmNzYzNTAzOGYyYTllMmY0YzdlN2Q4ZA HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESENK3r0bkUcUAyjmVaAkzuPM&google_cver=1 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:4749fc4cff7635038f2a9e2f4c7e7d8d&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1703824053446&ip=103.254.153.204&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D209190804745001230609 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=209190804745001230609 HTTP 302
  • https://idsync.rlcdn.com/420246.gif?partner_uid=c:4749fc4cff7635038f2a9e2f4c7e7d8d
Request Chain 57
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-3874cdef-0c15-5ae8-7710-2c42adfd5479$ip$103.254.153.204&gdpr=0&gdpr_consent=
Request Chain 58
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=31769d339fb0819d128420ac7008a2a6&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D1%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D1%2526dc_mr%253D5%2526dc_orig%253D51mdg9u%2526 HTTP 302
  • https://ps.eyeota.net/match?uid=2033964874176587787&bid=2cr76e1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=w2PwiIZn1Rj4t55&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4096297378881174216&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=18cb3d3c941-4763000001084cd8&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=18cb3d3c941-4763000001084cd8&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=01259425453145656780959881531314863491&dc_rc=4&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3&bid=1e2n4ou
Request Chain 59
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-0m2TOTBE2pze1KfydmU92V_kKSzRmcaleWA-~A&gdpr=0
Request Chain 60
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=c8a653c4-81fc-4a5a-89f7-ad30f3497e82-658e4ab3-5347/gdpr=0
Request Chain 62
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZY5KswAKdRYHUwBU HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZY5KswAKdRYHUwBU/gdpr=0&_test=ZY5KswAKdRYHUwBU
Request Chain 67
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/31769d339fb0819d128420ac7008a2a6/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4096297378881174216/gdpr=0
Request Chain 68
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=289942270 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2033964874176587787/gdpr=0/rand=289942270
Request Chain 69
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H5nLBSZHawLObLM-R3uJDdSY&rnd=46920 HTTP 303
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H5nLBSZHawLObLM-R3uJDdSY&rnd=46920&_li_chk=true&previous_uuid=888531a2965a4c07acfc7607a2056174 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=888531a2-965a-4c07-acfc-7607a2056174 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7eb31c60-f4a4-4d24-9ee2-2bab3b490217%3A1703824053.086021&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7eb31c60-f4a4-4d24-9ee2-2bab3b490217%253A1703824053.086021%26_%3D1703824053.0880466&cb=1703824053.0880837 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1972928496191188776&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7eb31c60-f4a4-4d24-9ee2-2bab3b490217%253A1703824053.086021%26_%3D1703824053.0880466 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7eb31c60-f4a4-4d24-9ee2-2bab3b490217%3A1703824053.086021&_=1703824053.0880466 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJZ3dJ99kpULJByIKtOswzg&google_cver=1
Request Chain 70
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H5nLBSZHawLObLM-R3uJDdSY&rand=51485&pu= HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H5nLBSZHawLObLM-R3uJDdSY&rand=51485&pu=&expected_cookie=c7b663b1-cc48-4407-aae6-4ec1cb4f041b
Request Chain 71
  • https://um.simpli.fi/lj_match?r=46106 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=C98352849FBF41E4A9462BDE70B83D64
Request Chain 72
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H5nLBSZHawLObLM-R3uJDdSY&rnd=48094 HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=888531a2-965a-4c07-acfc-7607a2056174 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=888531a2-965a-4c07-acfc-7607a2056174&rd=Y
Request Chain 75
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H5nLBSZHawLObLM-R3uJDdSY/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=31769d339fb0819d128420ac7008a2a6
Request Chain 77
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
  • https://ps.eyeota.net/match?uid=ZY5KswAKdRYHUwBU&bid=0rijhbu&referrer_pid=51md42u
Request Chain 78
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-_HhtL0xE2pXEj.X8MbqIKdUIXkuChxo6D6c-~A
Request Chain 79
  • https://sync.srv.stackadapt.com/sync?nid=eyeota HTTP 302
  • https://ps.eyeota.net/match?bid=tpm4omv&uid=OHTN7wwVWuh3ECxCrf1UeWf-mcw&gdpr=&gdpr_consent=
Request Chain 80
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7ri0rgu%26uid%3D%23PM_USER_ID HTTP 302
  • https://ps.eyeota.net/match?bid=7ri0rgu&uid=A6A32691-C220-4578-B9DA-9F2B713D8CEE
Request Chain 84
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3&gdpr=0&gdpr_consent=
Request Chain 85
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=2033964874176587787&gdpr=0&gdpr_consent=
Request Chain 87
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDVuTEJTWkhhd0xPYkxNLVIzdUpEZFNZ&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 88
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c8a653c4-81fc-4a5a-89f7-ad30f3497e82-658e4ab3-5347&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dc8a653c4-81fc-4a5a-89f7-ad30f3497e82-658e4ab3-5347%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=c8a653c4-81fc-4a5a-89f7-ad30f3497e82-658e4ab3-5347&gdpr=0&gdpr_consent=
Request Chain 89
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1703824055138 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3487082183
Request Chain 91
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H5nLBSZHawLObLM-R3uJDdSY&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:4749fc4cff7635038f2a9e2f4c7e7d8d
Request Chain 92
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
Request Chain 93
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=KWz91Ss4p4cyafOFfT_o0idg_NUyaKODJ2msZaDi
Request Chain 105
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 110
  • https://match.adsrvr.org/track/cmf/openx?oxid=46c1bed4-7a3f-3099-68d7-8d5fdaab1b9b&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3&ttd_puid=46c1bed4-7a3f-3099-68d7-8d5fdaab1b9b&gdpr=0&gdpr_consent=
Request Chain 112
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARHafX3teKxMks8AED41wbn-nM8AAAGMs9PbuA
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdvzcNhaf4PF1ETb8qbUmk&google_cver=1
Request Chain 116
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2033964874176587787&gdpr=0&gdpr_consent=
Request Chain 117
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 118
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12vz7gz7o4il
Request Chain 119
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=H3himx0sOMkEfWzLSyt3nBF0Y5sEfDzNEX1Bqm5I
Request Chain 122
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=ad711c9542814b0f925d428bfc3b077c
Request Chain 127
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=sqpr5nBuAzSbHSOKt0qOZQ
Request Chain 135
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:w2PwiIZn1Rj4t55&gdpr=0&gdpr_consent=
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pqMmkcIgRXi52p8rcT2M7g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 138
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A6A32691-C220-4578-B9DA-9F2B713D8CEE HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D8efd5c0c-e8b3-46dc-aba2-da15ad37db78%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2033964874176587787&pt=8efd5c0c-e8b3-46dc-aba2-da15ad37db78%2C%2C
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTZBMzI2OTEtQzIyMC00NTc4LUI5REEtOUYyQjcxM0Q4Q0VF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGRVXgPxU7evz0A4AOtFgbs&google_cver=1
Request Chain 143
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C98352849FBF41E4A9462BDE70B83D64
Request Chain 145
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3&gdpr=0&gdpr_consent=
Request Chain 147
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A6A32691-C220-4578-B9DA-9F2B713D8CEE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OaWqD9FE2uVIIcjM60GGkiaZs4aeHxo-~A&gdpr=0
Request Chain 149
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A6A32691-C220-4578-B9DA-9F2B713D8CEE&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=17f3f5250a621ff7&is_secure=true&networkId=17100&version=1&nuid=A6A32691-C220-4578-B9DA-9F2B713D8CEE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALbxtj92T2yQN_Zvu5AAAAAAA&expiration=1703910455&nuid=A6A32691-C220-4578-B9DA-9F2B713D8CEE&is_secure=true&gdpr_consent=&gdpr=0

150 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request edevlet.php
eyardmdestklerm.online/
18 KB
5 KB
Document
General
Full URL
https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.116.103 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.116.103.vultrusercontent.com
Software
nginx / PHP/8.2.13 PleskLin
Resource Hash
8deb9341dfa5e46656efe474cfbdab9e0d644fb8446ad46840bf6116ae4848ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-length
4948
content-type
text/html; charset=UTF-8
date
Fri, 29 Dec 2023 04:27:27 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.13 PleskLin
login-main.css
cdn.e-devlet.gov.tr/themes/izmir/css/
48 KB
8 KB
Stylesheet
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
72ea23b5e8e5a91ce77956a6a8d3fd8e60a09a641e25a19ddae9e56c9a1c8369

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
br
last-modified
Thu, 14 Dec 2023 13:23:28 GMT
server
MNCDN-262
x-mnrequest-id
f51c38f4c34e3d6bb6421c5663f85b64
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
max-age=7200
x-mserver
DE-372
expires
Fri, 29 Dec 2023 06:27:28 GMT
common_messages_tr.1.9.4.js
cdn.e-devlet.gov.tr/themes/izmir/js/es/
2 KB
1 KB
Script
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/es/common_messages_tr.1.9.4.js
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
2e07a062dd6ef5194e94abe7f3524ff371fff1a4c902e74d70f9bb20bd026fbd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 12:08:59 GMT
server
MNCDN-262
x-mnrequest-id
eb8857ed984e3a7f53e2071a1e31b6f4
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:28 GMT
login_messages_tr.1.9.4.js
cdn.e-devlet.gov.tr/themes/izmir/js/es/
113 B
462 B
Script
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/es/login_messages_tr.1.9.4.js
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
1f4fb231fa2e4087e368def58287b4c6fb2bb7897eb8bad2d26a527ddce31535

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
last-modified
Fri, 29 Sep 2023 12:10:58 GMT
server
MNCDN-262
x-mnrequest-id
6de82b52a8d6dbbce95fcaa6b50fe95d
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, User-Agent
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
113
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:28 GMT
deeplinker.1.9.4.css
cdn.e-devlet.gov.tr/themes/izmir/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/css/deeplinker.1.9.4.css
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
3e8da71627c410cb0ad8fddabf44140d4f64a6f29c58ae9e5d43ef347bead32c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 12:09:30 GMT
server
MNCDN-262
x-mnrequest-id
82407c7f6059570fce840e5b890523d4
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
max-age=7200
x-mserver
DE-372
expires
Fri, 29 Dec 2023 06:27:28 GMT
deeplinker.1.9.4.js
cdn.e-devlet.gov.tr/themes/izmir/js/lib/
3 KB
2 KB
Script
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/lib/deeplinker.1.9.4.js
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
64eda04046f3b2a90f80e986fcc7f9bd9915876ce25e7ad72bdeca6267bd615a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 12:09:20 GMT
server
MNCDN-262
x-mnrequest-id
83536a24819a6025b425b9f7f9496d7d
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:28 GMT
edk-logo.png
cdn.e-devlet.gov.tr/themes/izmir/images/login/
46 KB
46 KB
Image
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/images/login/edk-logo.png
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
4faed36fd7f15db218ec40b7e8ac0eb0633f3aab5bc06704e1e1704f6919fd2b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 13:28:11 GMT
server
MNCDN-262
x-mnrequest-id
fc81200673dabebda65b5e8aebe36aaa
x-edge-location
DE-372
etag
W/"6405ea6b-296c"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/png
cache-control
max-age=7200
x-mserver
DE-372
expires
Fri, 29 Dec 2023 06:27:28 GMT
1.png
cdn.e-devlet.gov.tr/themes/istanbul/images/agencies/
2 KB
2 KB
Image
General
Full URL
https://cdn.e-devlet.gov.tr/themes/istanbul/images/agencies/1.png
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
47013a87bbc33ff5886fedcf93fa58f82c71088ad95e0dc6235f100d7806b265

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Sun, 10 Dec 2017 13:50:20 GMT
server
MNCDN-262
x-mnrequest-id
a0cfdbcc8ea692f36e040906a42d5839
x-edge-location
DE-372
etag
W/"5a2d3b9c-73f"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/png
cache-control
max-age=7200
x-mserver
2137
expires
Fri, 29 Dec 2023 06:27:28 GMT
DDO-logo.png
cdn.e-devlet.gov.tr/themes/nevsehir/images/
15 KB
15 KB
Image
General
Full URL
https://cdn.e-devlet.gov.tr/themes/nevsehir/images/DDO-logo.png
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
7b11adc35edaea4da7980d7a5ec9cfb74bf1b059e26d98c617934ab75fcb3ff2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 09:21:21 GMT
server
MNCDN-262
x-mnrequest-id
592c3966fe2e8a7f99efe06d9f765318
x-edge-location
DE-372
etag
W/"5fb24491-2e58"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/png
cache-control
max-age=7200
x-mserver
2137
expires
Fri, 29 Dec 2023 06:27:28 GMT
common.js
cdn.e-devlet.gov.tr/themes/izmir/js/
140 KB
47 KB
Script
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/common.js
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
420f296200042c4b98b123cbc1d0d0c86e0ec4e6add04b360fdd5895b17b1ca7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2023 15:48:08 GMT
server
MNCDN-262
x-mnrequest-id
4734dded0850d749d796a06392e951c4
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:28 GMT
jquery.jcryption.js
cdn.e-devlet.gov.tr/themes/izmir/js/es/
65 KB
21 KB
Script
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/es/jquery.jcryption.js
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
790c8abfa03882377c7a9302bdb14dd1c3dab477280255161bc016d7b5f3b121

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 12:09:39 GMT
server
MNCDN-262
x-mnrequest-id
db4520276585ce837baddb5de151e191
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:28 GMT
edk-giris.1.9.4.js
cdn.e-devlet.gov.tr/themes/izmir/js/es/
7 KB
3 KB
Script
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/js/es/edk-giris.1.9.4.js
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
5321407b0003dfc9bfbf7aca90dd30627e4713155f079a6d36e14cda038c0662

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Mon, 11 Dec 2023 11:07:37 GMT
server
MNCDN-262
x-mnrequest-id
321fcfbb912e2dc73c4a7cb10775206b
age
6711
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:28 GMT
d.js
waust.at/
14 KB
7 KB
Script
General
Full URL
https://waust.at/d.js
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2079
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Jan 2023 17:19:17 GMT
server
cloudflare
etag
W/"63c04115-3972"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhTi41dJyLhIKQgLTogcmzRMqFDSxFdVwwktKtHStotNAr8mj9%2FVGDJn7fMK08zk7jpJYAG3qJXXikcDZyfZnaAevvwKnkPPMa1lXZOn8BZ6FSlQlHdpgTjD690hNTaNgHKuXmJj"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
83cf4a6a89a34643-SIN
expires
Sat, 30 Dec 2023 03:52:48 GMT
apple-touch-icon.1.7.png
cdn.e-devlet.gov.tr/themes/ankara/images/favicons/
4 KB
5 KB
Image
General
Full URL
https://cdn.e-devlet.gov.tr/themes/ankara/images/favicons/apple-touch-icon.1.7.png
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
132d9f8de7c7076ea62122e6a0754c050c612bd5b6ad8e0107dfa8c3bfd29920

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:28 GMT
content-encoding
gzip
last-modified
Sun, 10 Dec 2017 13:50:21 GMT
server
MNCDN-262
x-mnrequest-id
236d5120c028e55d3faddd46437dd45b
x-edge-location
DE-372
etag
W/"5a2d3b9d-e88"
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/png
cache-control
max-age=7200
x-mserver
2200
expires
Fri, 29 Dec 2023 06:27:28 GMT
P5sBzZCDf9_T_1Wi4TRDrZKF09E3.165.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/
9 KB
10 KB
Font
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.165.woff2
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
b1fd7ed49a8246ec384c86e59d428c8ab8bbcbb247eaa0f8866d92f47ce7b6f5

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Origin
https://eyardmdestklerm.online
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
br
last-modified
Mon, 06 Mar 2023 13:28:11 GMT
server
MNCDN-262
x-mnrequest-id
b1b7c15213c4ce3305b1d00cfdfa0771
age
5993
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:29 GMT
P5sMzZCDf9_T_10ZxCFuj5-v.165.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/
9 KB
10 KB
Font
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sMzZCDf9_T_10ZxCFuj5-v.165.woff2
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
7d79596300bbb0d5208efbeb996a0dd57030fb5bed5f8d1ec3e909054c41ec72

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Origin
https://eyardmdestklerm.online
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
br
last-modified
Mon, 06 Mar 2023 13:28:11 GMT
server
MNCDN-262
x-mnrequest-id
3a9952add6a3be1dd1e34a9691dcfda1
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:29 GMT
edkicon.165.165.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/grs-icon/
7 KB
8 KB
Font
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/grs-icon/edkicon.165.165.woff2
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
22d3ab917787db16d0e1d331270084d1179654a14e0a955ffd2fb1f8c2e67608

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Origin
https://eyardmdestklerm.online
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
br
last-modified
Thu, 14 Dec 2023 13:24:19 GMT
server
MNCDN-262
x-mnrequest-id
e36ffacc756f2a463a349602bbf477cb
age
5461
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:29 GMT
P5sCzZCDf9_T_10c9CNkiL2t2dk.165.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/
10 KB
10 KB
Font
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9CNkiL2t2dk.165.woff2
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
ad13b3fe0d7ffedfef7b0495f001577ceafcf0da1691cccd060ce8171137e7b7

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Origin
https://eyardmdestklerm.online
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
br
last-modified
Mon, 06 Mar 2023 13:28:11 GMT
server
MNCDN-262
x-mnrequest-id
cbd205393c92a1ad294d505a612733ce
age
5993
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:29 GMT
P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.165.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/
19 KB
19 KB
Font
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.165.woff2
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
baa4939ce5526f6345842e8324ea0a248d0e139eef54fe377492fd44a79803a5

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Origin
https://eyardmdestklerm.online
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
br
last-modified
Mon, 06 Mar 2023 13:28:11 GMT
server
MNCDN-262
x-mnrequest-id
e98ed6923c59c5d4246534b360f217da
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:29 GMT
P5sMzZCDf9_T_10XxCFuj5-v6dg.165.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/
19 KB
19 KB
Font
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sMzZCDf9_T_10XxCFuj5-v6dg.165.woff2
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
1f634d0016221534cb3f7a6f0a369972d44cb2b5f7b5b17c70144be47791c882

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Origin
https://eyardmdestklerm.online
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
br
last-modified
Mon, 06 Mar 2023 13:28:11 GMT
server
MNCDN-262
x-mnrequest-id
c36ff0f3ee0779377beeaa158e882109
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:29 GMT
P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.165.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/
20 KB
20 KB
Font
General
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.165.woff2
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:3f00:1::62 , Turkey, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software
MNCDN-262 /
Resource Hash
9c6e2b09ac19fe1395ca10c2872f9b132eb136faedb9bd7896779453497fec87

Request headers

Referer
https://cdn.e-devlet.gov.tr/themes/izmir/css/login-main.css
Origin
https://eyardmdestklerm.online
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
br
last-modified
Mon, 06 Mar 2023 13:28:11 GMT
server
MNCDN-262
x-mnrequest-id
8ed1f364b3e87047321f8b6b7b77d691
age
5471
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
x-mserver
DE-372
expires
Thu, 28 Mar 2024 04:27:29 GMT
/
t.dtscout.com/i/
7 KB
4 KB
Script
General
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&j=
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d4e744dedc8a4fc15e921a55494bc9070b20d46fc07501fc89a9b42b3919fb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
x-t
0.349
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojShiDXxB2%2FfDg77LaRtyFpXPhlW7TCjfaF5trrlxCV3OoJMc3sQomOcPAbI52vNBkCUHLNDmjfuDQoDgjdhWIuw6NClCNQFnj2HJpTZkbCYVOtg%2FhUq%2F11CSGUHGgPrhvTGDPuudrrzVCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl1
cf-ray
83cf4a7349ad5c30-SIN
expires
Fri, 29 Dec 2023 04:27:28 GMT
CryptoServlet
eyardmdestklerm.online/
808 B
500 B
XHR
General
Full URL
https://eyardmdestklerm.online/CryptoServlet?generateKeyPair=true&pn=%2Fedevlet.php&ajax=1&token=
Requested by
Host: cdn.e-devlet.gov.tr
URL: https://cdn.e-devlet.gov.tr/themes/izmir/js/common.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.116.103 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.116.103.vultrusercontent.com
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://eyardmdestklerm.online/edevlet.php
X-Requested-With
XMLHttpRequest
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
br
last-modified
Thu, 28 Dec 2023 15:52:38 GMT
server
nginx
etag
W/"328-60d93e7a62caa"
content-type
text/html
/
whos.amung.us/pingjs/
28 B
206 B
Script
General
Full URL
https://whos.amung.us/pingjs/?k=6y0s88g8g4&t=e-Devlet%20Kap%C4%B1s%C4%B1&c=d&x=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&y=&a=0&v=27&r=6450
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
378954a7cd4cc761d09aa00243be7f0aceb314faf1268994e6b48b7082451b5d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83cf4a7368433fa1-SIN
alt-svc
h3=":443"; ma=86400
content-type
text/javascript;charset=UTF-8
tc.js
cdn.tynt.com/
26 KB
9 KB
Script
General
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
99866
etag
W/"651ed18d-66a6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83cf4a750a3f3dfa-SIN
expires
Mon, 01 Jan 2024 04:27:29 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
p
ic.tynt.com/b/
35 B
648 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!6y0s88g8g4&lm=0&ts=1703824049519&dn=TC&iso=0&pu=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&t=e-Devlet%20Kap%C4%B1s%C4%B1&chmob=0
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/edevlet.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:30 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
/
t.dtscout.com/idg/ Frame F36E
1 KB
761 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=6D001703824049E1888C943FC079E620
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae87dc8d205baa74b3922c688b494104becb2656d0b7312b24b914b8871207e

Request headers

Referer
https://eyardmdestklerm.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83cf4a767e325c30-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Dec 2023 04:27:30 GMT
expires
Fri, 29 Dec 2023 04:27:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pLEu6p99FsZd4G4hDxmd%2Fg6Q1U%2FCTt%2F3tJai2mSiezXZdGWxXVHUiHRWLpqwjMf1zUJQeCGDpLzF1Bj4DoHQClNLTG0mFEvjZUUVkCH6XGbrGuyKaulv3ziSKOLJu3oS7CRryiCHnyUl88%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 cd09c7e66aa65f123adc53975394570c.cloudfront.net (CloudFront)
date
Thu, 28 Dec 2023 20:45:10 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
27740
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
omldGHMPrUOir4-TBnXJCn1AOtsHYxsHP7HZgIu_fPSGEZXca7eZfw==
/
t.dtscout.com/pv/
51 B
387 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=eyardmdestklerm.online&_ss=5mguba2zhg&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=31pp&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9c69263d9aa122ae934ad0d67a0ef5a615937a6ca0f1fb7c128de5a36975fa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:30 GMT
x-t
0.145
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sj54OdUWdoZEd6MN3Ro4KYP7tl2ap1e9j5lJgzBqfT2EdzRUKkGmijrMjp3SNrOzWjC7FDe%2B0UFSlltGZO4VRK7gCn08p6Lx8W5rL%2FLN8ZEY9Ptv7ZsHkfxdINaBpSAZdY0WMBra1xXZLxs%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83cf4a767e345c30-SIN
expires
Fri, 29 Dec 2023 04:27:29 GMT
/
onetag-geo.s-onetag.com/
535 B
943 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-69.sin2.r.cloudfront.net
Software
/
Resource Hash
c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:29 GMT
via
1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront), 1.1 d5845d4e49f77b7f0c9511096875b3b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2, SIN2-P1
x-amzn-requestid
37c60c9a-6974-4088-9a67-ba28b2cce7ab
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
QsCb1EDPiYcEuTQ=
content-length
535
x-amz-cf-id
dN6XlpcrkZGmhVLJ9xvg_6qCEtI8YGmiOuIHON3pEUkwYiP_7tNAQQ==
v2
de.tynt.com/deb/
811 B
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=w!6y0s88g8g4&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
ca05c291817a912e6ee9e9ac3c15a296e8a1114de5785dca25b7b204f503e81c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/edevlet.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Fri, 29 Dec 2023 04:27:29 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
811
expires
Sat, 26 Jul 1997 05:00:00 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-100.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
date
Fri, 29 Dec 2023 04:13:31 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
840
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
SU5OrG2OFkZ4QLTvPkFx4juMfqnOQEvihkxn5d9NJsJsyWYuBs5DRQ==
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
470 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
HTTP/1.1
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0b517a63668c4d964d45918440bd433bc25a0a0de471589cf847c869e241f80d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 04:27:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://eyardmdestklerm.online
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Fri, 29 Dec 2023 04:27:30 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://eyardmdestklerm.online
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
58 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-70.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 02:01:16 GMT
content-encoding
gzip
via
1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
8775
x-amz-server-side-encryption
AES256
etag
W/"eb52f900499b46d1088df97dad487c73"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
VgDCqAsVkR05oEF35SpbDBXrrQ1o04udf_3CkL_h6XEHpETIDCh-bA==
/
t.dtscdn.com/widget/
0
614 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=6D001703824049E1888C943FC079E620&nid=0&p=836148727&t=-480&s=1600x1200x24&u=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&r=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:30 GMT
x-t
1.36
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T407hUM2zr%2BGlzVOgxqk7EJv6FwgxkmAcJ2Rd71qGADgiqX6O0w2nY%2Bm4Ia6S8HaV%2F8syFfQKh4Li%2Balj7AekjlNuuOv66oIFpuC3sR8BJcwqyS9YYKfHQOsbIOKj2RXBSB%2BU3NyIOSKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web16.ny1.dtscdn.com
cf-ray
83cf4a79dd974943-SIN
expires
Fri, 29 Dec 2023 04:25:43 GMT
/
spl.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001703824049E1888C943FC079E620
  • https://spl.zeotap.com/?zdid=1332&zcluid=8abd63740d055c2a
0
0
Image
General
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=8abd63740d055c2a
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
H2
Server
2606:4700:e0::ac40:6d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=8abd63740d055c2a
content-length
0
lotame-sync.html
cdn-tc.33across.com/ Frame 41B7
343 B
459 B
Document
General
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!6y0s88g8g4&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer
https://eyardmdestklerm.online/edevlet.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
105978
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
83cf4a7b9acd3e5f-SIN
content-encoding
gzip
content-type
text/html
date
Fri, 29 Dec 2023 04:27:30 GMT
etag
W/"651ed188-157"
expires
Mon, 01 Jan 2024 04:27:30 GMT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
vary
Accept-Encoding
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=k3eNWWWOSrIHOLzCT9SSNQ%3D%3D&us_privacy=&33random=1703824050354.1&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=k3eNWWWOSrIHOLzCT9SSNQ%3D%3D&us_privacy=&33random=1703824050354.1&cat=33across
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjhzZTJrMmtXSW5pVFl2SHlEcmNkbXp0NV9TUm00bkRzZHJxNkxjRmtLTTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjhzZTJrMmtXSW5pVFl2SHlEcmNkbXp0NV9TUm00bkRzZHJxNkxjRmtLTTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEDgxYpz8DklCHA5UtLsLpac&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEDgxYpz8DklCHA5UtLsLpac&google_cver=1
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
HTTP/1.1
Server
18.140.27.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/edevlet.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 29 Dec 2023 04:27:30 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Fri, 29 Dec 2023 04:27:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEDgxYpz8DklCHA5UtLsLpac&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
419
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=k3eNWWWOSrIHOLzCT9SSNQ%3D%3D&us_privacy=&33random=1703824050354.3&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=k3eNWWWOSrIHOLzCT9SSNQ%3D%3D&us_privacy=&33random=1703824050354.3&cat=33across
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjhzZTJrMmtXSW5pVFl2SHlEcmNkbXp0NV9TUm00bkRzZHJxNkxjRmtLTTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjhzZTJrMmtXSW5pVFl2SHlEcmNkbXp0NV9TUm00bkRzZHJxNkxjRmtLTTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEAbhFPDlIrnJg6r8DyrfAYk&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEAbhFPDlIrnJg6r8DyrfAYk&google_cver=1
Requested by
Host: eyardmdestklerm.online
URL: https://eyardmdestklerm.online/edevlet.php
Protocol
HTTP/1.1
Server
18.140.27.177 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/edevlet.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 29 Dec 2023 04:27:30 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Fri, 29 Dec 2023 04:27:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEAbhFPDlIrnJg6r8DyrfAYk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
419
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 41B7
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-70.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 20:03:23 GMT
content-encoding
gzip
via
1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:51:51 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
30278
x-amz-server-side-encryption
AES256
etag
W/"b054dbc49b30695b40107158fb25e846"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
i7fjnkU9JL3tDD4FvlKQ3ePtqfu9z-7BhVm2LFNbWbNHup_cObC66A==
map
bcp.crwdcntrl.net/6/ Frame 41B7
156 B
617 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.174.164 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-174-164.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1c3a295a86726c396385fdcec586d1a570f65a8134da8f5a8df3ceee71458be6

Request headers

Referer
https://cdn-tc.33across.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 04:27:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.42.21.243
access-control-allow-credentials
true
content-length
156
expires
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-70.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://eyardmdestklerm.online/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Dec 2023 18:48:33 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
34738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-id
Dbhd5TbOvpvDDVRGcXzTQs7cVaNd2unqdI3OmZYguH6jIbsH27VTyw==
data
bcp.crwdcntrl.net/6/
316 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.174.164 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-174-164.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
15f544bb61e867f90eeae50472a8bb1e682d9fb3292405d63965cb75db6c6d1d

Request headers

Referer
https://eyardmdestklerm.online/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 04:27:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://eyardmdestklerm.online
cache-control
no-cache
x-server
10.42.2.41
access-control-allow-credentials
true
content-length
316
expires
0
a
a.dtssrv.com/
0
444 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=6D001703824049E1888C943FC079E620&k=lotpano&v=7a8800a9acc515bad47f80c1166316d539381cb06d04db3e2fc0668e4e1c361d
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Feyardmdestklerm.online%2Fedevlet.php&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eyardmdestklerm.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 04:27:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5x6EDdQUlLiBaRXo%2FA89iePb7SNZg3WDnBcMkW7ikuOWkwRmsIArzrXeS%2FEicnUrZAWfZQc%2BqEm8lr5RLZvG%2BhcHugEuJ2R45UjTBqqLmvjSfA1sRHZ5%2BIlDfelRQyEqqGRYsm6mLuZzcR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83cf4a7e7d8c602f-SIN
alt-svc
h3=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 66FE
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-70.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://eyardmdestklerm.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
29528
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 28 Dec 2023 20:16:25 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
x-amz-cf-id
SEKoJqAV1LUbsMs5HqPP0T2mJLyOgzLHe8H3wQktD8xTA2eAD_L3oA==
x-amz-cf-pop
SIN2-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame B15F
4 KB
4 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.174.164 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-174-164.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
84252b293153ee28d274f521bbbc4916ad5e007176f365726acbcc6751bee379

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache
content-length
4011
content-type
text/html
date
Fri, 29 Dec 2023 04:27:30 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.23.48
dcm
s.amazon-adsystem.com/ Frame B15F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=31769d339fb0819d128420ac7008a2a6
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=31769d339fb0819d128420ac7008a2a6&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=31769d339fb0819d128420ac7008a2a6&dcc=t
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Dec 2023 04:27:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
74XM0H2PEE0ASC5D5M4B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Dec 2023 04:27:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HTMM3AGS5GGHTVGSGZY0
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=31769d339fb0819d128420ac7008a2a6&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame B15F
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
0
316 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
23.106.127.169 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 04:27:31 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Fri, 29 Dec 2023 04:27:30 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
qmap
sync.crwdcntrl.net/ Frame B15F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A6A32691-C220-4578-B9DA-9F2B713D8CEE&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A6A32691-C220-4578-B9DA-9F2B713D8CEE&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
13.215.71.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-71-16.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 04:27:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.7.106
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A6A32691-C220-4578-B9DA-9F2B713D8CEE&gdpr=0
date
Fri, 29 Dec 2023 04:27:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
41715
i6.liadm.com/s/ Frame B15F
Redirect Chain
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=31769d339fb0819d128420ac7008a2a6
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=31769d339fb0819d128420ac7008a2a6&_li_chk=true&previous_uuid=68fef71f18cc4047aa7928017959c683
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=31769d339fb0819d128420ac7008a2a6
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=31769d339fb0819d128420ac7008a2a6
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:1f78:90d5:b44a:4236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 04:27:33 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=31769d339fb0819d128420ac7008a2a6
Date
Fri, 29 Dec 2023 04:27:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3/gdpr=0/ Frame B15F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3/gdpr=0/gdpr_consent=
49 B
266 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=153%2C148%2C136%2C122%2C116%2C106%2C104%2C100%2C81%2C79%2C78%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
13.215.71.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-71-16.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 04:27:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.30.162
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3/gdpr=0/gdpr_consent=
date
Fri, 29 Dec 2023 04:27:30 GMT
server
Kestrel
content-length
249
tpid=8efd5c0c-e8b3-46dc-aba2-da15ad37db78
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame B15F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=31769d339fb0819d128420ac7008a2a6&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=31769d339fb0819d128420ac7008a2a6&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8efd5c0c-e8b3-46dc-aba2-da15ad37db78%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a2fe133f-dcf3-4b8b-bc99-f48ca1f144f3&ttd_puid=8efd5c0c-e8b3-46dc-aba2-da15ad37db78%2Chttps%253A%252F%252Fsync.crwdcntrl.n...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8efd5c0c-e8b3-46dc-aba2-da15ad37db78
49 B
265 B
Image