urlscan.io logo urlscan.io
SecurityTrails logo

arsiv.sahadan.com Open in urlscan Pro
82.222.8.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sahadan.com/
Effective URL: http://arsiv.sahadan.com/Default.aspx
Submission: On January 03 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 14 countries across 56 domains to perform 274 HTTP transactions. The main IP is 82.222.8.82, located in Izmir, Turkey and belongs to TELLCOM-AS, TR. The main domain is arsiv.sahadan.com.
This is the only time arsiv.sahadan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 195.244.61.20 43391 (NETDIREKT-AS)
1 1 2.16.186.99 20940 (AKAMAI-ASN1)
24 82.222.8.82 34984 (TELLCOM-AS)
27 77.223.147.102 43391 (NETDIREKT-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 94.130.135.117 24940 (HETZNER-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 104.111.215.191 16625 (AKAMAI-AS)
1 13.224.193.44 16509 (AMAZON-02)
1 51.83.238.53 16276 (OVH)
13 142.250.181.226 15169 (GOOGLE)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
14 89.187.169.47 60068 (CDN77 ^_^)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 37.157.2.239 198622 (ADFORM)
19 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 37.157.6.235 198622 (ADFORM)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.193.92 16509 (AMAZON-02)
1 1 3.137.80.24 16509 (AMAZON-02)
1 52.84.66.94 16509 (AMAZON-02)
1 7 2a00:1450:400... 15169 (GOOGLE)
21 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 178.33.196.208 16276 (OVH)
1 13.225.73.71 16509 (AMAZON-02)
4 17 142.250.185.98 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
2 3 185.33.223.38 29990 (ASN-APPNEX)
1 3 13.225.73.22 16509 (AMAZON-02)
3 146.59.30.104 16276 (OVH)
1 138.201.63.117 24940 (HETZNER-AS)
1 2600:1901:0:7... 15169 (GOOGLE)
1 5 138.201.135.164 24940 (HETZNER-AS)
1 1 151.101.66.49 54113 (FASTLY)
1 66.155.71.149 13768 (COGECO-PEER1)
2 2 51.178.20.139 16276 (OVH)
3 3 18.157.214.75 16509 (AMAZON-02)
2 2 63.33.204.129 16509 (AMAZON-02)
5 8 8.39.36.141 26667 (RUBICONPR...)
1 18.182.119.142 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.117.200.100 16625 (AKAMAI-AS)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
2 212.102.38.47 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
1 63.33.8.36 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 169.50.137.184 36351 (SOFTLAYER)
1 1 159.65.197.210 14061 (DIGITALOC...)
2 2 193.232.148.140 48061 (UMA-TECH-AS)
1 52.200.159.188 14618 (AMAZON-AES)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 84.200.5.215 31400 (ACCELERAT...)
1 1 46.4.62.19 24940 (HETZNER-AS)
1 82.113.101.132 6805 (TDDE-ASN1)
1 1 88.99.63.132 24940 (HETZNER-AS)
1 82.113.101.236 6805 (TDDE-ASN1)
4 46.236.13.147 12703 (PULSANT-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.159 16625 (AKAMAI-AS)
2 13.225.73.126 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 185.29.132.245 30419 (MEDIAMATH...)
1 35.244.174.68 15169 (GOOGLE)
2 2 35.71.131.137 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
4 54.72.0.164 16509 (AMAZON-02)
274 62
1    195.244.61.20 (Turkey)

ASN43391 (NETDIREKT-AS, TR)
sahadan.com
1    2.16.186.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-99.deploy.static.akamaitechnologies.com
www.sahadan.com
24    82.222.8.82 (Izmir, Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: host-82-222-8-82.reverse.superonline.net
arsiv.sahadan.com
hm.cdn.md
27    77.223.147.102 (Turkey)

ASN43391 (NETDIREKT-AS, TR)
is.cdn.md
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    94.130.135.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.135.130.94.clients.your-server.de
b.cdn.md
2    2606:4700:3033::ac43:9ddd (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.eksiup.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    13.224.193.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-44.fra2.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    51.83.238.53 (France)

ASN16276 (OVH, FR)
PTR: ns3162352.ip-51-83-238.eu
go.admost.com
13    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.dimml.io
14    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
run.admost.com
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
21    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
19    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
5    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.224.193.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-92.fra2.r.cloudfront.net
certify.alexametrics.com
1    3.137.80.24 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-80-24.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    52.84.66.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-66-94.mad51.r.cloudfront.net
a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net
7    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
21    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    178.33.196.208 (France)

ASN16276 (OVH, FR)
PTR: ip208.ip-178-33-196.eu
gatr.hit.gemius.pl
str.hit.gemius.pl
1    13.225.73.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-71.fra2.r.cloudfront.net
b.scorecardresearch.com
17    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    13.225.73.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-22.fra2.r.cloudfront.net
sb.scorecardresearch.com
3    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
1    138.201.63.117 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de
hal9000.redintelligence.net
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
5    138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal900015.redintelligence.net
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
c.eu1.dyntrk.com
3    18.157.214.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-214-75.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    63.33.204.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-204-129.eu-west-1.compute.amazonaws.com
ads.avct.cloud
8    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    18.182.119.142 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-119-142.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    212.102.38.47 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-212-102-38-47.datapacket.com
js.duhnet.tv
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    63.33.8.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-8-36.eu-west-1.compute.amazonaws.com
baltar.dimml.io
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    193.232.148.140 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.sender.ltmse.com
px.adhigh.net
1    52.200.159.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-159-188.compute-1.amazonaws.com
sync.adaptv.advertising.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.o2online.de
1    82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
1    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.blau.de
1    82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
4    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
daznplayervod.daznservices.com
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2.18.232.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-159.deploy.static.akamaitechnologies.com
images.performgroup.com
2    13.225.73.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-126.fra2.r.cloudfront.net
analytics.webgains.io
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a05:d018:d29:3605:5da:b029:1b25:7ea6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
51 cdn.md
is.cdn.md
b.cdn.md
hm.cdn.md
974 KB
41 googlesyndication.com
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
194 KB
34 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
226 KB
21 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
293 KB
15 admost.com
go.admost.com
run.admost.com
18 KB
14 adform.net
track.adform.net
s1.adform.net
155 KB
10 rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
19 KB
9 gemius.pl
gatr.hit.gemius.pl
ls.hit.gemius.pl
str.hit.gemius.pl
41 KB
8 google.com
adservice.google.com
www.google.com
1 KB
7 google-analytics.com
www.google-analytics.com
56 KB
7 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
464 KB
6 webgains.io
analytics.webgains.io
api.webgains.io
102 KB
6 redintelligence.net
hal9000.redintelligence.net
hal900015.redintelligence.net
11 KB
5 ampproject.org
cdn.ampproject.org
103 KB
4 webgains.com
track.webgains.com
77 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 scorecardresearch.com
b.scorecardresearch.com
sb.scorecardresearch.com
4 KB
4 googletagservices.com
www.googletagservices.com
146 KB
4 dimml.io
cdn.dimml.io
baltar.dimml.io
10 KB
4 sahadan.com
sahadan.com
www.sahadan.com
arsiv.sahadan.com
16 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 google.de
adservice.google.de
1 KB
2 adsrvr.org
match.adsrvr.org
1 KB
2 yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
769 B
2 blau.de
partner.blau.de
portal.blau.de
2 KB
2 o2online.de
partner.o2online.de
portal.o2online.de
2 KB
2 lead-alliance.net
www.lead-alliance.net
1 KB
2 telefonica-partner.de
www.telefonica-partner.de
573 B
2 pubmatic.com
image6.pubmatic.com
1 KB
2 adhigh.net
px.adhigh.net
960 B
2 duhnet.tv
js.duhnet.tv
332 KB
2 avct.cloud
ads.avct.cloud
890 B
2 dyntrk.com
c.eu1.dyntrk.com
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
4 KB
2 gstatic.com
fonts.gstatic.com
43 KB
2 cloudfront.net
d31qbv1cthcecs.cloudfront.net
a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net
2 KB
2 bluekai.com
tags.bluekai.com
979 B
2 eksiup.com
cdn.eksiup.com
8 KB
1 rlcdn.com
id.rlcdn.com
417 B
1 mathtag.com
sync.mathtag.com
430 B
1 performgroup.com
images.performgroup.com
5 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 daznservices.com
daznplayervod.daznservices.com
1 googletagmanager.com
www.googletagmanager.com
32 KB
1 advertising.com
sync.adaptv.advertising.com
14 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 simpli.fi
um.simpli.fi
710 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 office-partner.de
adv.office-partner.de
1 KB
1 adingo.jp
cc.adingo.jp
44 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 everesttech.net
sync-tm.everesttech.net
535 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
238 B
1 alexametrics.com
certify.alexametrics.com
551 B
0 netmng.com Failed
google2waycm.netmng.com Failed
274 56
Domain Requested by
27 is.cdn.md arsiv.sahadan.com
22 hm.cdn.md arsiv.sahadan.com
19 tpc.googlesyndication.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
arsiv.sahadan.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
17 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
arsiv.sahadan.com
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
17 pagead2.googlesyndication.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
arsiv.sahadan.com
srcdoc
www.googletagservices.com
securepubads.g.doubleclick.net
14 run.admost.com go.admost.com
13 securepubads.g.doubleclick.net cdn.eksiup.com
securepubads.g.doubleclick.net
arsiv.sahadan.com
9 track.adform.net daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
s1.adform.net
8 ad4m.at s1.adform.net
ad4m.at
as.ad4m.at
7 assets.ad4m.at as.ad4m.at
7 www.google-analytics.com 1 redirects arsiv.sahadan.com
www.google-analytics.com
6 as.ad4m.at ad4m.at
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
as.ad4m.at
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 hal900015.redintelligence.net 1 redirects daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
hal900015.redintelligence.net
5 s1.adform.net track.adform.net
s1.adform.net
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.google.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 api.webgains.io analytics.webgains.io
4 track.webgains.com as.ad4m.at
hal900015.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 gatr.hit.gemius.pl 1 redirects arsiv.sahadan.com
gatr.hit.gemius.pl
4 www.googletagservices.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
3 pixel.rubiconproject.com 1 redirects
3 x.bidswitch.net 3 redirects
3 ls.hit.gemius.pl gatr.hit.gemius.pl
ls.hit.gemius.pl
str.hit.gemius.pl
3 sb.scorecardresearch.com 1 redirects arsiv.sahadan.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 cdn.dimml.io arsiv.sahadan.com
cdn.dimml.io
3 ajax.googleapis.com arsiv.sahadan.com
hal900015.redintelligence.net
2 match.adsrvr.org 2 redirects
2 analytics.webgains.io track.webgains.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 image6.pubmatic.com 2 redirects
2 px.adhigh.net 2 redirects
2 imasdk.googleapis.com arsiv.sahadan.com
imasdk.googleapis.com
2 str.hit.gemius.pl arsiv.sahadan.com
str.hit.gemius.pl
2 js.duhnet.tv arsiv.sahadan.com
2 eus.rubiconproject.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
eus.rubiconproject.com
2 ads.avct.cloud 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 stats.g.doubleclick.net arsiv.sahadan.com
www.google-analytics.com
2 googleads.g.doubleclick.net daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
arsiv.sahadan.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
2 tags.bluekai.com 1 redirects arsiv.sahadan.com
2 cdn.eksiup.com arsiv.sahadan.com
cdn.eksiup.com
2 b.cdn.md arsiv.sahadan.com
2 arsiv.sahadan.com arsiv.sahadan.com
1 pr-bh.ybp.yahoo.com
1 id.rlcdn.com
1 sync.mathtag.com
1 ads.yahoo.com
1 images.performgroup.com arsiv.sahadan.com
1 s0.2mdn.net imasdk.googleapis.com
1 daznplayervod.daznservices.com arsiv.sahadan.com
1 portal.blau.de as.ad4m.at
1 partner.blau.de 1 redirects
1 portal.o2online.de as.ad4m.at
1 partner.o2online.de 1 redirects
1 www.googletagmanager.com adv.office-partner.de
1 sync.adaptv.advertising.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
1 match.adsby.bidtheatre.com 1 redirects
1 um.simpli.fi 1 redirects
1 dclk-match.dotomi.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
1 baltar.dimml.io cdn.dimml.io
1 adv.office-partner.de hal900015.redintelligence.net
1 static-de.ad4mat.net as.ad4m.at
1 cc.adingo.jp daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 prod-rtb.ad4mat.net arsiv.sahadan.com
1 hal9000.redintelligence.net daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
1 b.scorecardresearch.com arsiv.sahadan.com
1 a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net arsiv.sahadan.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com 1 redirects
1 certify.alexametrics.com arsiv.sahadan.com
1 go.admost.com arsiv.sahadan.com
1 d31qbv1cthcecs.cloudfront.net arsiv.sahadan.com
1 www.sahadan.com 1 redirects
1 sahadan.com 1 redirects
0 google2waycm.netmng.com Failed daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
274 85

This site contains links to these domains. Also see Links.

Domain
www.sahadan.com
www.beygir.com
www.mackolik.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-16 -
2022-06-15		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
redintelligence.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
adv.office-partner.de
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
san2.daznservices.com
DigiCert SHA2 Secure Server CA		 2021-09-15 -
2022-02-03		 5 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh

This page contains 28 frames:

Primary Page: http://arsiv.sahadan.com/Default.aspx
Frame ID: 40DD96FA405F7B116B0E7A8BB4EB057C
Requests: 107 HTTP requests in this frame

Frame: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AECD791FDE12D4A120D52AEBEF94517A
Requests: 1 HTTP requests in this frame

Frame: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 305EA209D84A2BCB0F2CE8326C337DDE
Requests: 3 HTTP requests in this frame

Frame: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Frame ID: EF22B6D851527B594685F397A116BA27
Requests: 16 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=38516434;rtbwp=YdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw;rtbdata=sE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA&client=ca-pub-5610649146674306&adurl=
Frame ID: E72171566DCB096AF971A4019EDAA186
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: A0DC7B88D3368AC67FED84A7F523C95F
Requests: 15 HTTP requests in this frame

Frame: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 207DE5EF5957575ECE560D55E154327F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUpUCU7jNl9Cwb6VcZkULFvDuyxur1wthX-hHhfCkwuoJ3AwXg8jLyBT2PT2tq8Es2ONpdB6L4STPamj3HpALwSpkdTWNjFAvOvgpq9cI3fLXhKqbprULxD4kJKU9PH90u3z-FF0xMYZR6TDUNPNZcVD-SGsQouvU6nLTWI1ehjx0zxJtDAPECgS8OomxLU8KK3RO0xhQpvmz9bL0idmnaEYIX4Gg
Frame ID: D85D56FF04CD19F8C23EE542173A12CC
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6BE59D5BD1A13CF95540440F71A8D893
Requests: 1 HTTP requests in this frame

Frame: http://ls.hit.gemius.pl/lsget.html
Frame ID: 71DC241045E2B5D92D7BAF24FAB1E085
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5E049941DF49739617B8468D96FBD4D2
Requests: 3 HTTP requests in this frame

Frame: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5399943BE8AE62AD97BA21E66724F04A
Requests: 19 HTTP requests in this frame

Frame: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 390C879DEFB5E46EDB1414F33A73FA39
Requests: 11 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html?mode=new
Frame ID: 65ED3C5CA42AF23800ECF922C35EC574
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=7014c860c328835e7df58231c776f13a%2F6630878077882258243&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641250711952&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA%26client%3Dca-pub-5610649146674306%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw%3Bcrtbdata%3DsE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6Ha-lgF5_WBtApDuN7OhTDB6uLSLp8O8JBgdwXR2i2DqUvHSfvQbrKWYoB6QNn2QHZ57bdp-DsExYsX4De8FoXoTV-xGKFmUIVEkL36Sy4pNrNccP7cMh0SvW2yZ-XGaBRTJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttp%253a%252f%252farsiv.sahadan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: 0330C5C5DEE719EDEB232D767AA443A4
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kcwr9xd6kfa6e4q8r423gk8ggs9z0v22dvdaf38f226r3gw50mhqg0ewcw4e9w7z034fe9vhr1nhh477zywhnxnba9qysqw0x01yfn1ytkkjy3pxz5e178zzs87cntsrwntt545dvhrkqrpdqvj4g8f36963r3mqxhjtmdr7azf91cmk48arj189e81z1qn51hbcn9rmgfkfsth48kbzr7zw3nbwsgdevezg6wpq19977k534e0pq2ksqstrq7ksbv0ec4x41abx7gy06y35jcpfhfft6nmd8ew3rmasa3qc52khwgf238tst40y4mm67pmd18gpz8rz18jxnwrdfgsfd5nkr3k9da2kpcaszy7jzngf3v513ksjtym79dn8ge238y1shpnkebkmkmmjqgh6jmbv3fg4hgwh8ejkajv596hs00cp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%26client%3Dca-pub-5610649146674306%26adurl%3D
Frame ID: DF974DF29DD2B1F6470973242A6FBCE2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F95714347FFFBE5FD6E99D9D202F047
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6CA96F43A04928D698CECA05CA766462
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&geo=eu&co=de
Frame ID: E420D1D6D0F3EF7028F8DED5D032520C
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1DC591E339EFCA92C9C228003ED47800
Requests: 9 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 81CDDE3251B9EB1B1E6FFE3DFCC475E1
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
Frame ID: BE4DCB0D0AD1D939E6A16EBCD46A5CF6
Requests: 9 HTTP requests in this frame

Frame: http://ls.hit.gemius.pl/lsget.html
Frame ID: CAD4E784BD2BA5E8FDB2C61B4115AF7A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Frame ID: 215CB0DF6EAD0D8B273C0E948373D96D
Requests: 14 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.493.0_tr.html
Frame ID: 8BCAA9D67303DF882A72673C75E2B1E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8E8981E5BD617C704F3413B45DD16FA8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3F161AA92BC7128F95EAF012A3491AD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC41731B1023F5E0AC08FE6D5EAB27C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sahadan.com - iddaa, canlı maç sonuçları, maç skorları, puan durumu, spor haberleri, futbol, iddaa programı, istatistikler, İddaa

Page URL History Show full URLs

  1. http://sahadan.com/ HTTP 302
    https://www.sahadan.com/ HTTP 302
    http://arsiv.sahadan.com/Default.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

274
Requests

57 %
HTTPS

33 %
IPv6

56
Domains

85
Subdomains

62
IPs

14
Countries

3358 kB
Transfer

11918 kB
Size

61
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sahadan.com/ HTTP 302
    https://www.sahadan.com/ HTTP 302
    http://arsiv.sahadan.com/Default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • http://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan HTTP 301
  • https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Request Chain 110
  • http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
  • http://a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net/test.png
Request Chain 111
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 125
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 126
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=365469808&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&utmhid=1547982108&utmr=-&utmp=%2FDefault.aspx&utmht=1641250711828&utmac=UA-241588-1&utmcc=__utma%3D140208355.1874813665.1641250711.1641250711.1641250711.1%3B%2B__utmz%3D140208355.1641250712.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1418327923&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=365469808&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&utmhid=1547982108&utmr=-&utmp=%2FDefault.aspx&utmht=1641250711828&utmac=UA-241588-1&utmcc=__utma%3D140208355.1874813665.1641250711.1641250711.1641250711.1%3B%2B__utmz%3D140208355.1641250712.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1418327923&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=1874813665.1641250711&jid=1418327923&_v=5.7.2&z=365469808
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsCInjXQP0CDBFCTygzT3s&google_cver=1
Request Chain 130
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdN-l2IlIu05xDlYtyPWoQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsCInjXQP0CDBFCTygzT3s&google_cver=1
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPP12tyyO2OJtuC4R5TSJbs&google_cver=1
Request Chain 132
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwNzY4OTk1MzA3MTg3MDg0OA%3D%3D
Request Chain 135
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1641250711872&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1641250711872&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c9=
Request Chain 172
  • https://hal900015.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=951f813a0e&subid=&uid=e9796d4a9074e978&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxLa7l3_TYeLoEpre3wPIo4TYD92t6Khgu4_f1IgK8C4QASC6l-0eYJXikIKgB8gBCakClQjGCvbwsj6oAwGqBOgBT9DtccN_nob0MBfpd3AD46chFW5d_-ePKuUSbvu7CN5w8r_fpZBCUR45INq3AMRn71pzSh9DNHNoWMYWgXuzdAWOUH_tR2WzZp2tEIJkDmIGcTWQFif0-tWlQlgbNoTvKT0YYznpkyEki49zZkkWrAUN7YJIRe7vftsm1MgYlYXuhoFNjT8OMnggmEX4-29Mm2An7wSbWsQW2vMnEz_3XGipc4gmiRVdeu_dqCXIS4H-FrkhXLs7LBrCfEs3Xub5kmCz2-A1wZGYm7znU0JSLjOTne3DEhTk2lLgnxD4f8G0YjIAbPz6-cAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w%26sig%3DAOD64_1OTZ0759Bf-93UGNlrImTjMxm7jA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-DWbReOzBXhOW-zxLe2QtM91n9TkVSbozJ9r_OyBnRtmCaSSSdFWfPoZ0Jme5iBJ6fk6TGQzdQNUu0Ph-akqvMhGEeeu0kfCiCj0YkSdILtiy7ZO2i-BKJLb2q_pDj5GiEcou9eAsjtko_Q0hgICYHlLnmfXg%26cry%3D1%26dbm_d%3DAKAmf-Bx-X1jCSzmVCbSAm0JYLXgf5YBUQWgei4mUmIFLISN7CDRGusEVuZLna9syZbq3CvBXUI2brSdzYgqRjzXqKmI0flM29oT_BD5EIXPGnuNfthBWyhWb5nF-anemJKDT9V8K6CXmYKAkbfVNASTKyIgPjNrSK6NG1d2kpjYtIvchul8_PTXTHkAYkvmVjb6_GsPexOGMYL5qYZRym4R5m5Jcs3dz_-IVRkpcOKcBSlBpliQBoLBKAf-zal4Gq546IjucFr2Id6QzlZ6AlHN-u8A9N9haHTkXVwXc4C5tXfBDhiG98H4PiM5fWpfTnn2KZqWiOdkVk8v9xeOXPHvnZ6eZjR4aL2Hxu6DHO-Tca5-EMVFt5tZSdNxU1obxZS_PQ-Zvg4mN542_RT-mIHABOOeusKZtpLHEshmsu46qs-bD2y5s9QXAfg7am-BTFxjCQLH_SmRvCjvk5tDPzA7HMmJ5YKWqQ%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=6211903583909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900015.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=951f813a0e&subid=&uid=e9796d4a9074e978&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxLa7l3_TYeLoEpre3wPIo4TYD92t6Khgu4_f1IgK8C4QASC6l-0eYJXikIKgB8gBCakClQjGCvbwsj6oAwGqBOgBT9DtccN_nob0MBfpd3AD46chFW5d_-ePKuUSbvu7CN5w8r_fpZBCUR45INq3AMRn71pzSh9DNHNoWMYWgXuzdAWOUH_tR2WzZp2tEIJkDmIGcTWQFif0-tWlQlgbNoTvKT0YYznpkyEki49zZkkWrAUN7YJIRe7vftsm1MgYlYXuhoFNjT8OMnggmEX4-29Mm2An7wSbWsQW2vMnEz_3XGipc4gmiRVdeu_dqCXIS4H-FrkhXLs7LBrCfEs3Xub5kmCz2-A1wZGYm7znU0JSLjOTne3DEhTk2lLgnxD4f8G0YjIAbPz6-cAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w%26sig%3DAOD64_1OTZ0759Bf-93UGNlrImTjMxm7jA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-DWbReOzBXhOW-zxLe2QtM91n9TkVSbozJ9r_OyBnRtmCaSSSdFWfPoZ0Jme5iBJ6fk6TGQzdQNUu0Ph-akqvMhGEeeu0kfCiCj0YkSdILtiy7ZO2i-BKJLb2q_pDj5GiEcou9eAsjtko_Q0hgICYHlLnmfXg%26cry%3D1%26dbm_d%3DAKAmf-Bx-X1jCSzmVCbSAm0JYLXgf5YBUQWgei4mUmIFLISN7CDRGusEVuZLna9syZbq3CvBXUI2brSdzYgqRjzXqKmI0flM29oT_BD5EIXPGnuNfthBWyhWb5nF-anemJKDT9V8K6CXmYKAkbfVNASTKyIgPjNrSK6NG1d2kpjYtIvchul8_PTXTHkAYkvmVjb6_GsPexOGMYL5qYZRym4R5m5Jcs3dz_-IVRkpcOKcBSlBpliQBoLBKAf-zal4Gq546IjucFr2Id6QzlZ6AlHN-u8A9N9haHTkXVwXc4C5tXfBDhiG98H4PiM5fWpfTnn2KZqWiOdkVk8v9xeOXPHvnZ6eZjR4aL2Hxu6DHO-Tca5-EMVFt5tZSdNxU1obxZS_PQ-Zvg4mN542_RT-mIHABOOeusKZtpLHEshmsu46qs-bD2y5s9QXAfg7am-BTFxjCQLH_SmRvCjvk5tDPzA7HMmJ5YKWqQ%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=6211903583909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 177
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEH9h9Pvo6gN_dB_OVg-J3aA&google_cver=1&google_push=AYg5qPIdTzUcLI_yn5gEIBX5frKBuo8zLe02e-5PaR5LbOMqiWzB03nGlAJXNolA0jr6m2379jH0kyHohx8cmzb16OSF3DFsTKWB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH9h9Pvo6gN_dB_OVg-J3aA&google_push=AYg5qPIdTzUcLI_yn5gEIBX5frKBuo8zLe02e-5PaR5LbOMqiWzB03nGlAJXNolA0jr6m2379jH0kyHohx8cmzb16OSF3DFsTKWB
Request Chain 179
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBWI2OvlS_SPtx55XLBISC0&google_cver=1&google_push=AYg5qPJNs90ztMrDr6foAwalst7lzjImpoSBGKnfMf4KYZTLNJob_dBOnQpp1PUk8yFFW8cPNLMITT6r3EBFMv21gH84RGdwwCY9 HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBWI2OvlS_SPtx55XLBISC0&google_cver=1&google_push=AYg5qPJNs90ztMrDr6foAwalst7lzjImpoSBGKnfMf4KYZTLNJob_dBOnQpp1PUk8yFFW8cPNLMITT6r3EBFMv21gH84RGdwwCY9&prevuid=&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJNs90ztMrDr6foAwalst7lzjImpoSBGKnfMf4KYZTLNJob_dBOnQpp1PUk8yFFW8cPNLMITT6r3EBFMv21gH84RGdwwCY9&google_hm=
Request Chain 180
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECDXuEfM4dJMBNijWjqTktY&google_cver=1&google_push=AYg5qPK60bK1ghJA0xfY-Z_b10cnMYA26UnXs01CGyUZH4T22dnE1eaW1JDR7dl0xpJga6WZHfsMIswEFym_SHvzunlcmJ84qkDmuQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECDXuEfM4dJMBNijWjqTktY&google_cver=1&google_push=AYg5qPK60bK1ghJA0xfY-Z_b10cnMYA26UnXs01CGyUZH4T22dnE1eaW1JDR7dl0xpJga6WZHfsMIswEFym_SHvzunlcmJ84qkDmuQ HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=106ee5b3-e274-448a-9a9a-fc732e91f9c2&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK60bK1ghJA0xfY-Z_b10cnMYA26UnXs01CGyUZH4T22dnE1eaW1JDR7dl0xpJga6WZHfsMIswEFym_SHvzunlcmJ84qkDmuQ&google_hm=XSC595RqQkGUHbLlXTRgRA==
Request Chain 181
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECOzm1r0JicKMcafKj4vk8Q&google_cver=1&google_push=AYg5qPJIDNLReHzRHFDZC63CknKAcme744WHYpiyeMDEgkGXSHCv-s2l5AA66bi8JalO3s7oZ0r8FaddL3TlLL93MPNkHuMvf2nO0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1haQUFRVTYtMjAtSThQMw==&google_push=AYg5qPJIDNLReHzRHFDZC63CknKAcme744WHYpiyeMDEgkGXSHCv-s2l5AA66bi8JalO3s7oZ0r8FaddL3TlLL93MPNkHuMvf2nO0g
Request Chain 182
  • https://match.360yield.com/match/ebda?google_gid=CAESEO1qds-2lOeBnohHMOqH3V4&google_cver=1&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO1qds-2lOeBnohHMOqH3V4&google_cver=1&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g
Request Chain 191
  • https://gatr.hit.gemius.pl/_1641250712160/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=263&lsdata=ZOzHSS4JwHhqgDgN9apC0LYLYho8yRVR.gQMAxQEEYn.j7dV4xjfhxagy0Tk1hIMZK64WU4V91WfGEqAqrkFDwps7pQ1/L.89pzZNs3JpB/&fpdata=jGUR9QGdFXM8Yq94ovQyfq7xCwLAJWycFkYhHMIhT8T.v7&vis=1&lsadd=&fpcap= HTTP 301
  • https://gatr.hit.gemius.pl/__/_1641250712160/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=263&lsdata=ZOzHSS4JwHhqgDgN9apC0LYLYho8yRVR.gQMAxQEEYn.j7dV4xjfhxagy0Tk1hIMZK64WU4V91WfGEqAqrkFDwps7pQ1/L.89pzZNs3JpB/&fpdata=jGUR9QGdFXM8Yq94ovQyfq7xCwLAJWycFkYhHMIhT8T.v7&vis=1&lsadd=&fpcap=
Request Chain 213
  • https://um.simpli.fi/gp_match?google_gid=CAESEMcNhVssTCQtiKGnMHcowAw&google_cver=1&google_push=AYg5qPJUFs1LJ1uuYSwwKFg44_gQn1gdwTRSFzdd7LSII9znUO7aVfWT5O5l7fLhY01CV9Ppf0ce5gVNClnDZpuH95jmV9DZGpk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2FDDF01607EB4C1986802485E7F6BB75&google_push=AYg5qPJUFs1LJ1uuYSwwKFg44_gQn1gdwTRSFzdd7LSII9znUO7aVfWT5O5l7fLhY01CV9Ppf0ce5gVNClnDZpuH95jmV9DZGpk
Request Chain 214
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESENZ6ROGvxdppJjHg7pQ2tVc&google_cver=1&google_push=AYg5qPIIltm8N0sYwdqZT-gXqu_8uXtp_zSDHGW0UfKZ-SGTg0hZw6EpPr7ep-g7Zqv_ssFm_npARLLwZIwBdeVCUR41thpVln7F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPIIltm8N0sYwdqZT-gXqu_8uXtp_zSDHGW0UfKZ-SGTg0hZw6EpPr7ep-g7Zqv_ssFm_npARLLwZIwBdeVCUR41thpVln7F
Request Chain 215
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESENDipKYOjh6aayOZoCO3kRA&google_cver=1&google_push=AYg5qPKFXmUxxzGltpIgQtj-B1TyLnl9BNp0CEB9ARNmpLKuf5pxnTygazFDmubvsBQdYkFEjgJJ3pOrBJ6a0W-I9m1UIhAO3v0 HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESENDipKYOjh6aayOZoCO3kRA&google_cver=1&google_push=AYg5qPKFXmUxxzGltpIgQtj-B1TyLnl9BNp0CEB9ARNmpLKuf5pxnTygazFDmubvsBQdYkFEjgJJ3pOrBJ6a0W-I9m1UIhAO3v0&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPKFXmUxxzGltpIgQtj-B1TyLnl9BNp0CEB9ARNmpLKuf5pxnTygazFDmubvsBQdYkFEjgJJ3pOrBJ6a0W-I9m1UIhAO3v0&google_hm=qStoKF7EFaEAAikABlF-IipsPA%3D%3D
Request Chain 217
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI51MvVtOS1qZjT-GSDgrgE&google_cver=1&google_push=AYg5qPL6OQ3xE9HMMcwgZvlIYpS7qEmKF4TC_mUUJwhmpzjkiodrt60Oi2mewRSGLEVY9-MS4uBERWzUZ3Fs2yk8pIHghDMbcqVQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI51MvVtOS1qZjT-GSDgrgE&google_cver=1&google_push=AYg5qPL6OQ3xE9HMMcwgZvlIYpS7qEmKF4TC_mUUJwhmpzjkiodrt60Oi2mewRSGLEVY9-MS4uBERWzUZ3Fs2yk8pIHghDMbcqVQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p8dtVRfBRoGBhgekaNYfkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL6OQ3xE9HMMcwgZvlIYpS7qEmKF4TC_mUUJwhmpzjkiodrt60Oi2mewRSGLEVY9-MS4uBERWzUZ3Fs2yk8pIHghDMbcqVQ
Request Chain 230
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022010323583261432418283X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2022010323583261432418283X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022010323583261432418283X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Request Chain 233
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022010323583261432418281X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010323583261432418281X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Request Chain 257
  • https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXZAAR52-28-L0LH&sigv=1&esig=2~3ba9142c58d3d42b38891f2d178ac6361d00b4f7&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1&put=CAESEDB7Oj0BTt3M7EL_o5tqgtE&google_cver=1
Request Chain 261
  • https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1haQUFSNTItMjgtTDBMSA==&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Request Chain 262
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b5b39080-a2e9-4621-8d88-fd6e12cf552b&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&expires=30
Request Chain 263
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcyY2Y1NmM1ODNkMzU5YjA0NDQ2ZDI1NTcwNjQyZmI5YWU4ZjhjZQ&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Request Chain 264
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Z0C49VXX1dqhzIBxwwA04Mn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Request Chain 267
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1547982108&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.1874813665.1641250711.1641250711.1641250711.1&_utmz=140208355.1641250712.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1641250713364&_u=KQBCAEABAAAAAC~&jid=&gjid=&cid=1874813665.1641250711&tid=UA-241588-1&_gid=2144301582.1641250712&z=71092863 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1547982108&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.1874813665.1641250711.1641250711.1641250711.1&_utmz=140208355.1641250712.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1641250713364&_u=KQBCAEABAAAAAC~&jid=&gjid=&cid=1874813665.1641250711&tid=UA-241588-1&_gid=2144301582.1641250712&z=71092863

274 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Default.aspx
arsiv.sahadan.com/
Redirect Chain
  • http://sahadan.com/
  • https://www.sahadan.com/
  • http://arsiv.sahadan.com/Default.aspx
42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
4b052c9811085c9b2021b3a1bcc9b4c802fa74564003f5c8cc0181410c2bfc54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
CCAcc (1.0.1/nvm-istk1)
Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
9944
Connection
keep-alive
Cache-Control
public, max-age=200
Content-Encoding
gzip
Expires
Mon, 03 Jan 2022 23:00:57 GMT
Last-Modified
Mon, 03 Jan 2022 22:57:37 GMT
Vary
Accept-Encoding
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
sloc
593
s
88
X-US
EXPIRED

Redirect headers

server
AkamaiGHost
content-length
0
location
http://arsiv.sahadan.com/Default.aspx
cache-control
max-age=0
date
Mon, 03 Jan 2022 22:58:30 GMT
x-content-type-options
nosniff
content-security-policy
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data:; connect-src https: wss:; font-src https: data:; media-src https: blob:;
strict-transport-security
max-age=63072000
x-xss-protection
1
x-frame-options
DENY
Master.css
is.cdn.md/i4/Css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/Master.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
b3f2e69fff634830a400c124c00dd5c97f023d6154a03aa9ec9a5eb690c9f196

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Apr 2013 14:18:50 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"eae97297630ce1:0"
ntCoent-Length
18666
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
3302
Expires
Wed, 02 Feb 2022 22:58:30 GMT
Menu.css
is.cdn.md/i4/Css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/Menu.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
b4a7ef9af3af11bb37d635bfed849032d26ef1cd51095cff7e664fcddf9e114c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2013 13:55:00 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"c92e784bb20ce1:0"
ntCoent-Length
4277
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1143
Expires
Wed, 02 Feb 2022 22:58:30 GMT
master2.css
is.cdn.md/i4/Css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/master2.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
e62af54a296f56631510f41fe04abc6fdb1b703d6e2968a50a6741c5aac93ea0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cteonnt-Length
23574
Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Nov 2016 15:56:11 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"2d3995f32140d21:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
4340
Expires
Wed, 02 Feb 2022 22:58:30 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.4/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 12:10:39 GMT
X-Content-Type-Options
nosniff
Age
38871
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
78601
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 03 Jan 2023 12:10:39 GMT
master.js
is.cdn.md/i4/Js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/master.js?v=2.7.61
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
c21a3f821b4d312076f3a473f9e741b53658761b5f0886873e12039eb5190cbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 13:18:39 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"2978c94e2242d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Wed, 02 Feb 2022 22:58:30 GMT
advertisement.js
b.cdn.md/admost/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://b.cdn.md/admost/advertisement.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
94.130.135.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.135.130.94.clients.your-server.de
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rupsahadan.com.arsiv.js
cdn.eksiup.com/api/special/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fbaaef3cb1a897e67239316624f87b042d5edb6741d761dc7ced9c0261b0ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5395
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 11 Dec 2021 10:17:47 GMT
server
cloudflare
etag
W/"61b47acb-2eb7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD6G8kycQISt5ruvuuZxaIkwlbU%2Bx%2B3tXU3V0VKiNq9Wvgh7VlrksxfDwY9cCC5cwkWjambzZ0lvw4VCfIzpkAE9HlQiSmN%2BhYKWui8GrkHLleaJftPKxC6%2BNG6HFoMbuRutkrswwO%2BxCG7LEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
6c7fd50dae6d2b35-FRA
expires
Wed, 29 Dec 2021 15:00:01 GMT
galleryview.css
is.cdn.md/i4/Css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/galleryview.css?v=1.20.07
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
cecaa3c6afa068e141ee4972e5449634fb581b3447bfa6169d3c038d2450a5e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cteonnt-Length
2847
Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2013 13:42:31 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"a96a2d15f5b9ce1:0"
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1148
Expires
Wed, 02 Feb 2022 22:58:30 GMT
jquery.galleryview-1.1.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.galleryview-1.1.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
9e0475bc6b5858f1d4d16178f48f9993fc45ecd976c9c147330ed300fc220c51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 09:13:55 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"a643d137de3cce1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Wed, 02 Feb 2022 22:58:30 GMT
jquery.timers-1.1.2.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.timers-1.1.2.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 07:48:19 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"8d371e42d23cce1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Wed, 02 Feb 2022 22:58:30 GMT
jquery.easing.1.3.js
is.cdn.md/i4/Js/jquery-galleryview-1.1/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/jquery-galleryview-1.1/jquery.easing.1.3.js?v=1.20.06
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2013 07:48:17 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"bbc95841d23cce1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Wed, 02 Feb 2022 22:58:30 GMT
HomeScores2.js
is.cdn.md/i4/Js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/HomeScores2.js?v=1.20.07
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
a81cecefe8865615fe3e4c8858e69f1d92f4cff8a56095d2c57bdfb61fb07439

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Nov 2013 16:33:42 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"9f80fe70d7e6ce1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Wed, 02 Feb 2022 22:58:30 GMT
gunun-maci-style.css
is.cdn.md/i4/Css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/gunun-maci-style.css?v=1.20.08
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
3ea5f5e57bcdba2a5925058f077a3c016ac0c03d940a9866f82bddd5bf150dd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Aug 2015 11:01:52 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"b68be9e37dbd01:0"
ntCoent-Length
4225
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1024
Expires
Wed, 02 Feb 2022 22:58:30 GMT
jquery.autocomplete.css
is.cdn.md/i4/Css/jquery-autocomplete/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/jquery-autocomplete/jquery.autocomplete.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
manchester-united-cronaldo-01032021-b.jpg
hm.cdn.md/img/haberbuyuk/m/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/m/manchester-united-cronaldo-01032021-b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
035d95292ab6d0c014436714df0f4b48aee304e4120c1aa2aaf09455eefeeb99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"a08a320e60d81:0"
Last-Modified
Mon, 03 Jan 2022 21:08:05 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45093
Expires
Wed, 02 Feb 2022 22:58:30 GMT
edinvisca_aa_02012022b.jpg
hm.cdn.md/img/haberbuyuk/e/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/e/edinvisca_aa_02012022b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
0f8a4d97a095963b61bd36a104dfcb9243803ad501ae70aff945e7745b9cf065

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"06d6758a9ffd71:0"
Last-Modified
Sun, 02 Jan 2022 07:21:22 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
114619
Expires
Wed, 02 Feb 2022 22:58:30 GMT
ferdikadioglu_depophotos_17122021b.jpg
hm.cdn.md/img/haberbuyuk/f/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/f/ferdikadioglu_depophotos_17122021b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
d9717d1dd967ab5e2e1b5bd14057443dd50939780aaac1b0b2623a4e4a60d95f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"307024c26f3d71:0"
Last-Modified
Fri, 17 Dec 2021 09:13:04 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
94010
Expires
Wed, 02 Feb 2022 22:58:30 GMT
MostafaMohamed_Galatasaray_19eylul2021_B.jpeg
hm.cdn.md/img/haberbuyuk/M/ 		277 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/M/MostafaMohamed_Galatasaray_19eylul2021_B.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
649921158bff9c8e585017918ae84723c72b6d0259443374bcee1edfc2a4bf4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"b02e15ffe4add71:0"
Last-Modified
Mon, 20 Sep 2021 06:01:47 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
284024
Expires
Wed, 02 Feb 2022 22:58:30 GMT
patrick-van-aanholt-galatasarayy-2021-b.jpg
hm.cdn.md/img/haberbuyuk/p/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haberbuyuk/p/patrick-van-aanholt-galatasarayy-2021-b.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
8066766856cfcc5281e074f9b30a3798ad99b17b8b23f61fdee10fa5f42165df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"f0d0259ae50d81:0"
Last-Modified
Mon, 03 Jan 2022 21:05:14 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41677
Expires
Wed, 02 Feb 2022 22:58:30 GMT
manchester-united-cronaldo-01032021-k.jpg
hm.cdn.md/img/haber/m/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/m/manchester-united-cronaldo-01032021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
cbb6c5966181e607c1589c627520e91b6cae691d6e38316edf720dfa42581e4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"4029300e60d81:0"
Last-Modified
Mon, 03 Jan 2022 21:08:05 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6279
Expires
Wed, 02 Feb 2022 22:58:30 GMT
edinvisca_aa_02012022k.jpg
hm.cdn.md/img/haber/e/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/e/edinvisca_aa_02012022k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
3229bc954954c3bf1d9220694b018e12f11ccf0d0d338416f0801f349b1bab9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"40aa6258a9ffd71:0"
Last-Modified
Sun, 02 Jan 2022 07:21:22 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24570
Expires
Wed, 02 Feb 2022 22:58:30 GMT
ferdikadioglu_depophotos_17122021k.jpg
hm.cdn.md/img/haber/f/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/f/ferdikadioglu_depophotos_17122021k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
f82d1328ae32a1a43d2c4e33412ce43d84a6c0c8b4dc7ccf3837828caf24e107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"d0e04c26f3d71:0"
Last-Modified
Fri, 17 Dec 2021 09:13:04 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21064
Expires
Wed, 02 Feb 2022 22:58:30 GMT
mostafa-mohamed-galatasaray-10172021-k.jpg
hm.cdn.md/img/haber/m/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/m/mostafa-mohamed-galatasaray-10172021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
1d176977b3638332fd52719f4d65df2dc8d414ef593986f03188e3f6150ec7c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"40f830ab67c3d71:0"
Last-Modified
Sun, 17 Oct 2021 15:00:05 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5225
Expires
Wed, 02 Feb 2022 22:58:30 GMT
patrick-van-aanholt-galatasarayy-2021-k.jpg
hm.cdn.md/img/haber/p/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/p/patrick-van-aanholt-galatasarayy-2021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
7a5bb4117307afeabae8a8361b33d075573b7f28f81f3e0ddc7268df37d3f89a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"f0d0259ae50d81:0"
Last-Modified
Mon, 03 Jan 2022 21:05:14 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5521
Expires
Wed, 02 Feb 2022 22:58:30 GMT
germany-bundesliga-logo_K.jpg
hm.cdn.md/img/haber/g/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/g/germany-bundesliga-logo_K.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
5310c87e9ce0788a6f31bc256bc44f08abe5c63a5773bd9bcae74bbe4f6deb80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"80d31b9908dd61:0"
Last-Modified
Fri, 18 Sep 2020 07:52:57 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4140
Expires
Wed, 02 Feb 2022 22:58:30 GMT
ricardo-pepi-us-01032021-k.jpg
hm.cdn.md/img/haber/r/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/r/ricardo-pepi-us-01032021-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
b129af6091372028a8296486a045bc665544c6ba26ee655c17307d3009499a06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"604d16c7e50d81:0"
Last-Modified
Mon, 03 Jan 2022 21:06:29 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5899
Expires
Wed, 02 Feb 2022 22:58:30 GMT
NihatOzdemir_TFF_27ekim2021_k.jpeg
hm.cdn.md/img/haber/N/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/N/NihatOzdemir_TFF_27ekim2021_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
2dc309c3f0b8c6c40a519e542e1cfd0e85c97081265c86441365b3bc116188a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"c03b62631ccbd71:0"
Last-Modified
Wed, 27 Oct 2021 10:21:21 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18277
Expires
Wed, 02 Feb 2022 22:58:30 GMT
OnderKaraveli_besiktas_vedatyangin_12Aralik2021_K.jpg
hm.cdn.md/img/haber/O/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/O/OnderKaraveli_besiktas_vedatyangin_12Aralik2021_K.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
d48a8523a020f68bd098702ae2c51a8382044138f2a881d7993f844225418221

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"a052ec1394efd71:0"
Last-Modified
Sun, 12 Dec 2021 20:08:49 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19211
Expires
Wed, 02 Feb 2022 22:58:30 GMT
PhilippeClement_ClubBrugge_Galatasaray_09182019_k.jpg
hm.cdn.md/img/haber/P/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/P/PhilippeClement_ClubBrugge_Galatasaray_09182019_k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
aa7369bd67dcdcdbaf5ba74d1c61fa7f283d798fa638981d76a04012722767a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"60ed631f716ed51:0"
Last-Modified
Wed, 18 Sep 2019 22:33:41 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6336
Expires
Wed, 02 Feb 2022 22:58:30 GMT
bwalya-yms-anrrenman-k.jpg
hm.cdn.md/img/haber/b/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/b/bwalya-yms-anrrenman-k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
f855c360bb218603ea7521114a929494daa11227c101bbffa1f667d4fd406028

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"90b7520e50d81:0"
Last-Modified
Mon, 03 Jan 2022 21:01:49 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6689
Expires
Wed, 02 Feb 2022 22:58:30 GMT
AliKoc_Fenerbahce_temmuz2021_k.jpeg
hm.cdn.md/img/haber/A/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/A/AliKoc_Fenerbahce_temmuz2021_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
75eec04a806a6a020174b58dbdd0628b16afe1b2fb44447f36734d7716a00a54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"086fa5ea7ed71:0"
Last-Modified
Thu, 22 Jul 2021 11:13:48 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19747
Expires
Wed, 02 Feb 2022 22:58:30 GMT
ahmetagaoglu_aa_29102021k.jpg
hm.cdn.md/img/haber/a/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/a/ahmetagaoglu_aa_29102021k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
3de0fb18ba18e6b868d1460f9a41f5278a356fde9c6e48568ee534eb53fca655

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"906cd42f9ccd71:0"
Last-Modified
Fri, 29 Oct 2021 19:14:55 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20756
Expires
Wed, 02 Feb 2022 22:58:30 GMT
merihdemiral_aa_03012022k.jpg
hm.cdn.md/img/haber/m/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/m/merihdemiral_aa_03012022k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
e46f1ab48cc551d62ff6ff0685e88aba6d7dd50f0a7058d0780c2b9a024fe409

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"c0da1e61740d81:0"
Last-Modified
Mon, 03 Jan 2022 07:34:45 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28182
Expires
Wed, 02 Feb 2022 22:58:30 GMT
lukaku_tuchel_depophotos_03012022k.jpg
hm.cdn.md/img/haber/l/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/l/lukaku_tuchel_depophotos_03012022k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
8e3cb18eb042ed23ae297ff7473b0c18cbea28eb132886a0948eba41a199c74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"90ed6165720d81:0"
Last-Modified
Mon, 03 Jan 2022 07:20:33 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6404
Expires
Wed, 02 Feb 2022 22:58:30 GMT
goztepe_depophotos_03012022k.jpg
hm.cdn.md/img/haber/g/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/g/goztepe_depophotos_03012022k.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
f8be2b29dda37f54a8496ead2f868146c46258db3f4af9ba4833d1c4f3e91fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"70d28a347e0d81:0"
Last-Modified
Mon, 03 Jan 2022 08:45:05 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36015
Expires
Wed, 02 Feb 2022 22:58:30 GMT
OmerFarukYurtseven_MiamiHeat_28aralik2021_k.jpeg
hm.cdn.md/img/haber/O/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hm.cdn.md/img/haber/O/OmerFarukYurtseven_MiamiHeat_28aralik2021_k.jpeg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
1b8d1b7b7d440f0f56cc5168807ff05c3c5289eeeaeef71fc1f32fd5ec34bab2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
ETag
"d055e2f486fcd71:0"
Last-Modified
Wed, 29 Dec 2021 07:37:39 GMT
Server
CCAcc (1.0.1/nvm-istk1)
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7833
Expires
Wed, 02 Feb 2022 22:58:30 GMT
38238
tags.bluekai.com/site/
Redirect Chain
  • http://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
  • https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
62 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
9f0f
Content-Type
image/gif

Redirect headers

Location
https://tags.bluekai.com/site/38238?limit=1&phint=event%3Dimp&phint=video%3Dsahadan
Date
Mon, 03 Jan 2022 22:58:30 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
footer-ico.png
is.cdn.md/i4/Img/index/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/footer-ico.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"48366ecc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
946
Expires
Wed, 02 Feb 2022 22:58:30 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
21703864
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
5iVb1GK8C_E0qlAtyTmNhsHrzredE45BOCil0hEWXfbMQYSWtB9ewQ==
adblockDetectorWithGA.js
is.cdn.md/i4/Js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/adblockDetectorWithGA.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
14ee0390722dba1d6e95b766412095d436df22f30b83dfbb9cb38fde3cd72c95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Dec 2016 10:14:45 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"b31f20bdbb4bd21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Wed, 02 Feb 2022 22:58:30 GMT
advertisement.js
b.cdn.md/admost/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://b.cdn.md/admost/advertisement.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
94.130.135.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.135.130.94.clients.your-server.de
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
admost.js
go.admost.com/adx/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
51.83.238.53 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3162352.ip-51-83-238.eu
Software
BunnyCDN-PL1-668 /
Resource Hash
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8

Request headers

Referer
http://arsiv.sahadan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
668
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
CDN-CachedAt
01/03/2022 22:58:30
CDN-PullZone
383886
Connection
keep-alive
Server
BunnyCDN-PL1-668
Pragma
no-cache
Last-Modified
Wed, 10 Mar 2021 15:26:32 GMT
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
2b05e664b4d96298907aec83dd250a34
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1091 / 160 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jan 2022 22:58:30 GMT
jquery.autocomplete.css
is.cdn.md/i4/Css/jquery-autocomplete/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Css/jquery-autocomplete/jquery.autocomplete.css?v=3.295
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
bg.jpg
is.cdn.md/i4/Img/index/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/bg.jpg
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
f8c438d279c6bd38c07d7713ec638668b54cbb2b2e55d01e3a7ba28f144365ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"3d5360cc22ace1:0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
88304
Expires
Wed, 02 Feb 2022 22:58:30 GMT
dimml.js
cdn.dimml.io/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/dimml.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1f03edc0fddabfcb872fbeeaffb3ea6528557ac10a6bcce97170a3cccc109def

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
X-77-NZT-Ray
it9X4zOwSp0=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
AcO1rgX1r0j/8IsAAA==
X-Accel-Expires
@1641301286
Server
CDN77-Turbo
ETag
W/"e28000734479"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
X-Age
35824
Expires
Tue, 4 Jan 2022 13:01:26 GMT
header-bg.png
is.cdn.md/i4/Img/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/header-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
3f71c7e1467e9bac745ba1f27ec773b77b04b551e3b48eae8447a14c43aefc0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"69ce70cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1116
Expires
Wed, 02 Feb 2022 22:58:30 GMT
logo.png
is.cdn.md/i4/Img/index/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/logo.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
96c0598f9fe9df975d595a6ba24ebff8c1bd6fe14902dd37b2ebb639daedf5bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"50f782cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
17985
Expires
Wed, 02 Feb 2022 22:58:30 GMT
menu-bg.png
is.cdn.md/i4/Img/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
e4bc697496bb350dee2dd90f94e8454e52a371f64121a5565f0a54652a0716e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"718f85cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1109
Expires
Wed, 02 Feb 2022 22:58:30 GMT
menu-selected-bg2.png
is.cdn.md/i4/Img/index/ 		954 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-selected-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
fddc433f7cc747ef4fe82c66486feb8783af32e11f590cf4bb46708b8ec05418

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Thu, 18 Apr 2013 14:50:07 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"afa8c34443cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
954
Expires
Wed, 02 Feb 2022 22:58:30 GMT
menu-border.png
is.cdn.md/i4/Img/index/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-border.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
a314bd0381551764a32150f16251feccf4184b14859eadec2e06cb0d35d4681e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"d77986cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
931
Expires
Wed, 02 Feb 2022 22:58:30 GMT
menu-bar-bg2.png
is.cdn.md/i4/Img/index/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-bar-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
aa2cb8a5241d24ae98bad193afc76ca3b5437f2d95c62c7c49dbdc9ad6a2fac9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Thu, 18 Apr 2013 14:50:07 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"578ebd4443cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
969
Expires
Wed, 02 Feb 2022 22:58:30 GMT
menu-arrow2.png
is.cdn.md/i4/Img/index/ 		953 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/menu-arrow2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
ded1d9b7817a8247c96877fb6bfef1f651d94018cc4df64f298209867a4307e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Thu, 18 Apr 2013 14:59:21 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"a6a74f453cce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
953
Expires
Wed, 02 Feb 2022 22:58:30 GMT
get.ashx
run.admost.com/adx/ 		930 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46730&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
53ef9e8412836d3dce42ef6d118d1f55a593d35c8af0771d33e3419177e59253

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go601;cd:60;r:>473075-328645-46730-0;cs:cp:cache_z_46730_*_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
CDN-RequestId
7b61cb98faa93b27e739f68d62598814
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
26cdb049e31383392e52f2ce80740946a255faeb.js
cdn.dimml.io/static/ 		611 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/static/26cdb049e31383392e52f2ce80740946a255faeb.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
34667fc83e3f4d9ff6080d44c4fc4dd87e0d3a6a8d680dbd3adb05a73d99f590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Mon, 03 Jan 2022 22:58:30 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
X-77-NZT-Ray
7E6UZHWfvmo=
Transfer-Encoding
chunked
X-77-Cache
MISS
X-Cache
EXPIRED
Connection
keep-alive
X-77-NZT
AcO1rgUC19bbkgIAAA==
X-Accel-Expires
@1641250770
Server
CDN77-Turbo
ETag
W/"7c9fbe5f9b40"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=60
X-Age
658
Expires
Mon, 3 Jan 2022 22:59:30 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jan 2022 22:58:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		302 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
82577dee021cf0e24acd092be1c4e0f938c358a84be415702fd59653e04455f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Mon, 03 Jan 2022 22:58:30 GMT
sahinterstitial.js
cdn.eksiup.com/api/interstitial/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eksiup.com/api/interstitial/sahinterstitial.js
Requested by
Host: cdn.eksiup.com
URL: https://cdn.eksiup.com/api/special/rupsahadan.com.arsiv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9ddd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93e17588f48e21f0f1e47e57d6019e748b2b5625796708ccf7767ddc7c9db70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4969
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 08 Oct 2021 09:29:22 GMT
server
cloudflare
etag
W/"61600f72-18df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGtLqf6V2eH3NfFdA0XqtHYP9WsWjqgKZfB59w6OFXODGJS5WeHbaOUyB%2FcUpA%2BTALjzo3yRkAfryFHLEZaMyvDQp7S%2FZHevoySqRiTAz1njYGoxlBEkeTzcHyLFoWD%2B5XdVAHWiHIH9eh0kUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
6c7fd50f28592b35-FRA
expires
Wed, 29 Dec 2021 15:00:10 GMT
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=18834&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go602;cs:cp:cache_z_18834_*_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
80ebbd4c196469fda2297716adce669a
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		434 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4339884962712339&correlator=1772856681212349&output=ldjh&impl=fifs&eid=44752540%2C44756716%2C31063708&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20220103&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Csticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C980x90&cookie_enabled=1&bc=23&abxe=1&lmt=1641250657&dt=1641250711057&dlt=1641250710353&idt=683&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1197&adks=3849013862&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1874813665.1641250711&ga_sid=1641250711&ga_hid=1547982108&ga_fc=false&fws=512&ohw=0&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
cb3b4de95116371c7ee87e5308c5d0d635a39d38af23eb0f45aa77dfecd03409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4339884962712339&correlator=751059120202988&output=ldjh&impl=fifs&eid=44752540%2C44756716%2C31063708&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20220103&iu_parts=90851098%3A96769799%2Csahadan.com%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=nativebox_site%3Dsahadan.com&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1641250657&dt=1641250711060&dlt=1641250710353&idt=683&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3404394211&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1874813665.1641250711&ga_sid=1641250711&ga_hid=1547982108&ga_fc=false&fws=2&ohw=0&btvi=-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b2e317fcc235bda88e1e27bb47371a98d7e9cca8b2ea9d686da89dce1eb94e66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14715
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		52 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4339884962712339&correlator=751059120202988&output=ldjh&impl=fifs&eid=44752540%2C44756716%2C31063708&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20220103&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Ctopbanner_masthead_multisize_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C980x250%7C970x90&cookie_enabled=1&bc=23&abxe=1&lmt=1641250657&dt=1641250711061&dlt=1641250710353&idt=683&frm=20&biw=1600&bih=1200&oid=2&adxs=310&adys=127&adks=898654483&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=980x2768&msz=980x0&ga_vid=1874813665.1641250711&ga_sid=1641250711&ga_hid=1547982108&ga_fc=false&fws=0&ohw=0&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4c6c992921fa7602fa0a66a6d93519e08acdd55cb9e1c5a08019b17f97ee737c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12140
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AECD 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 03 Jan 2022 22:58:31 GMT
expires
Tue, 03 Jan 2023 22:58:31 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12940
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jan 2022 22:58:31 GMT
gallery-right-bg.png
is.cdn.md/i4/Img/index/ 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/gallery-right-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
4ec12baf6cba1184f734c98640a42cd7a3208c2edf5871231eb6c3a58a021520

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:30 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"d06e6fcc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
928
Expires
Wed, 02 Feb 2022 22:58:30 GMT
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=38097&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go917;cs:cp:cache_z_38097_*_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
5bee3d1ae2f483c8aec9b19e946820b5
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
ads
securepubads.g.doubleclick.net/gampad/ 		428 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4339884962712339&correlator=3032575631444190&output=ldjh&impl=fifs&eid=44752540%2C44756716%2C31063708&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20220103&iu_parts=90851098%3A96769799%2Csahadan.com%2Coop_genel&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1641250657&dt=1641250711157&dlt=1641250710353&idt=683&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=624&adks=4074944982&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=1600x1200&msz=1600x0&ga_vid=1874813665.1641250711&ga_sid=1641250711&ga_hid=1547982108&ga_fc=false&fws=0&ohw=0&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
de43d91c56349c70269b3be1dde83c43ecb0a6c351c99aed11434ae7ede44d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.ashx
run.admost.com/adx/ 		887 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46727&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
ea3273964fd64f1966a84354ec26014e38f1f725f5dcec8a5777f63e7531d430

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go917;cd:60;r:>473076-328644-46727-0;cs:cp:cache_z_46727_*_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
CDN-RequestId
189206addfc0efc53840680492a99a44
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4339884962712339&correlator=3032575631444190&output=ldjh&impl=fifs&eid=44752540%2C44756716%2C31063708&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20220103&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Ctopmpu_homepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1641250657&dt=1641250711263&dlt=1641250710353&idt=683&frm=20&biw=1600&bih=1200&oid=2&adxs=974&adys=138&adks=3494619969&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=316x266&msz=300x-1&ga_vid=1874813665.1641250711&ga_sid=1641250711&ga_hid=1547982108&ga_fc=false&fws=4&ohw=970&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
37a5cb498e8726b93a9f9d3d03ab2dc65258e1f7406db13d960105ec0608de07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8785
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=49848&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go917;cs:cp:cache_z_49848_*_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
33fea5c05f04b60c9760608c64f3d764
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
box-title-bg.png
is.cdn.md/i4/Img/index/ 		943 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/box-title-bg.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
9d312140f3532b29659e3b5c2eb94ff9d7d5f09376b21993c5909442eece0067

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"70c860cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
943
Expires
Wed, 02 Feb 2022 22:58:31 GMT
box-title2.png
is.cdn.md/i4/Img/index/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/box-title2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
313d5cbad55a31674c5451e2a961ab892e951ea7c59396ea5a89c944c9b029bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Last-Modified
Tue, 26 Mar 2013 09:17:54 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"a28763cc22ace1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1673
Expires
Wed, 02 Feb 2022 22:58:31 GMT
container.html
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 305E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 03 Jan 2022 22:58:31 GMT
expires
Tue, 03 Jan 2023 22:58:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=34177&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go917;c:1;e:22;hc:3
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
7269406c7b97be97fa26fb59c2b75f6d
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
VideoPlayer.aspx
arsiv.sahadan.com/VideoPlayer/ Frame EF22 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
82.222.8.82 Izmir, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
host-82-222-8-82.reverse.superonline.net
Software
CCAcc (1.0.1/nvm-istk1) / ASP.NET
Resource Hash
bd38f4235270d65eee736f3e6d35dba3630db657037155e0bda45180556a3fac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/Default.aspx

Response headers

Server
CCAcc (1.0.1/nvm-istk1)
Date
Mon, 03 Jan 2022 22:58:32 GMT
Content-Type
text/html; charset=utf-8
Content-Length
4559
Connection
keep-alive
Cache-Control
public, max-age=60
Content-Encoding
gzip
Expires
Mon, 03 Jan 2022 22:58:39 GMT
Last-Modified
Mon, 03 Jan 2022 22:57:39 GMT
Vary
Accept-Encoding
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
sloc
593
s
88
X-US
EXPIRED
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=18833&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go917;cs:cp:cache_z_18833_neq_TR_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
26e739dc5a9d5f937bb8945c30b99c2f
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
css2
fonts.googleapis.com/ Frame 305E 		4 KB
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 21:29:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 22:58:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jan 2022 22:58:31 GMT
/
track.adform.net/adfscript/ Frame E721 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=38516434;rtbwp=YdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw;rtbdata=sE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA&client=ca-pub-5610649146674306&adurl=
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bcff12265914473540611183c9bdf4625a7b13f1fe91270381319630f620857c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1733
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E721 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:52:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E721 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jan 2022 22:58:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E721 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:53:27 GMT
l
www.google.com/ads/measurement/ Frame E721 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRS1fMqoOJctIDb_abk6Pevc1Y3Vh-a7Xp-LjiZjt1TWHyz1AKcJCamuF8h2_P2mygc9J--pdoZykGn_Gvd59XZvWuMng
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E721 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 09:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 09:58:22 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 305E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 21:35:51 GMT
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=18830&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go917;c:1;e:22;hc:1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
a17a6524c0f9b198a63a6b6ade6f974c
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame A0DC 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
547319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0DC 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
547319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0DC 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
547319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0DC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
547319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0DC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
547319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
css
fonts.googleapis.com/ Frame A0DC 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 22:04:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 22:58:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jan 2022 22:58:31 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A0DC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 02:53:13 GMT
x-content-type-options
nosniff
server
cafe
age
72318
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
expires
Tue, 04 Jan 2022 02:53:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A0DC 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
21566
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 04 Jan 2022 16:59:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A0DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ-e4l3_TYaaZEZHh3gOciZqYDs-sqYFnn8vFq_YO57aChbUJEAEgupftHmCV4pCCoAegAZ3Mm80DyAEJqQLmJlYaCSioPuACAKgDAcgDCqoE7gFP0ILpGDXmdJdlSc9DjJGzTlVlw37qNxKSNHtxjEE2yV_pbd1t1yRfib62KGiwAlDOg7zGFYRbCCz8hwPH8BpXz_NVUaqukUp_6WBQkNOaSxPQBGm9TOy9gyMKy1rverIzuQ-pJiQC-Vln1ESOsiUsoz29vbWWawF62LDMwAn1HHqrTbPTIsgwFt_uPoTZUZgUeAWtBtPjKPP4cZSCzsYkzisavaewi_2CUcOl2bv8fLGi-2LF5MvoI9gvG5tF6p6qVgORoME2ATSdu-ALhKgrViJ-yfRCGtSxEyztJpy-E84D75g4IQSGVwCZW2XTwATS4P3g1APgBAGSBQQIBBgBkgUECAUYBKAGLoAHy7PkMqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEI-rA9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NoAKA8gLAbgTiCfYEw2IFATQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTYxMDY0OTE0NjY3NDMwNhjqoxw&sigh=YtvP1wPY1rM&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E721 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516434;rtbwp=YdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw;rtbdata=sE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA&client=ca-pub-5610649146674306&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 02:26:04 GMT
get.ashx
run.admost.com/adx/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46728&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
a30e7f3239b07a4811f6c77a5c62fc5b5774033f099783db947047cd0a0ef113

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go601;cd:60;r:>473074-328646-46728-0;cs:cp:cache_z_46728_*_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
CDN-RequestId
8b34f8ee5a1e102cd4785a954cb952f2
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
downsize_200k_v1
tpc.googlesyndication.com/simgad/8153987507102461495/ Frame A0DC 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8153987507102461495/downsize_200k_v1?w=600&h=314
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f48277bac80c392db5df54ce8ece3e8250b505d37555a1848cdbe63b5224df26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21107
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 23:57:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Jan 2023 22:58:31 GMT
truncated
/ Frame A0DC 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93eb531af2c91ff08294a04ae8f7add5ec5e17fcbdeab809ebb364681106a96e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A0DC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34b058060611bd5f35141dd12d7c3ad985289014f91e919d7d003a1a568751d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A0DC 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://arsiv.sahadan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 13:17:51 GMT
x-content-type-options
nosniff
age
294040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 13:17:51 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A0DC 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://arsiv.sahadan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 18:21:26 GMT
x-content-type-options
nosniff
age
16625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 03 Jan 2023 18:21:26 GMT
container.html
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 207D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 03 Jan 2022 22:58:31 GMT
expires
Tue, 03 Jan 2023 22:58:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arsiv.sahadan.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4339884962712339&correlator=3032575631444190&output=ldjh&impl=fifs&eid=44752540%2C44756716%2C31063708&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20220103&iu_parts=90851098%3A96769799%2Carsiv.sahadan.com%2Cleft_sky_kule_banner_homepage%2Cright_sky_kule_banner_homepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=160x600%7C120x600%2C120x600%7C160x600&cookie=ID%3D71f8603b4cb315c3-223a0b7014cd0028%3AT%3D1641250711%3AS%3DALNI_MaQ38ZQvqMEXY4T_C1u3TU34kOD-Q&bc=23&abxe=1&lmt=1641250657&dt=1641250711643&dlt=1641250710353&idt=683&frm=20&biw=1600&bih=1200&oid=2&adxs=150%2C1290&adys=0%2C0&adks=890728524%2C681918164&ucis=6%7C7&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&vis=1&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=160x-1%7C120x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1874813665.1641250711&ga_sid=1641250711&ga_hid=1547982108&ga_fc=false&fws=512%2C512&ohw=0%2C0&btvi=0%7C0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
939d66e4a7a0900a22dbf062c990e4419d1a5433f9e2696d95361273b88e2991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
340930
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16199
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
515426
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&time=1641250711645&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&random_number=5309397135&sess_cookie=d8c631fd17e222a685dd127d488&sess_cookie_flag=1&user_cookie=d8c631fd17e222a685dd127d488&user_cookie_flag=1&dynamic=false&domain=sahadan.com&account=Nf8Kg1awO700GA&jsv=20130128&user_lang=en-US
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-92.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 01:58:21 GMT
Via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
75611
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA2-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
P_xYt7cSgshebpV9TZlkC_Ky3ZLbwO148oIgPmsEmKzvs7vnVFG42g==
test.png
a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net/
Redirect Chain
  • http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
  • http://a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net/test.png
58 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net/test.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
52.84.66.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-66-94.mad51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Via
1.1 1c301b860f1012db2b746c01d3e8617f.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
wDUS0CzPHV2QOsGt8j6okpeTOwE8Eb0VtZatiUcqwB098_lP6lTvLg==
Expires
Mon, 03 Jan 2022 22:58:31 GMT

Redirect headers

Access-Control-Allow-Origin
*
Date
Mon, 03 Jan 2022 22:58:31 GMT
Server
Server
Connection
keep-alive
Content-Length
0
Location
http://a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net/test.png
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3340
date
Mon, 03 Jan 2022 22:02:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 04 Jan 2022 00:02:51 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
footer-bg2.png
is.cdn.md/i4/Img/index/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is.cdn.md/i4/Img/index/footer-bg2.png
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
1dbe5850f671cf92fe1d7b55226a830fbe4daba614bf6c6ceeca9e236326930f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Last-Modified
Thu, 25 Apr 2013 11:13:08 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
"ebbbdcdda541ce1:0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
s
84
Content-Length
1781
Expires
Wed, 02 Feb 2022 22:58:31 GMT
/
track.adform.net/adfserve/ Frame E721 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=38516434;rtbwp=YdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw;rtbdata=sE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA&client=ca-pub-5610649146674306&adurl=;js=1;adfxid=1x;7921;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Farsiv.sahadan.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
07577bae1c36962bf85149a3062cf83bcb108139919e856b308d95625c2c7b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3418
expires
-1
r62eglto.js
ad4m.at/ Frame E721 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5414
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVKNoscBb7rwL5AUGdwQhhbysayYYCKvIEhmHo8gTdAOUvXFeNeAp%2FK%2BDDJrQvL1GgEAkkYCXwEZYN6OhbbIhyA4K2DJ2E7eoFgvGqpTnW7kRO2RNl%2BVJpaZpvXDkbP81CRsSxw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Mon, 03 Jan 2022 21:28:17 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c7fd5142eeddfd3-FRA
cf-bgj
minify
/
track.adform.net/csimpr/ Frame E721 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=38516434&csi=1xg-C7aRuxXjOQ8v0yUiGDUNVVTnBafJnKRWaOGiMrDrygPkIxxfk53jef0WnRSGg8ikMff4OV7QQsh_OuzrNGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pixel
googleads.g.doubleclick.net/xbbe/ Frame D85D 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUpUCU7jNl9Cwb6VcZkULFvDuyxur1wthX-hHhfCkwuoJ3AwXg8jLyBT2PT2tq8Es2ONpdB6L4STPamj3HpALwSpkdTWNjFAvOvgpq9cI3fLXhKqbprULxD4kJKU9PH90u3z-FF0xMYZR6TDUNPNZcVD-SGsQouvU6nLTWI1ehjx0zxJtDAPECgS8OomxLU8KK3RO0xhQpvmz9bL0idmnaEYIX4Gg
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 03 Jan 2022 22:58:31 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 207D 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bez3Nja7ETtAcOaeMPksjXTCODagYE27tgMSc5YfBxkCy7pID6nei4DmxjNIxuw46GdNDeipsqSxw6r0F5ZoXxJcHTa_TMyqOkuX4ck1VXMD5eTdcOgo-xZ9d-_7XToAC4IN2LXioH5IdjTYqh3XmDY-JfDw&cry=1&dbm_d=AKAmf-BXkmcfTKuUUjVJPRoyPOb8mvfYwVnfEoA5UwPHRRTCV0tErHqvxl6cQOF8IpiXCAcADBBYlDU3M11AXu787Ong0WjGjW0RXkbMJOAI3_01XY43ZwqfB70CL_0iGaWt7cOCmGz93MKEGOtF08s3c1V6W_rWaGCxzchJp2fAxTfIFGeSrE-DGGG_kyjkfJJkAzOAOjHXU848yJ9Yal5zRr3jQAsxT8sWk7O8HDwqxmBnEoOcBeu96xTslTOodqP20EnM0_KWT7lWXehlccQ20CE9bnkQpoljfEY657pG4qX9afSRkXy3EpZPzsIkLvYdRCDiDNNMstjqbZi9e4kA117CZ0AMAlQcT9g09zfBkmqOL6y-EyLE-J8PvBaS6jaQx09KG_DYDfVsEKqZxJP2y7Pk8FcW7hxUYV4NdlsddAIayXlsmxul-mvcauM0P8GYeSvKX2LNgz8K40Q5yCqdJpO_Oit5SLAwsTcKEHCWH39RuPFD7qMJtKbndUDUlJde8pvJn9k2yNCoOktGE3q_5ELPLcSwKfotEVejIYsPwvL-RbbDf44ymxaSYBDvuSiu3F8850BR47fqO7iYyIJj57EJ1iWCeBTLjs6AojAUrSUJCiEMUFLVL4Df1SOVLPQdtVmHxYLjX27pw8krron2FfvvqAROlcE-XXpM7VgfZFZaG8Oal2SeSUjvy_HsJghCUaAo0e4nKnUFXZzikF4EcHft6V69sfxIIFwLNRSxiUiy2lG9sfzUGbraxOz2MolJLoVLLIgxttHikgFVAkpoDwuLiz78ruFouRA4tLdV3J5Ksw_zBcZ6kW1Z4wQnMfWPN5_MOiXWLh7nCJGrQNWK00-SrhUMj8jlq6TNiSoBxAmktTL41rl2UsbJWqGTnazK4JGseYqxrLlcl804ea_X55oL2RiIN82UD3kZ-oHfmMXO5GsmwubFbRQz9WYXA99ipGaBe4j8c2DroBobfr3e3gANohkNnqJKt09krO3VY-cwtOlG_nWR7enPBKqctMeNkEWefi5XUP3QlA6EUlGkDkWpoBYdUCxRu1BYyXyvfuVJk9aINy9QrjkA1XwoWSld3gKlP0kWNnBI6xnOBqRc1Y1DsZEyDO9bhsbPBckPrhZ1YcFB19mJJoIsgaGHjgaW53r3cAdWKibT18KuPcYWl2zIlrB-4FPVxUSYShYqwhS0hWnf40EHLDFpjO0QmHKCJlgTEonv-qVPLU30Fz_Fo-oGWraA9y4KxeiL64sgG0P1JBGub4VxEJBH1brI2ivo4LaRKlq1y7EKk57S2lWqB9WLP21-fDkk_IYcYXyslPjwe04WVnFq9Jclil-2qw-4OZzeZ2BzHahDbYCfDd628H3WB0Rz3PgG4i0sJK0rV4M2mtzCi28ddwvnDT1MisdqsxpBcCCCYd7JymDAlFbhbKk73yaVHQQBW5lDVuqpXareegUGq3zHBOLos7XTD6xSxqzPDTDhakpKRVpr9wdnrjCtSdTguOl-H2weD-eS1uWrdijSN8gXBWtEZDNUh_dC0ZBTzSdHdhsDlec_mwLefRZmCUlBVmdasuEEGh27g7A13lQ1tSAbwgmlv20gA-cHOU_MwKqJoU3w38K0snLJvtRqtj-rcH7CCyt5P9XH5RcqAl-6sLJi81Shqxge0J1PeSvuTBLR4AMBDBPOw6uC0RwFyh1hDj76JcI7pvAgm_7e1960KfMxOWKkRNSR816EG-DbxFP3Zd6uCrNRMNohw4z1rf21m6ofTHQYlcdP9vnChV98S6PUpnLkwCpH6i6VmDYnBUw-BEB1I2-xEp1iax4goAl9BJqEqD5B_IRuFPIcRmbxA141oTRO-ki4L8g4VXnHjl8isa4B-Vqqilk5c1RmOlIq0DWpKnpRMWYp630EABuQvLdt3UACaX9eGkb44KWzhE4p6UnSR5gJ7tbo1e03rAjSEmgrr7ZWNoJPscG5P82XYVPSGx_4AtCZtS-F2mGZfMfupNMK2GyJ2Hi5lAWDieu4pvY2EuvDSU9WpOvB7bAcB05Vj5VD_B_TrWtEK1N07SLgSzU4QSjRRx0MHAO-DD7huIVyoswqldqJ_ep0fZoR-5ZlQoLtZ57p4lZoeVHiYl0Idh0GZxkHRxJWGVe9eiM5AnDrTw0nWVXputvfoT3EM7Dthz3n2NiZxOah8kTFEcUqorl0FNstZg0e_0SMjnfCIOuoVY4vjqXIAWnV-p8tW8BlUlpfgNHalumpeOOM_ZYA5VvaOEyFSvqCwNndqetDNNlZQDC2oC-jKaeQWLQjhzamxhnP4Ezamhv9zXCa27sLWVaM5w-4UQnAfHY7ZIgLno8Ey3zT9rudIssfKDWYv93hOcX9Ridpntb_ZVpHgdHRQX22MQzTIze2TCJo9WuDMq1QmFobVyGm3X3Q6YJT029yk5eiPQD62Q83fuM-h-h9o4-wCCFSve02cfPM3aFkLjbm_JoC19Pt4ii2TgZQzqcdoKTrvHzWnPeb5EfBs7ovfUi-PMW3qEifs9PphCkDqPsJm7QX9tJmycJPZa_G0628HtJ_EMC-LZaWLWk88WVi7iQErD8IkbONWMnUBNirLShbNFEy1Vfj7SXlae_BubIZ835HwwFUaSLqmKrpwXVhcDCFwyhw0JPMnE8Klyb8ij_gGNhLGv_9GuX09tkXyT_CHcB9ioQdNz2wwVafdC2nSp5YZ0l6MVnbtSm_K6cHMvmYtaP3e1PYE6eBIEt12SzWHN7CulJ-f_kTA14EqsvUk05l4AA6qonDNfsLYlkJuN3hV84_v465KeLQR1Ia65fbEOiiNSA00YFb7qOf-UMKxtHEdcoHBnMBWBGI0s7UYjI4tEdYLfomhW18UnIJu9dkohAztRCuTJ78BLk3wK6NpXzwxxcxigJLrHqopHWD2DqFPeXtjjFDGuMf_I8NEY9wH_TmrKjhv7_2SXT-rZTQv_QzDvNPMLM0nPG93BlxnMLNrsC0s2-y5JhroTdNAJot03ht4MTNj6E1Itt2mKKqTl1PTAz6XiwvXKpb9YCWSp-ATy1MI6iV9mM75X5AWDM6dS8kaJ73ANb68_g8j2GpqsIvgK4Got3ugpf1PDPSUPSoTB0QvRrBwcvsSYOr0yh_jlPoG2YCmp_Q9EOlBDAhSkRc1p3bwWpiYhRq9UJApjEfUKOhcqDY55BvK4vAML0zvhNQC1Iremm4Py-l4ONEfvXl_baO6lWhIfmoOuWL7LwM2j05kD2y4CXLKMjjFOU&cid=CAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w&rfl=1%2Chttp%253A%252F%252Farsiv.sahadan.com%252F%240
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d51ea99e313dbc6911695892cac8ce386c91584e25465345c0f37dfa1a69edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14159
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 207D 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6trZBbpHdb3yDMNhSJ2_rrA1BfNIBKyd90MuNI8-6j-oE7lvHrKQlQEnElaAK7YNCU1f0g_toV5Cyz3MGK_vSpj1a6h13ZgqktFjzDVcw5pkzKSM
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 207D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:52:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 207D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jan 2022 22:58:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 207D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:53:27 GMT
l
www.google.com/ads/measurement/ Frame 207D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMSUbhsP-yEwTSS2hxUcrlI666TfF3C_yFjVGPrMDC8_E0GzMAkYzeIHUa9mv5xYIoUOKwkcZt7fA-JNXy3_hYAvtrRA
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame E721 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 02:31:07 GMT
frame.html
ad4m.at/ Frame 6BE5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires
Mon, 03 Jan 2022 23:58:31 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
497066
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ru3AIGfn%2BVjWC8ldn1gv2Ws%2FpBqEj6oDrxu83YYAjRcXknLgE3MU1UDQgzQFVljDwxpGi5Ot4OYJdeUN%2FlOFseOoUpam5HHkEsX%2FX987zMWYciFln6PLN1duoUEUNgq7C0PwuAw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c7fd514b8d54309-FRA
content-encoding
br
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7045
date
Mon, 03 Jan 2022 21:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 03 Jan 2022 23:01:06 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=365469808&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Saha...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=365469808&utmhn=arsiv.sahadan.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sah...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=1874813665.1641250711&jid=1418327923&_v=5.7.2&z=365469808
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=1874813665.1641250711&jid=1418327923&_v=5.7.2&z=365469808
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 03 Jan 2022 22:58:31 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-241588-1&cid=1874813665.1641250711&jid=1418327923&_v=5.7.2&z=365469808
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
xgemius.js
gatr.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gatr.hit.gemius.pl/xgemius.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-178-33-196.eu
Software
GHC /
Resource Hash
11f438c16ff18db8b5a9dc4812c96dfbee68a411a8933f22a22748538dc12734

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Dec 2021 11:54:27 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
10839
Expires
Tue, 04 Jan 2022 10:58:31 GMT
beacon.js
b.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
HTTP/1.1
Server
13.225.73.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-71.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://arsiv.sahadan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-server-side-encryption
AES256
Date
Mon, 03 Jan 2022 03:48:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 26 Feb 2021 14:35:05 GMT
Server
AmazonS3
Age
146506
ETag
W/"1827f116c73f319409b97f10b8a58ade"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
Yj8TGFGTePzCc5d4XiTntl0J_Bco9fxt7G1OY1fZJOyjORma68eyVw==
rum
dsum-sec.casalemedia.com/ Frame D85D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsCInjXQP0CDBFCTygzT3s&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsCInjXQP0CDBFCTygzT3s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUpUCU7jNl9Cwb6VcZkULFvDuyxur1wthX-hHhfCkwuoJ3AwXg8jLyBT2PT2tq8Es2ONpdB6L4STPamj3HpALwSpkdTWNjFAvOvgpq9cI3fLXhKqbprULxD4kJKU9PH90u3z-FF0xMYZR6TDUNPNZcVD-SGsQouvU6nLTWI1ehjx0zxJtDAPECgS8OomxLU8KK3RO0xhQpvmz9bL0idmnaEYIX4Gg
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 03 Jan 2022 22:58:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsCInjXQP0CDBFCTygzT3s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D85D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdN-l2IlIu05xDlYtyPWoQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsCInjXQP0CDBFCTygzT3s&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsCInjXQP0CDBFCTygzT3s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUpUCU7jNl9Cwb6VcZkULFvDuyxur1wthX-hHhfCkwuoJ3AwXg8jLyBT2PT2tq8Es2ONpdB6L4STPamj3HpALwSpkdTWNjFAvOvgpq9cI3fLXhKqbprULxD4kJKU9PH90u3z-FF0xMYZR6TDUNPNZcVD-SGsQouvU6nLTWI1ehjx0zxJtDAPECgS8OomxLU8KK3RO0xhQpvmz9bL0idmnaEYIX4Gg
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 03 Jan 2022 22:58:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHsCInjXQP0CDBFCTygzT3s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D85D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPP12tyyO2OJtuC4R5TSJbs&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPP12tyyO2OJtuC4R5TSJbs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUpUCU7jNl9Cwb6VcZkULFvDuyxur1wthX-hHhfCkwuoJ3AwXg8jLyBT2PT2tq8Es2ONpdB6L4STPamj3HpALwSpkdTWNjFAvOvgpq9cI3fLXhKqbprULxD4kJKU9PH90u3z-FF0xMYZR6TDUNPNZcVD-SGsQouvU6nLTWI1ehjx0zxJtDAPECgS8OomxLU8KK3RO0xhQpvmz9bL0idmnaEYIX4Gg
Protocol
HTTP/1.1
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:32 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5f7286ac-e83e-422d-8dbe-c8fb3b48fe6c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPP12tyyO2OJtuC4R5TSJbs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D85D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwNzY4OTk1MzA3MTg3MDg0OA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwNzY4OTk1MzA3MTg3MDg0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNUpUCU7jNl9Cwb6VcZkULFvDuyxur1wthX-hHhfCkwuoJ3AwXg8jLyBT2PT2tq8Es2ONpdB6L4STPamj3HpALwSpkdTWNjFAvOvgpq9cI3fLXhKqbprULxD4kJKU9PH90u3z-FF0xMYZR6TDUNPNZcVD-SGsQouvU6nLTWI1ehjx0zxJtDAPECgS8OomxLU8KK3RO0xhQpvmz9bL0idmnaEYIX4Gg
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:31 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4b41943a-c729-4d6e-9a80-f2018d8f4ad3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwNzY4OTk1MzA3MTg3MDg0OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 207D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bez3Nja7ETtAcOaeMPksjXTCODagYE27tgMSc5YfBxkCy7pID6nei4DmxjNIxuw46GdNDeipsqSxw6r0F5ZoXxJcHTa_TMyqOkuX4ck1VXMD5eTdcOgo-xZ9d-_7XToAC4IN2LXioH5IdjTYqh3XmDY-JfDw&cry=1&dbm_d=AKAmf-BXkmcfTKuUUjVJPRoyPOb8mvfYwVnfEoA5UwPHRRTCV0tErHqvxl6cQOF8IpiXCAcADBBYlDU3M11AXu787Ong0WjGjW0RXkbMJOAI3_01XY43ZwqfB70CL_0iGaWt7cOCmGz93MKEGOtF08s3c1V6W_rWaGCxzchJp2fAxTfIFGeSrE-DGGG_kyjkfJJkAzOAOjHXU848yJ9Yal5zRr3jQAsxT8sWk7O8HDwqxmBnEoOcBeu96xTslTOodqP20EnM0_KWT7lWXehlccQ20CE9bnkQpoljfEY657pG4qX9afSRkXy3EpZPzsIkLvYdRCDiDNNMstjqbZi9e4kA117CZ0AMAlQcT9g09zfBkmqOL6y-EyLE-J8PvBaS6jaQx09KG_DYDfVsEKqZxJP2y7Pk8FcW7hxUYV4NdlsddAIayXlsmxul-mvcauM0P8GYeSvKX2LNgz8K40Q5yCqdJpO_Oit5SLAwsTcKEHCWH39RuPFD7qMJtKbndUDUlJde8pvJn9k2yNCoOktGE3q_5ELPLcSwKfotEVejIYsPwvL-RbbDf44ymxaSYBDvuSiu3F8850BR47fqO7iYyIJj57EJ1iWCeBTLjs6AojAUrSUJCiEMUFLVL4Df1SOVLPQdtVmHxYLjX27pw8krron2FfvvqAROlcE-XXpM7VgfZFZaG8Oal2SeSUjvy_HsJghCUaAo0e4nKnUFXZzikF4EcHft6V69sfxIIFwLNRSxiUiy2lG9sfzUGbraxOz2MolJLoVLLIgxttHikgFVAkpoDwuLiz78ruFouRA4tLdV3J5Ksw_zBcZ6kW1Z4wQnMfWPN5_MOiXWLh7nCJGrQNWK00-SrhUMj8jlq6TNiSoBxAmktTL41rl2UsbJWqGTnazK4JGseYqxrLlcl804ea_X55oL2RiIN82UD3kZ-oHfmMXO5GsmwubFbRQz9WYXA99ipGaBe4j8c2DroBobfr3e3gANohkNnqJKt09krO3VY-cwtOlG_nWR7enPBKqctMeNkEWefi5XUP3QlA6EUlGkDkWpoBYdUCxRu1BYyXyvfuVJk9aINy9QrjkA1XwoWSld3gKlP0kWNnBI6xnOBqRc1Y1DsZEyDO9bhsbPBckPrhZ1YcFB19mJJoIsgaGHjgaW53r3cAdWKibT18KuPcYWl2zIlrB-4FPVxUSYShYqwhS0hWnf40EHLDFpjO0QmHKCJlgTEonv-qVPLU30Fz_Fo-oGWraA9y4KxeiL64sgG0P1JBGub4VxEJBH1brI2ivo4LaRKlq1y7EKk57S2lWqB9WLP21-fDkk_IYcYXyslPjwe04WVnFq9Jclil-2qw-4OZzeZ2BzHahDbYCfDd628H3WB0Rz3PgG4i0sJK0rV4M2mtzCi28ddwvnDT1MisdqsxpBcCCCYd7JymDAlFbhbKk73yaVHQQBW5lDVuqpXareegUGq3zHBOLos7XTD6xSxqzPDTDhakpKRVpr9wdnrjCtSdTguOl-H2weD-eS1uWrdijSN8gXBWtEZDNUh_dC0ZBTzSdHdhsDlec_mwLefRZmCUlBVmdasuEEGh27g7A13lQ1tSAbwgmlv20gA-cHOU_MwKqJoU3w38K0snLJvtRqtj-rcH7CCyt5P9XH5RcqAl-6sLJi81Shqxge0J1PeSvuTBLR4AMBDBPOw6uC0RwFyh1hDj76JcI7pvAgm_7e1960KfMxOWKkRNSR816EG-DbxFP3Zd6uCrNRMNohw4z1rf21m6ofTHQYlcdP9vnChV98S6PUpnLkwCpH6i6VmDYnBUw-BEB1I2-xEp1iax4goAl9BJqEqD5B_IRuFPIcRmbxA141oTRO-ki4L8g4VXnHjl8isa4B-Vqqilk5c1RmOlIq0DWpKnpRMWYp630EABuQvLdt3UACaX9eGkb44KWzhE4p6UnSR5gJ7tbo1e03rAjSEmgrr7ZWNoJPscG5P82XYVPSGx_4AtCZtS-F2mGZfMfupNMK2GyJ2Hi5lAWDieu4pvY2EuvDSU9WpOvB7bAcB05Vj5VD_B_TrWtEK1N07SLgSzU4QSjRRx0MHAO-DD7huIVyoswqldqJ_ep0fZoR-5ZlQoLtZ57p4lZoeVHiYl0Idh0GZxkHRxJWGVe9eiM5AnDrTw0nWVXputvfoT3EM7Dthz3n2NiZxOah8kTFEcUqorl0FNstZg0e_0SMjnfCIOuoVY4vjqXIAWnV-p8tW8BlUlpfgNHalumpeOOM_ZYA5VvaOEyFSvqCwNndqetDNNlZQDC2oC-jKaeQWLQjhzamxhnP4Ezamhv9zXCa27sLWVaM5w-4UQnAfHY7ZIgLno8Ey3zT9rudIssfKDWYv93hOcX9Ridpntb_ZVpHgdHRQX22MQzTIze2TCJo9WuDMq1QmFobVyGm3X3Q6YJT029yk5eiPQD62Q83fuM-h-h9o4-wCCFSve02cfPM3aFkLjbm_JoC19Pt4ii2TgZQzqcdoKTrvHzWnPeb5EfBs7ovfUi-PMW3qEifs9PphCkDqPsJm7QX9tJmycJPZa_G0628HtJ_EMC-LZaWLWk88WVi7iQErD8IkbONWMnUBNirLShbNFEy1Vfj7SXlae_BubIZ835HwwFUaSLqmKrpwXVhcDCFwyhw0JPMnE8Klyb8ij_gGNhLGv_9GuX09tkXyT_CHcB9ioQdNz2wwVafdC2nSp5YZ0l6MVnbtSm_K6cHMvmYtaP3e1PYE6eBIEt12SzWHN7CulJ-f_kTA14EqsvUk05l4AA6qonDNfsLYlkJuN3hV84_v465KeLQR1Ia65fbEOiiNSA00YFb7qOf-UMKxtHEdcoHBnMBWBGI0s7UYjI4tEdYLfomhW18UnIJu9dkohAztRCuTJ78BLk3wK6NpXzwxxcxigJLrHqopHWD2DqFPeXtjjFDGuMf_I8NEY9wH_TmrKjhv7_2SXT-rZTQv_QzDvNPMLM0nPG93BlxnMLNrsC0s2-y5JhroTdNAJot03ht4MTNj6E1Itt2mKKqTl1PTAz6XiwvXKpb9YCWSp-ATy1MI6iV9mM75X5AWDM6dS8kaJ73ANb68_g8j2GpqsIvgK4Got3ugpf1PDPSUPSoTB0QvRrBwcvsSYOr0yh_jlPoG2YCmp_Q9EOlBDAhSkRc1p3bwWpiYhRq9UJApjEfUKOhcqDY55BvK4vAML0zvhNQC1Iremm4Py-l4ONEfvXl_baO6lWhIfmoOuWL7LwM2j05kD2y4CXLKMjjFOU&cid=CAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w&rfl=1%2Chttp%253A%252F%252Farsiv.sahadan.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:40:15 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 207D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bez3Nja7ETtAcOaeMPksjXTCODagYE27tgMSc5YfBxkCy7pID6nei4DmxjNIxuw46GdNDeipsqSxw6r0F5ZoXxJcHTa_TMyqOkuX4ck1VXMD5eTdcOgo-xZ9d-_7XToAC4IN2LXioH5IdjTYqh3XmDY-JfDw&cry=1&dbm_d=AKAmf-BXkmcfTKuUUjVJPRoyPOb8mvfYwVnfEoA5UwPHRRTCV0tErHqvxl6cQOF8IpiXCAcADBBYlDU3M11AXu787Ong0WjGjW0RXkbMJOAI3_01XY43ZwqfB70CL_0iGaWt7cOCmGz93MKEGOtF08s3c1V6W_rWaGCxzchJp2fAxTfIFGeSrE-DGGG_kyjkfJJkAzOAOjHXU848yJ9Yal5zRr3jQAsxT8sWk7O8HDwqxmBnEoOcBeu96xTslTOodqP20EnM0_KWT7lWXehlccQ20CE9bnkQpoljfEY657pG4qX9afSRkXy3EpZPzsIkLvYdRCDiDNNMstjqbZi9e4kA117CZ0AMAlQcT9g09zfBkmqOL6y-EyLE-J8PvBaS6jaQx09KG_DYDfVsEKqZxJP2y7Pk8FcW7hxUYV4NdlsddAIayXlsmxul-mvcauM0P8GYeSvKX2LNgz8K40Q5yCqdJpO_Oit5SLAwsTcKEHCWH39RuPFD7qMJtKbndUDUlJde8pvJn9k2yNCoOktGE3q_5ELPLcSwKfotEVejIYsPwvL-RbbDf44ymxaSYBDvuSiu3F8850BR47fqO7iYyIJj57EJ1iWCeBTLjs6AojAUrSUJCiEMUFLVL4Df1SOVLPQdtVmHxYLjX27pw8krron2FfvvqAROlcE-XXpM7VgfZFZaG8Oal2SeSUjvy_HsJghCUaAo0e4nKnUFXZzikF4EcHft6V69sfxIIFwLNRSxiUiy2lG9sfzUGbraxOz2MolJLoVLLIgxttHikgFVAkpoDwuLiz78ruFouRA4tLdV3J5Ksw_zBcZ6kW1Z4wQnMfWPN5_MOiXWLh7nCJGrQNWK00-SrhUMj8jlq6TNiSoBxAmktTL41rl2UsbJWqGTnazK4JGseYqxrLlcl804ea_X55oL2RiIN82UD3kZ-oHfmMXO5GsmwubFbRQz9WYXA99ipGaBe4j8c2DroBobfr3e3gANohkNnqJKt09krO3VY-cwtOlG_nWR7enPBKqctMeNkEWefi5XUP3QlA6EUlGkDkWpoBYdUCxRu1BYyXyvfuVJk9aINy9QrjkA1XwoWSld3gKlP0kWNnBI6xnOBqRc1Y1DsZEyDO9bhsbPBckPrhZ1YcFB19mJJoIsgaGHjgaW53r3cAdWKibT18KuPcYWl2zIlrB-4FPVxUSYShYqwhS0hWnf40EHLDFpjO0QmHKCJlgTEonv-qVPLU30Fz_Fo-oGWraA9y4KxeiL64sgG0P1JBGub4VxEJBH1brI2ivo4LaRKlq1y7EKk57S2lWqB9WLP21-fDkk_IYcYXyslPjwe04WVnFq9Jclil-2qw-4OZzeZ2BzHahDbYCfDd628H3WB0Rz3PgG4i0sJK0rV4M2mtzCi28ddwvnDT1MisdqsxpBcCCCYd7JymDAlFbhbKk73yaVHQQBW5lDVuqpXareegUGq3zHBOLos7XTD6xSxqzPDTDhakpKRVpr9wdnrjCtSdTguOl-H2weD-eS1uWrdijSN8gXBWtEZDNUh_dC0ZBTzSdHdhsDlec_mwLefRZmCUlBVmdasuEEGh27g7A13lQ1tSAbwgmlv20gA-cHOU_MwKqJoU3w38K0snLJvtRqtj-rcH7CCyt5P9XH5RcqAl-6sLJi81Shqxge0J1PeSvuTBLR4AMBDBPOw6uC0RwFyh1hDj76JcI7pvAgm_7e1960KfMxOWKkRNSR816EG-DbxFP3Zd6uCrNRMNohw4z1rf21m6ofTHQYlcdP9vnChV98S6PUpnLkwCpH6i6VmDYnBUw-BEB1I2-xEp1iax4goAl9BJqEqD5B_IRuFPIcRmbxA141oTRO-ki4L8g4VXnHjl8isa4B-Vqqilk5c1RmOlIq0DWpKnpRMWYp630EABuQvLdt3UACaX9eGkb44KWzhE4p6UnSR5gJ7tbo1e03rAjSEmgrr7ZWNoJPscG5P82XYVPSGx_4AtCZtS-F2mGZfMfupNMK2GyJ2Hi5lAWDieu4pvY2EuvDSU9WpOvB7bAcB05Vj5VD_B_TrWtEK1N07SLgSzU4QSjRRx0MHAO-DD7huIVyoswqldqJ_ep0fZoR-5ZlQoLtZ57p4lZoeVHiYl0Idh0GZxkHRxJWGVe9eiM5AnDrTw0nWVXputvfoT3EM7Dthz3n2NiZxOah8kTFEcUqorl0FNstZg0e_0SMjnfCIOuoVY4vjqXIAWnV-p8tW8BlUlpfgNHalumpeOOM_ZYA5VvaOEyFSvqCwNndqetDNNlZQDC2oC-jKaeQWLQjhzamxhnP4Ezamhv9zXCa27sLWVaM5w-4UQnAfHY7ZIgLno8Ey3zT9rudIssfKDWYv93hOcX9Ridpntb_ZVpHgdHRQX22MQzTIze2TCJo9WuDMq1QmFobVyGm3X3Q6YJT029yk5eiPQD62Q83fuM-h-h9o4-wCCFSve02cfPM3aFkLjbm_JoC19Pt4ii2TgZQzqcdoKTrvHzWnPeb5EfBs7ovfUi-PMW3qEifs9PphCkDqPsJm7QX9tJmycJPZa_G0628HtJ_EMC-LZaWLWk88WVi7iQErD8IkbONWMnUBNirLShbNFEy1Vfj7SXlae_BubIZ835HwwFUaSLqmKrpwXVhcDCFwyhw0JPMnE8Klyb8ij_gGNhLGv_9GuX09tkXyT_CHcB9ioQdNz2wwVafdC2nSp5YZ0l6MVnbtSm_K6cHMvmYtaP3e1PYE6eBIEt12SzWHN7CulJ-f_kTA14EqsvUk05l4AA6qonDNfsLYlkJuN3hV84_v465KeLQR1Ia65fbEOiiNSA00YFb7qOf-UMKxtHEdcoHBnMBWBGI0s7UYjI4tEdYLfomhW18UnIJu9dkohAztRCuTJ78BLk3wK6NpXzwxxcxigJLrHqopHWD2DqFPeXtjjFDGuMf_I8NEY9wH_TmrKjhv7_2SXT-rZTQv_QzDvNPMLM0nPG93BlxnMLNrsC0s2-y5JhroTdNAJot03ht4MTNj6E1Itt2mKKqTl1PTAz6XiwvXKpb9YCWSp-ATy1MI6iV9mM75X5AWDM6dS8kaJ73ANb68_g8j2GpqsIvgK4Got3ugpf1PDPSUPSoTB0QvRrBwcvsSYOr0yh_jlPoG2YCmp_Q9EOlBDAhSkRc1p3bwWpiYhRq9UJApjEfUKOhcqDY55BvK4vAML0zvhNQC1Iremm4Py-l4ONEfvXl_baO6lWhIfmoOuWL7LwM2j05kD2y4CXLKMjjFOU&cid=CAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w&rfl=1%2Chttp%253A%252F%252Farsiv.sahadan.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 20:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Dec 2022 20:53:17 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1641250711872&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1641250711872&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3...
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1641250711872&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c9=
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Server
13.225.73.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-22.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
WHx_H2-DUBtWGbDeZHEaKNx9HRdzrWWata2QZlOMG5I2O8pn0vk6eA==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 03 Jan 2022 22:58:31 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035584&c3=&c4=&c5=&c6=&c15=&ns__t=1641250711872&ns_c=UTF-8&cv=3.5&c8=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&c7=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&c9=
content-length
406
x-amz-cf-id
86panFAcrrRY3QcxqHaIyu3gV-eZc1coQ1_47EMtKpL6HU0r8PEeew==
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=21376&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go917;c:1;e:17;hc:4
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
3fe522961b2afb8557a26899324bf63a
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
fpdata.js
gatr.hit.gemius.pl/ 		280 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gatr.hit.gemius.pl/fpdata.js?href=arsiv.sahadan.com
Requested by
Host: gatr.hit.gemius.pl
URL: http://gatr.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-178-33-196.eu
Software
GHC /
Resource Hash
495be5b4906fd6d23b811c042ef22072ba7c0223c8d2957a33fa6fb8162d7d7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
280
expires
Wed, 02 Feb 2022 22:58:31 GMT
lsget.html
ls.hit.gemius.pl/ Frame 71DC 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ls.hit.gemius.pl/lsget.html
Requested by
Host: gatr.hit.gemius.pl
URL: http://gatr.hit.gemius.pl/xgemius.js
Protocol
HTTP/1.1
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
5c0349b745b2c91beafd1092ae016282a01663d79440a718448bd1052ecc8858

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
Expires
Wed, 02 Feb 2022 22:58:31 GMT
Server
GHC
Accept-Ranges
none
Cache-Control
private, max-age=2592000
Last-Modified
Mon, 16 Jul 2012 10:03:40 GMT
ETag
PRIVATE7520710249
Vary
Accept-Encoding,Origin,User-Agent
Cross-Origin-Resource-Policy
cross-origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Type
text/html;charset=utf-8
Content-Length
2720
Content-Encoding
gzip
rs
ad4m.at/ Frame E721 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da7f3e0939689b3a2a6f9d0dacc8d6ca680bd68f66e8026ddd5ce5b429b375e

Request headers

Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c7fd5158cc0d6cd-FRA
date
Mon, 03 Jan 2022 22:58:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITw%2FcUEIP0fmcdlU51aJ%2BpCk0kIoX76IkOMkNwbYvL1K3UQKiCbyIALZshYXiUNP4n%2BLiA0Qyj2vVnKZUBQ%2BlnsH4mStVPAeg9Wg87c7iRvlxIsI62c5czmw0nW8PJ3%2F9keXijY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-9z0n
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 03 Jan 2022 22:58:31 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-9z0n
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srimdy3%2BZq4JIx2bpC5Y3rCUxyTNhYxOCrb%2BawZwM9BAGWDgXD%2FmIKBl71pO5mkxCtTxw3HGo6Q5SV771dEIxUz22U%2Fzn0BU9TgerzlrB5jZSrR65fALVJRTSFxJbvh8qrumpkU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c7fd5155c8cd6cd-FRA
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5E04 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 29 Dec 2021 20:53:34 GMT
expires
Thu, 29 Dec 2022 20:53:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
439497
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=46731&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:31 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go602;c:1;e:24;hc:1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:31
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
1d82ccd32a09dd87ac517533315fb1eb
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
container.html
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5399 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 03 Jan 2022 22:58:31 GMT
expires
Tue, 03 Jan 2023 22:58:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 390C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 03 Jan 2022 22:58:31 GMT
expires
Tue, 03 Jan 2023 22:58:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1547982108&t=pageview&_s=1&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=140208355.1874813665.1641250711.1641250711.1641250711.1&_utmz=140208355.1641250712.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1641250711954&_u=IQBCAEABAAAAAC~&jid=1913802816&gjid=273749288&cid=1874813665.1641250711&tid=UA-241588-1&_gid=2144301582.1641250712&_r=1&_slc=1&z=1431479908
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
cdn.dimml.io/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dimml.io/static/85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8853e974d661a5636217c397d87dd0c3c3c67390b67f0924136430125ea8e933

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-77-POP
frankfurtDE
Date
Mon, 03 Jan 2022 22:58:31 GMT
Content-Encoding
gzip
X-DimML-Version
2.2 vH8ffFv9
X-77-NZT-Ray
v21C+qIWlwg=
Transfer-Encoding
chunked
X-77-Cache
HIT
X-Cache
HIT
Connection
keep-alive
X-77-NZT
AcO1rgVhb4P/jQIAAA==
X-Accel-Expires
@1641251858
Server
CDN77-Turbo
ETag
W/"be1da9f087b3"
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=1800
X-Age
653
Expires
Mon, 3 Jan 2022 23:17:38 GMT
lsget.html
ls.hit.gemius.pl/ Frame 65ED 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html?mode=new
Requested by
Host: ls.hit.gemius.pl
URL: http://ls.hit.gemius.pl/lsget.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
dd58de3902c15d409f0eea272f2d273b3565c7ec1d45fe02e102eb95d4799def

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ls.hit.gemius.pl/

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
expires
Wed, 02 Feb 2022 22:58:32 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2711
content-encoding
gzip
rar
as.ad4m.at/ad/ Frame 0330 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=7014c860c328835e7df58231c776f13a%2F6630878077882258243&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641250711952&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA%26client%3Dca-pub-5610649146674306%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw%3Bcrtbdata%3DsE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6Ha-lgF5_WBtApDuN7OhTDB6uLSLp8O8JBgdwXR2i2DqUvHSfvQbrKWYoB6QNn2QHZ57bdp-DsExYsX4De8FoXoTV-xGKFmUIVEkL36Sy4pNrNccP7cMh0SvW2yZ-XGaBRTJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttp%253a%252f%252farsiv.sahadan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
731b0cf164b6d1cc5c15f70c7a04757865357116ea6a96b8daef5dc6df586b3d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c7fd515e874dfd3-FRA
content-encoding
br
4as54di69f4s
hal9000.redintelligence.net/zone/ Frame 207D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4as54di69f4s?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxLa7l3_TYeLoEpre3wPIo4TYD92t6Khgu4_f1IgK8C4QASC6l-0eYJXikIKgB8gBCakClQjGCvbwsj6oAwGqBOgBT9DtccN_nob0MBfpd3AD46chFW5d_-ePKuUSbvu7CN5w8r_fpZBCUR45INq3AMRn71pzSh9DNHNoWMYWgXuzdAWOUH_tR2WzZp2tEIJkDmIGcTWQFif0-tWlQlgbNoTvKT0YYznpkyEki49zZkkWrAUN7YJIRe7vftsm1MgYlYXuhoFNjT8OMnggmEX4-29Mm2An7wSbWsQW2vMnEz_3XGipc4gmiRVdeu_dqCXIS4H-FrkhXLs7LBrCfEs3Xub5kmCz2-A1wZGYm7znU0JSLjOTne3DEhTk2lLgnxD4f8G0YjIAbPz6-cAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w%26sig%3DAOD64_1OTZ0759Bf-93UGNlrImTjMxm7jA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-DWbReOzBXhOW-zxLe2QtM91n9TkVSbozJ9r_OyBnRtmCaSSSdFWfPoZ0Jme5iBJ6fk6TGQzdQNUu0Ph-akqvMhGEeeu0kfCiCj0YkSdILtiy7ZO2i-BKJLb2q_pDj5GiEcou9eAsjtko_Q0hgICYHlLnmfXg%26cry%3D1%26dbm_d%3DAKAmf-Bx-X1jCSzmVCbSAm0JYLXgf5YBUQWgei4mUmIFLISN7CDRGusEVuZLna9syZbq3CvBXUI2brSdzYgqRjzXqKmI0flM29oT_BD5EIXPGnuNfthBWyhWb5nF-anemJKDT9V8K6CXmYKAkbfVNASTKyIgPjNrSK6NG1d2kpjYtIvchul8_PTXTHkAYkvmVjb6_GsPexOGMYL5qYZRym4R5m5Jcs3dz_-IVRkpcOKcBSlBpliQBoLBKAf-zal4Gq546IjucFr2Id6QzlZ6AlHN-u8A9N9haHTkXVwXc4C5tXfBDhiG98H4PiM5fWpfTnn2KZqWiOdkVk8v9xeOXPHvnZ6eZjR4aL2Hxu6DHO-Tca5-EMVFt5tZSdNxU1obxZS_PQ-Zvg4mN542_RT-mIHABOOeusKZtpLHEshmsu46qs-bD2y5s9QXAfg7am-BTFxjCQLH_SmRvCjvk5tDPzA7HMmJ5YKWqQ%26adurl%3D
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1e2b3b135068bbdabcef19f4a0cf04512ff34f07fff5ead866c64f4a51232ca5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3944
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=29753&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go602;cs:cp:cache_z_29753_*_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:32
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
3ad9f0bba9e84700da6746ef87c21338
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
adview
securepubads.g.doubleclick.net/pagead/ Frame 5399 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFtpil3_TYfbyKdyx3gP-lIroD_7T969czs-92OoCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQngAgCoAwGqBIYCT9CmRFZ1tAhtuVguQ2hGvtjkyXWEby2n9ahMQzcEyooSEp3vaTVDVV24WfdFp95Y_1WyFrqmCcQ9jiLexuClrn1N2fcXb86Ii_cTy_N1NBLzpZ6ZfXEpwNK8vkeu4RxZBpLnvK9ulat09vGknxtzLmzmHI6tOQARwwdCoqlbH33NlNlQSjZy33NerRTNqH2UuARZWTSciT6_Oh_96OjAVoIKSWoew127_1BIUF22psZGVeS_xGwmAcuKQsNXG4ozTDPnwxA8SOavjfqa99Z7vLZ2TEt-X8Ku7wk_4FbPjxD3QLz91ET1I2vwK88MBCVfN5bS-5Nv_E3-Jgqh4cK8XPCjKhucM-AEAYAG4LmmrJ_zz99uoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTEzODYwOTUyNTM0NTYwNDaACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTYxMDY0OTE0NjY3NDMwNhjqoxw&sigh=GU1jtnxNHJU&uach_m=[UACH]&cid=CAQSOwCNIrLMVsoo63O0r43m9rIf9SSFziqtDtiK8TBPCM06vX4xmTdwT9Ar4Q0MIi0YlDrjOqlyMSaVddbDGAE&tpd=AGWhJmvjj5IiBBRsbOm38T6vXPdfsM440zBJDlt9zttexeqDd5fR_7W2SRMauekdEP1xSeEczvUrFw5XnVWwe2pkxjjpvBUfivABDfZTROPpAxaTMgBi4IFGhzu-FIDzFj1eQ2pC6jIOaL3BExiSZ-q-AYDdfKmxkdJb7uHfSwW4VEsyEOCWsywxXAGyydc9Ws2hscTxAX0_BIFuYzQF8t0_aYvhxm8FGkgQ4EXOT9LFmdHwRovKgzPZ2nMV0sdfkQRI_Ulc_mHw_MuV7r9PaBfOzkN_UqSiylOLYqnFlcsf9IlSNzKf63aLcYnVULi3xifFtVL0Epw-cZcxWjejrYWZe7J3Car7I5FiU1WlU_dDA_kP-i9sCv-tkhZs4B7wmicHd61m1y0P-OQuUxfUckFUQW4noqFJHrxqrvQ3bgi6A8z1SrddaYxwiR4ODO6RqDYP5I3XIPzuw45I0wwjBy_snAu3nyth5t0QZsR2A4dcuJad1qTIgtCn2UsdmceINEJ9E9gF6vePb95ipSe4fs5W1ZqCZKhZKQp2zPm4O-JsWNNI14tucif455CfBU_YpwfQpGeW0yEMmSGsTL71gxuUkpru2JDzzBnNhu82G5XQNSz7d84GI0jcrbQ3dM6hbfy80R1j_gvFqpmwNbohEBDhuEXidfc79A173sBawwLh_-5erWfSi3rBNCYXbtxLSFoE-UEJGyXTXyjQ7QxsjxTj6dFYVrsk9UF_R7KJixqbYyak1FYn_z57MgNLPbhuF_qzOkIWZW_DQ0ZSbxHD
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame 5399 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=52142524;rtbwp=6889CDF5D1A0ADDA;rtbdata=wLCLH7Qx5BItcoKEM0VL7476ym7NIEljgeDAxWy9rsgf5PNl6HGOVaje0Y2w_vbMSjX5QGPyWYn4uf6b0djfb-ZnlvOqCbAn9b1r_ivO7-El8xvK_c-ftqUykxTt35aYu9QiePAH6JO5ORwtP4WqI8C9TGBfi-bEQycCk0pLcQ3vY_62RrtkV7k_9LrqvXsF6Nzm_LsoJ8ynWa4ggzrBdRWZ-isAxLH4hcLmOXPjuhAAUKcgkvmFrWE0KHBMf56jPpnLvINlvql_eeAKAYj1UovdTN9trICJXP5m27UeBIa02hrczxrC_Z3A9jIAdupbswLgU9SqEzahAuvJ93W9c3loU5_Pt-RIV3QhYBmYepHsXPCIrRbToVjtHEPMQt9sJrhyrIZ1nfiEWC8jj7Mo7DCGBCp5YOq1RStB_CAD72ftbdN7unfWxVfJr6defO_SuPQKSqhmM_sqHZ2FIwT8fzQepmQQCWG4vfCzB8a3cfdDTwcx3kyJK3Nyo6MxJZ0_4UFuhV40q881;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/b20d4f52-a088-483b-8909-8050d2153e4e/
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0cf2453617f4e4fb8414b5da9e8ec53747747926ca60ac7c8e469c3a0498a775
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1225
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5399 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:52:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5399 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jan 2022 22:58:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5399 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:53:27 GMT
l
www.google.com/ads/measurement/ Frame 5399 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTs_Dlnl_CK0nX79TouQcWJfqbVfQ-QV7UG97wp5RHjLa7W6-Nyei74ElIAJvxDqNjjo12-eyJFuedEN8j0aZIFwaPAqA
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5399 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 09:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 09:58:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 390C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9W_Nl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEhwJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgCQqdDpq54nARZ61hXQSAfNQh7l1LHCGKv-wuD2ikAQJT0Ex56NyuAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU2MTA2NDkxNDY2NzQzMDYY6qMc&sigh=22V_zKWVHec&uach_m=[UACH]&cid=CAQSOwCNIrLMVsoo63O0r43m9rIf9SSFziqtDtiK8TBPCM06vX4xmTdwT9Ar4Q0MIi0YlDrjOqlyMSaVddbDGAE
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 390C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g4gqqnvc7s56dwsv638mepyqjmj7ka8jghm96wq3shjnk2ypb4wagxace028vmrvspjtrdfwjrytfqmbtkfv76ww4z5qrby3kqsv0w8943eb97heg9m36nr9anat5xcy6xf6nvcwchg6z3q6engg6hp8kz7xnc08s6bf2d6tjgn8b7bcbb99jwnzzhdqgrp8zdqh0wcqj8v6cnhh69w9mck1zrfs984y1152kmyc859cgx77cdzm922bqtccw66z0kachv0cd3s066es975483cgq0nfftgx0408s2dh5rtmq53vgn6z76msk8gnxngy1b2gdd5d3812zt9ggq9s1svsbrf0mbmyt1wz533ab6qbca8qptzkn95fttc9dyfjb74vsvcqhhm228mfjwfc55dbk9hm&b=YdN_lwAKeXcKd5jcAAKKfhcViOMlvXTNTh_bxw
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 03 Jan 2022 22:58:32 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame DF97 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kcwr9xd6kfa6e4q8r423gk8ggs9z0v22dvdaf38f226r3gw50mhqg0ewcw4e9w7z034fe9vhr1nhh477zywhnxnba9qysqw0x01yfn1ytkkjy3pxz5e178zzs87cntsrwntt545dvhrkqrpdqvj4g8f36963r3mqxhjtmdr7azf91cmk48arj189e81z1qn51hbcn9rmgfkfsth48kbzr7zw3nbwsgdevezg6wpq19977k534e0pq2ksqstrq7ksbv0ec4x41abx7gy06y35jcpfhfft6nmd8ew3rmasa3qc52khwgf238tst40y4mm67pmd18gpz8rz18jxnwrdfgsfd5nkr3k9da2kpcaszy7jzngf3v513ksjtym79dn8ge238y1shpnkebkmkmmjqgh6jmbv3fg4hgwh8ejkajv596hs00cp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%26client%3Dca-pub-5610649146674306%26adurl%3D
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2404449674744c9dd2c7d80b12f9f2d51ca217855ee0f96d0f6948cb21ab7cc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c7fd51608b0dfd3-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 390C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:52:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2F95 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 13:26:12 GMT
expires
Tue, 04 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
34340
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 390C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jan 2022 22:58:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 390C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jan 2022 22:53:27 GMT
l
www.google.com/ads/measurement/ Frame 390C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzVp0sacsklfakEWXyQBmb82SpW16SDtC2DRnkBr3lihn4uC3ng-HLv-Pmvcu3QNuVJVdJiMQckN1ALSwZTW-74xI_qA
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 390C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 09:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 03 Jan 2023 09:58:22 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-241588-1&cid=1874813665.1641250711&jid=1913802816&gjid=273749288&_gid=2144301582.1641250712&_u=IQBCAEAAAAAAAC~&z=1498483317
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 03 Jan 2022 22:58:32 GMT
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame 5E04 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 03:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 03:41:49 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 0330 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=7014c860c328835e7df58231c776f13a%2F6630878077882258243&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641250711952&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA%26client%3Dca-pub-5610649146674306%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw%3Bcrtbdata%3DsE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6Ha-lgF5_WBtApDuN7OhTDB6uLSLp8O8JBgdwXR2i2DqUvHSfvQbrKWYoB6QNn2QHZ57bdp-DsExYsX4De8FoXoTV-xGKFmUIVEkL36Sy4pNrNccP7cMh0SvW2yZ-XGaBRTJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttp%253a%252f%252farsiv.sahadan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=7014c860c328835e7df58231c776f13a%2F6630878077882258243&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641250711952&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA%26client%3Dca-pub-5610649146674306%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw%3Bcrtbdata%3DsE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6Ha-lgF5_WBtApDuN7OhTDB6uLSLp8O8JBgdwXR2i2DqUvHSfvQbrKWYoB6QNn2QHZ57bdp-DsExYsX4De8FoXoTV-xGKFmUIVEkL36Sy4pNrNccP7cMh0SvW2yZ-XGaBRTJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttp%253a%252f%252farsiv.sahadan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
455608
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 29 Dec 2021 16:25:04 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c7fd5162c804309-FRA
cf-bgj
minify
5AB092BD787840B9931BEBD6132F4DDCCA6E5AEAFAE0E472C907DDB17AC4B4BC3FCE56755B887D78372329D381B712ABA15DC50999E183DBCD450D4207D340CB
assets.ad4m.at/product_image/ Frame 0330 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/5AB092BD787840B9931BEBD6132F4DDCCA6E5AEAFAE0E472C907DDB17AC4B4BC3FCE56755B887D78372329D381B712ABA15DC50999E183DBCD450D4207D340CB
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36036&b=QxZt4fY4xQf6eAaxH8tRHGtpkqFDT4TeAsV&f=2b9F6f6dKmFV5GCVH6tbHwCAdpTWT7TRPFg&c=970&d=250&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=7014c860c328835e7df58231c776f13a%2F6630878077882258243&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1641250711952&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCoVd2l3_TYZebBoWD3wOjoa24C_PYq5NcybzUs6IHwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDbIAQmpAnBzDuAm87I-4AIAqAMBqgT1AU_Qfg9fXNB0wgEbhcDq9jRbQHKeSBwwurcpJP0wK6MR0O5-EpJQE2qXNQfKql6xS9MekO3-GCc8r2bIz8UNzCMLffj8zZut5Ahjhp674i71us7g-OHjI8lJeNkPE2UUmZJRX1CE2gTG0Rfh37Dpq814548ujsXD_kmBWzK4utzn8MQo1GJS_t2diK9WaxFkXY22NXguYwe0KQjR5ERB9xPmt2pnKqT0xVaujS9EaHnIzvtTk0RT2CV1Men9Ki3vZFIQYNNZwzzoeJWn-CI9zKQdRUKW04apWTJose4kZWIn3iYZYPE57bKHp_6wDLlmqESHL8Cg4AQBgAaE9_Gb99aZ-xigBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tMTM4NjA5NTI1MzQ1NjA0NvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0o2l_D6ZjgKF0qdgS03Rm4QlNWlA%26client%3Dca-pub-5610649146674306%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516434%3Bcrtbwp%3DYdN_lwABjZcKd8GFAAtQozweLfLyq5D6inosrw%3Bcrtbdata%3DsE7aJDcJueiMrjW_50p8AscesxPzM1eivJbO3OvLZRvMtDYJzFKDAUo1-UBj8lmJ-Ln-m9HY32_mZ5bzqgmwJ_W9a_4rzu_hJfMbyv3Pn7ZL9zcdPPmP9LxJNI6Xvhim7CMaxRryXCUln9qNr5QAIPHGkXydYrKmOyRlL3lRdunC5aMfAMXq6-g66hxb0hdKuNFrv7inaYJe4qwTvV156JbZWf8s_U2hLLp70aDZ5yB000vk2_88BKCuLJigarrccjoJe0Dcz_GCayJGOnKmgleIfkJU2xKY7qGXl8fzGK0Ymc1E2lYnQVHiqyTNQ3sRomN1-c6UvUo1%3Badfibeg%3D0%3Bcdata%3D7VisvzeG6Ha-lgF5_WBtApDuN7OhTDB6uLSLp8O8JBgdwXR2i2DqUvHSfvQbrKWYoB6QNn2QHZ57bdp-DsExYsX4De8FoXoTV-xGKFmUIVEkL36Sy4pNrNccP7cMh0SvW2yZ-XGaBRTJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttp%253a%252f%252farsiv.sahadan.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c582ef349c1cc16471a86d96735d6640c93a471bfd2e708534609e37dcc25cac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=5LG8zg==, md5=DzKVx7qj0xQorERJ32DesA==
date
Mon, 03 Jan 2022 22:58:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
563073
cf-polished
qual=85, origFmt=jpeg, origSize=154659
x-guploader-uploadid
ADPycdtne1cpSef2DeKn70HCANLT8qOEK_en6AcRSAtSPrzOHTOjpyccEETzey_h3cJmLJj-8AWdrp9B2C-XvHPx282PpQnQrA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29668
last-modified
Tue, 28 Dec 2021 10:33:58 GMT
server
cloudflare
etag
"0f3295c7baa3d31428ac4449df60deb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DEeFhJsIVw6V7tNrlDkpjU4f24XDjDd6E9Mjrr7E0o3OnxdlFwF7FYkDSExIwj9mtHN38KaZUe6KrpeQaP590KHSn89tAkd8xB6VolNqXwI7Ay2e8FZWv1mJW15iRPw8DOxTstegwcK8cV1"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1640687638156805
content-type
image/webp
expires
Tue, 04 Jan 2022 22:58:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
154659
accept-ranges
bytes
cf-ray
6c7fd51638f5dfd3-FRA
cf-bgj
imgq:85,h2pri
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 5399 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52142524;rtbwp=6889CDF5D1A0ADDA;rtbdata=wLCLH7Qx5BItcoKEM0VL7476ym7NIEljgeDAxWy9rsgf5PNl6HGOVaje0Y2w_vbMSjX5QGPyWYn4uf6b0djfb-ZnlvOqCbAn9b1r_ivO7-El8xvK_c-ftqUykxTt35aYu9QiePAH6JO5ORwtP4WqI8C9TGBfi-bEQycCk0pLcQ3vY_62RrtkV7k_9LrqvXsF6Nzm_LsoJ8ynWa4ggzrBdRWZ-isAxLH4hcLmOXPjuhAAUKcgkvmFrWE0KHBMf56jPpnLvINlvql_eeAKAYj1UovdTN9trICJXP5m27UeBIa02hrczxrC_Z3A9jIAdupbswLgU9SqEzahAuvJ93W9c3loU5_Pt-RIV3QhYBmYepHsXPCIrRbToVjtHEPMQt9sJrhyrIZ1nfiEWC8jj7Mo7DCGBCp5YOq1RStB_CAD72ftbdN7unfWxVfJr6defO_SuPQKSqhmM_sqHZ2FIwT8fzQepmQQCWG4vfCzB8a3cfdDTwcx3kyJK3Nyo6MxJZ0_4UFuhV40q881;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/b20d4f52-a088-483b-8909-8050d2153e4e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 02:26:04 GMT
request.php
hal900015.redintelligence.net/ Frame 207D
Redirect Chain
  • https://hal900015.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=951f813a0e&subid=&uid=e9796d4a9074e978&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900015.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=951f813a0e&subid=&uid=e9796d4a9074e978&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=951f813a0e&subid=&uid=e9796d4a9074e978&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxLa7l3_TYeLoEpre3wPIo4TYD92t6Khgu4_f1IgK8C4QASC6l-0eYJXikIKgB8gBCakClQjGCvbwsj6oAwGqBOgBT9DtccN_nob0MBfpd3AD46chFW5d_-ePKuUSbvu7CN5w8r_fpZBCUR45INq3AMRn71pzSh9DNHNoWMYWgXuzdAWOUH_tR2WzZp2tEIJkDmIGcTWQFif0-tWlQlgbNoTvKT0YYznpkyEki49zZkkWrAUN7YJIRe7vftsm1MgYlYXuhoFNjT8OMnggmEX4-29Mm2An7wSbWsQW2vMnEz_3XGipc4gmiRVdeu_dqCXIS4H-FrkhXLs7LBrCfEs3Xub5kmCz2-A1wZGYm7znU0JSLjOTne3DEhTk2lLgnxD4f8G0YjIAbPz6-cAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w%26sig%3DAOD64_1OTZ0759Bf-93UGNlrImTjMxm7jA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-DWbReOzBXhOW-zxLe2QtM91n9TkVSbozJ9r_OyBnRtmCaSSSdFWfPoZ0Jme5iBJ6fk6TGQzdQNUu0Ph-akqvMhGEeeu0kfCiCj0YkSdILtiy7ZO2i-BKJLb2q_pDj5GiEcou9eAsjtko_Q0hgICYHlLnmfXg%26cry%3D1%26dbm_d%3DAKAmf-Bx-X1jCSzmVCbSAm0JYLXgf5YBUQWgei4mUmIFLISN7CDRGusEVuZLna9syZbq3CvBXUI2brSdzYgqRjzXqKmI0flM29oT_BD5EIXPGnuNfthBWyhWb5nF-anemJKDT9V8K6CXmYKAkbfVNASTKyIgPjNrSK6NG1d2kpjYtIvchul8_PTXTHkAYkvmVjb6_GsPexOGMYL5qYZRym4R5m5Jcs3dz_-IVRkpcOKcBSlBpliQBoLBKAf-zal4Gq546IjucFr2Id6QzlZ6AlHN-u8A9N9haHTkXVwXc4C5tXfBDhiG98H4PiM5fWpfTnn2KZqWiOdkVk8v9xeOXPHvnZ6eZjR4aL2Hxu6DHO-Tca5-EMVFt5tZSdNxU1obxZS_PQ-Zvg4mN542_RT-mIHABOOeusKZtpLHEshmsu46qs-bD2y5s9QXAfg7am-BTFxjCQLH_SmRvCjvk5tDPzA7HMmJ5YKWqQ%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=6211903583909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c9f87658a7b94edb8cfb9d5a4eac38e02356f844c196f3ae616af4874b677acd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:32 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
89026200375653600757589011828015
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
715
Expires
Mon, 03 Jan 2022 22:58:32 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=951f813a0e&subid=&uid=e9796d4a9074e978&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxLa7l3_TYeLoEpre3wPIo4TYD92t6Khgu4_f1IgK8C4QASC6l-0eYJXikIKgB8gBCakClQjGCvbwsj6oAwGqBOgBT9DtccN_nob0MBfpd3AD46chFW5d_-ePKuUSbvu7CN5w8r_fpZBCUR45INq3AMRn71pzSh9DNHNoWMYWgXuzdAWOUH_tR2WzZp2tEIJkDmIGcTWQFif0-tWlQlgbNoTvKT0YYznpkyEki49zZkkWrAUN7YJIRe7vftsm1MgYlYXuhoFNjT8OMnggmEX4-29Mm2An7wSbWsQW2vMnEz_3XGipc4gmiRVdeu_dqCXIS4H-FrkhXLs7LBrCfEs3Xub5kmCz2-A1wZGYm7znU0JSLjOTne3DEhTk2lLgnxD4f8G0YjIAbPz6-cAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w%26sig%3DAOD64_1OTZ0759Bf-93UGNlrImTjMxm7jA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-DWbReOzBXhOW-zxLe2QtM91n9TkVSbozJ9r_OyBnRtmCaSSSdFWfPoZ0Jme5iBJ6fk6TGQzdQNUu0Ph-akqvMhGEeeu0kfCiCj0YkSdILtiy7ZO2i-BKJLb2q_pDj5GiEcou9eAsjtko_Q0hgICYHlLnmfXg%26cry%3D1%26dbm_d%3DAKAmf-Bx-X1jCSzmVCbSAm0JYLXgf5YBUQWgei4mUmIFLISN7CDRGusEVuZLna9syZbq3CvBXUI2brSdzYgqRjzXqKmI0flM29oT_BD5EIXPGnuNfthBWyhWb5nF-anemJKDT9V8K6CXmYKAkbfVNASTKyIgPjNrSK6NG1d2kpjYtIvchul8_PTXTHkAYkvmVjb6_GsPexOGMYL5qYZRym4R5m5Jcs3dz_-IVRkpcOKcBSlBpliQBoLBKAf-zal4Gq546IjucFr2Id6QzlZ6AlHN-u8A9N9haHTkXVwXc4C5tXfBDhiG98H4PiM5fWpfTnn2KZqWiOdkVk8v9xeOXPHvnZ6eZjR4aL2Hxu6DHO-Tca5-EMVFt5tZSdNxU1obxZS_PQ-Zvg4mN542_RT-mIHABOOeusKZtpLHEshmsu46qs-bD2y5s9QXAfg7am-BTFxjCQLH_SmRvCjvk5tDPzA7HMmJ5YKWqQ%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=6211903583909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 03 Jan 2022 22:58:32 +0100
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame DF97 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kcwr9xd6kfa6e4q8r423gk8ggs9z0v22dvdaf38f226r3gw50mhqg0ewcw4e9w7z034fe9vhr1nhh477zywhnxnba9qysqw0x01yfn1ytkkjy3pxz5e178zzs87cntsrwntt545dvhrkqrpdqvj4g8f36963r3mqxhjtmdr7azf91cmk48arj189e81z1qn51hbcn9rmgfkfsth48kbzr7zw3nbwsgdevezg6wpq19977k534e0pq2ksqstrq7ksbv0ec4x41abx7gy06y35jcpfhfft6nmd8ew3rmasa3qc52khwgf238tst40y4mm67pmd18gpz8rz18jxnwrdfgsfd5nkr3k9da2kpcaszy7jzngf3v513ksjtym79dn8ge238y1shpnkebkmkmmjqgh6jmbv3fg4hgwh8ejkajv596hs00cp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%26client%3Dca-pub-5610649146674306%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kcwr9xd6kfa6e4q8r423gk8ggs9z0v22dvdaf38f226r3gw50mhqg0ewcw4e9w7z034fe9vhr1nhh477zywhnxnba9qysqw0x01yfn1ytkkjy3pxz5e178zzs87cntsrwntt545dvhrkqrpdqvj4g8f36963r3mqxhjtmdr7azf91cmk48arj189e81z1qn51hbcn9rmgfkfsth48kbzr7zw3nbwsgdevezg6wpq19977k534e0pq2ksqstrq7ksbv0ec4x41abx7gy06y35jcpfhfft6nmd8ew3rmasa3qc52khwgf238tst40y4mm67pmd18gpz8rz18jxnwrdfgsfd5nkr3k9da2kpcaszy7jzngf3v513ksjtym79dn8ge238y1shpnkebkmkmmjqgh6jmbv3fg4hgwh8ejkajv596hs00cp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%26client%3Dca-pub-5610649146674306%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
455608
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 29 Dec 2021 16:25:04 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c7fd5166d4b4309-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame DF97 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kcwr9xd6kfa6e4q8r423gk8ggs9z0v22dvdaf38f226r3gw50mhqg0ewcw4e9w7z034fe9vhr1nhh477zywhnxnba9qysqw0x01yfn1ytkkjy3pxz5e178zzs87cntsrwntt545dvhrkqrpdqvj4g8f36963r3mqxhjtmdr7azf91cmk48arj189e81z1qn51hbcn9rmgfkfsth48kbzr7zw3nbwsgdevezg6wpq19977k534e0pq2ksqstrq7ksbv0ec4x41abx7gy06y35jcpfhfft6nmd8ew3rmasa3qc52khwgf238tst40y4mm67pmd18gpz8rz18jxnwrdfgsfd5nkr3k9da2kpcaszy7jzngf3v513ksjtym79dn8ge238y1shpnkebkmkmmjqgh6jmbv3fg4hgwh8ejkajv596hs00cp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%26client%3Dca-pub-5610649146674306%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5415
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xXxlymNV242TTZcnoJwkfRX6KCMwbDS7t9tEMNgZA0LqaJ5GbQ8EsPkd4QJgkj0FYjTZTzrYQNMEGaC2Gc%2BPxlyCD%2Fy6UcZOHHlBvdSjY0jYGEKWyBzdPHPRgG4hajUllrQDIs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Mon, 03 Jan 2022 21:28:17 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c7fd5166d4f4309-FRA
cf-bgj
minify
/
track.adform.net/adfserve/ Frame 5399 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=52142524;rtbwp=6889CDF5D1A0ADDA;rtbdata=wLCLH7Qx5BItcoKEM0VL7476ym7NIEljgeDAxWy9rsgf5PNl6HGOVaje0Y2w_vbMSjX5QGPyWYn4uf6b0djfb-ZnlvOqCbAn9b1r_ivO7-El8xvK_c-ftqUykxTt35aYu9QiePAH6JO5ORwtP4WqI8C9TGBfi-bEQycCk0pLcQ3vY_62RrtkV7k_9LrqvXsF6Nzm_LsoJ8ynWa4ggzrBdRWZ-isAxLH4hcLmOXPjuhAAUKcgkvmFrWE0KHBMf56jPpnLvINlvql_eeAKAYj1UovdTN9trICJXP5m27UeBIa02hrczxrC_Z3A9jIAdupbswLgU9SqEzahAuvJ93W9c3loU5_Pt-RIV3QhYBmYepHsXPCIrRbToVjtHEPMQt9sJrhyrIZ1nfiEWC8jj7Mo7DCGBCp5YOq1RStB_CAD72ftbdN7unfWxVfJr6defO_SuPQKSqhmM_sqHZ2FIwT8fzQepmQQCWG4vfCzB8a3cfdDTwcx3kyJK3Nyo6MxJZ0_4UFuhV40q881;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fb20d4f52-a088-483b-8909-8050d2153e4e%2f;js=1;adfxid=2x;7262;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Farsiv.sahadan.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
498a7548ebd71cced7c4de147421721d3a2adc351ffa90dbd9442c40a14a0ed2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2742
expires
-1
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=26436&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go601;cs:cp:cache_z_26436_*_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:32
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
12dd631cbe646cd63994e2c02763647d
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
pixel
cm.g.doubleclick.net/ Frame 2F95
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH9h9Pvo6gN_dB_OVg-J3aA&google_push=AYg5qPIdTzUcLI_yn5gEIBX5frKBuo8zLe02e-5PaR5LbOMqiWzB03nGlA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH9h9Pvo6gN_dB_OVg-J3aA&google_push=AYg5qPIdTzUcLI_yn5gEIBX5frKBuo8zLe02e-5PaR5LbOMqiWzB03nGlAJXNolA0jr6m2379jH0kyHohx8cmzb16OSF3DFsTKWB
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1641250712.424963,VS0,VE89
x-served-by
cache-hhn4037-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH9h9Pvo6gN_dB_OVg-J3aA&google_push=AYg5qPIdTzUcLI_yn5gEIBX5frKBuo8zLe02e-5PaR5LbOMqiWzB03nGlAJXNolA0jr6m2379jH0kyHohx8cmzb16OSF3DFsTKWB
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2F95 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIOlXLxhhsIym8WQ5EyA1iY&google_cver=1&google_push=AYg5qPLmObVgfGjPsLU_GPtbxtB5yjWJArMMQqu46UY5w3bmR_mk4ES3fxTR1z7iWeV_YX774CUInI_M-TNMA54OyVK-_8BYn-WFjA
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 2F95
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBWI2OvlS_SPtx55XLBISC0&google_cver=1&google_push=AYg5qPJNs90ztMrDr6foAwalst7lzjImpoSBGKnfMf4KYZTLNJob_dBOnQpp1PUk8yFFW8cPNLMITT6r3E...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEBWI2OvlS_SPtx55XLBISC0&google_cver=1&google_push=AYg5qPJNs90ztMrDr6foAwalst7lzjImpoSBGKnfMf4KYZTLNJob_dBOnQpp1PUk8yFFW8cPNLMITT6r3E...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJNs90ztMrDr6foAwalst7lzjImpoSBGKnfMf4KYZTLNJob_dBOnQpp1PUk8yFFW8cPNLMITT6r3EBFMv21gH84RGdwwCY9&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJNs90ztMrDr6foAwalst7lzjImpoSBGKnfMf4KYZTLNJob_dBOnQpp1PUk8yFFW8cPNLMITT6r3EBFMv21gH84RGdwwCY9&google_hm=
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jan 2022 22:58:32 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPJNs90ztMrDr6foAwalst7lzjImpoSBGKnfMf4KYZTLNJob_dBOnQpp1PUk8yFFW8cPNLMITT6r3EBFMv21gH84RGdwwCY9&google_hm=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 2F95
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECDXuEfM4dJMBNijWjqTktY&google_cver=1&google_push=AYg5qPK60bK1ghJA0xfY-Z_b10cnMYA26UnXs01CGyUZH4T22dnE1eaW1JDR7dl0xpJga6WZHfsMIswEFym_SHvzunlc...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECDXuEfM4dJMBNijWjqTktY&google_cver=1&google_push=AYg5qPK60bK1ghJA0xfY-Z_b10cnMYA26UnXs01CGyUZH4T22dnE1eaW1JDR7dl0xpJga6WZHfsMIswEFym_SH...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=106ee5b3-e274-448a-9a9a-fc732e91f9c2&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK60bK1ghJA0xfY-Z_b10cnMYA26UnXs01CGyUZH4T22dnE1eaW1JDR7dl0xpJga6WZHfsMIswEFym_SHvzunlcmJ84qkDmuQ&google_hm=XSC595RqQkGUHbLlXTRgRA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK60bK1ghJA0xfY-Z_b10cnMYA26UnXs01CGyUZH4T22dnE1eaW1JDR7dl0xpJga6WZHfsMIswEFym_SHvzunlcmJ84qkDmuQ&google_hm=XSC595RqQkGUHbLlXTRgRA==
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK60bK1ghJA0xfY-Z_b10cnMYA26UnXs01CGyUZH4T22dnE1eaW1JDR7dl0xpJga6WZHfsMIswEFym_SHvzunlcmJ84qkDmuQ&google_hm=XSC595RqQkGUHbLlXTRgRA==
Date
Mon, 03 Jan 2022 22:58:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2F95
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECOzm1r0JicKMcafKj4vk8Q&google_cver=1&google_push=AYg5qPJIDNLReHzRHFDZC63CknKAcme744WHYpiyeMDEgkGXSHCv-s2l5AA66bi8JalO3s7oZ0r...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1haQUFRVTYtMjAtSThQMw==&google_push=AYg5qPJIDNLReHzRHFDZC63CknKAcme744WHYpiyeMDEgkGXSHCv-s2l5AA66bi8JalO3s7oZ0r8FaddL3TlLL93MPNkHuMvf2nO0g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1haQUFRVTYtMjAtSThQMw==&google_push=AYg5qPJIDNLReHzRHFDZC63CknKAcme744WHYpiyeMDEgkGXSHCv-s2l5AA66bi8JalO3s7oZ0r8FaddL3TlLL93MPNkHuMvf2nO0g
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1haQUFRVTYtMjAtSThQMw==&google_push=AYg5qPJIDNLReHzRHFDZC63CknKAcme744WHYpiyeMDEgkGXSHCv-s2l5AA66bi8JalO3s7oZ0r8FaddL3TlLL93MPNkHuMvf2nO0g
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2F95
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEO1qds-2lOeBnohHMOqH3V4&google_cver=1&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkw...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO1qds-2lOeBnohHMOqH3V4&google_cver=1&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjN...
0
0
/
cc.adingo.jp/adx/push/ Frame 2F95 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEBfbUNsmbHQ2ZcvtsJv-Qzc&google_cver=1&google_push=AYg5qPIxiyh3vnwZMx0PF_zgYaXGLdDuM46-yijwpnpXAhFvffmgG3-2S01Ar6obtWKJh6JdIJLuCpLjNpULGSaQcD6T8Wm9_OxqNA
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.119.142 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-119-142.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 2F95 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUrACEffx0Lc_KfN3MrFDbw6vhlcHFfPv-mhIDJCFwPeKKNDSDZy6oCbkteV6tSxMPS-g6
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DF97 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Mon, 03 Jan 2022 22:58:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9751117
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6DiW5ripoum%2B8UX4N0%2FA0mdkZXSh2WREFznR30xgSQnSO899F9H0ITp74LVyOq4FoCLXDNBDysDr%2F5G%2FA1oWQnijvtjksRtf%2BVmf0h9tn0EwSYfAfLoe2UorOmCfV07fiwCe2crSoVH6GNCYDyNX%2F%2Bp"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c7fd518aa494e3e-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
truncated
/ Frame 390C 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f4d07bf3f86bcebf856c5f1c223f3b437a50d7eb34223b241e0fa5c9b630535

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame 6CA9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires
Mon, 03 Jan 2022 23:58:32 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
497067
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlOB9jPRHQaZVh%2FTc2UKlJC0e7cR6QpkwevSl%2BJ9vGsMPzF0vcmkPi9s5%2B4PqZ0D7Ydo9AEYhcYYH2p%2FV46X%2FxiMiAdz51AYemZLV%2BmTkVmJpQn8gooaFnd9qYOta5etY0G41JY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c7fd51899bb4309-FRA
content-encoding
br
usync.html
eus.rubiconproject.com/ Frame E420 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&geo=eu&co=de
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 03 Jan 2022 22:58:32 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1DC5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 03 Jan 2022 13:26:12 GMT
expires
Tue, 04 Jan 2022 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
34340
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5399 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a70adfd204147a2e7ea2192469eaafab0935574bf3d535fab591884292e1f16f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
rexdot.js
gatr.hit.gemius.pl/__/_1641250712160/
Redirect Chain
  • https://gatr.hit.gemius.pl/_1641250712160/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahada...
  • https://gatr.hit.gemius.pl/__/_1641250712160/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sah...
452 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gatr.hit.gemius.pl/__/_1641250712160/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=263&lsdata=ZOzHSS4JwHhqgDgN9apC0LYLYho8yRVR.gQMAxQEEYn.j7dV4xjfhxagy0Tk1hIMZK64WU4V91WfGEqAqrkFDwps7pQ1/L.89pzZNs3JpB/&fpdata=jGUR9QGdFXM8Yq94ovQyfq7xCwLAJWycFkYhHMIhT8T.v7&vis=1&lsadd=&fpcap=
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H2
Server
178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-178-33-196.eu
Software
GHC /
Resource Hash
e88b0bfb1a5b2f07eef2b4883fc4ed247384926620e3dbdd529da24bb66fa40a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
452
expires
Sun, 02 Jan 2022 22:58:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1641250712160/rexdot.js?l=100&id=ApswCyd4r7fQTSHRgQVcZmYknDQZv5h32P5mmdfDGZP.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=263&lsdata=ZOzHSS4JwHhqgDgN9apC0LYLYho8yRVR.gQMAxQEEYn.j7dV4xjfhxagy0Tk1hIMZK64WU4V91WfGEqAqrkFDwps7pQ1/L.89pzZNs3JpB/&fpdata=jGUR9QGdFXM8Yq94ovQyfq7xCwLAJWycFkYhHMIhT8T.v7&vis=1&lsadd=&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 02 Jan 2022 22:58:32 GMT
get.ashx
run.admost.com/adx/ 		23 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://run.admost.com/adx/get.ashx?z=51258&accptck=true
Requested by
Host: go.admost.com
URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Protocol
HTTP/1.1
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b

Request headers

Referer
http://arsiv.sahadan.com/Default.aspx
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
CDN-EdgeStorageId
756
Access-Control-Allow-Origin
*
Var
s:go917;cs:cp:cache_z_51258_neq_TR_*_*_*_*_*_*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
CDN-CachedAt
01/03/2022 23:58:32
CDN-PullZone
381479
Connection
keep-alive
Content-Length
23
Server
BunnyCDN-DE1-756
Pragma
no-cache
CDN-ProxyVer
1.02
CDN-RequestPullCode
200
Content-Type
text/html; charset=utf-8
CDN-Cache
BYPASS
CDN-Uid
79355934-3932-41c0-9817-733cc0c4d7a6
Cache-Control
public, max-age=0
CDN-RequestId
fc1d1de807cad0dc84f03b0151e3176d
CDN-RequestCountryCode
DE
CDN-Status
200
CDN-RequestPullSuccess
True
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 5399 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 02:26:46 GMT
/
adv.office-partner.de/ Frame 81CD 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=951f813a0e&subid=&uid=e9796d4a9074e978&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxLa7l3_TYeLoEpre3wPIo4TYD92t6Khgu4_f1IgK8C4QASC6l-0eYJXikIKgB8gBCakClQjGCvbwsj6oAwGqBOgBT9DtccN_nob0MBfpd3AD46chFW5d_-ePKuUSbvu7CN5w8r_fpZBCUR45INq3AMRn71pzSh9DNHNoWMYWgXuzdAWOUH_tR2WzZp2tEIJkDmIGcTWQFif0-tWlQlgbNoTvKT0YYznpkyEki49zZkkWrAUN7YJIRe7vftsm1MgYlYXuhoFNjT8OMnggmEX4-29Mm2An7wSbWsQW2vMnEz_3XGipc4gmiRVdeu_dqCXIS4H-FrkhXLs7LBrCfEs3Xub5kmCz2-A1wZGYm7znU0JSLjOTne3DEhTk2lLgnxD4f8G0YjIAbPz6-cAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w%26sig%3DAOD64_1OTZ0759Bf-93UGNlrImTjMxm7jA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-DWbReOzBXhOW-zxLe2QtM91n9TkVSbozJ9r_OyBnRtmCaSSSdFWfPoZ0Jme5iBJ6fk6TGQzdQNUu0Ph-akqvMhGEeeu0kfCiCj0YkSdILtiy7ZO2i-BKJLb2q_pDj5GiEcou9eAsjtko_Q0hgICYHlLnmfXg%26cry%3D1%26dbm_d%3DAKAmf-Bx-X1jCSzmVCbSAm0JYLXgf5YBUQWgei4mUmIFLISN7CDRGusEVuZLna9syZbq3CvBXUI2brSdzYgqRjzXqKmI0flM29oT_BD5EIXPGnuNfthBWyhWb5nF-anemJKDT9V8K6CXmYKAkbfVNASTKyIgPjNrSK6NG1d2kpjYtIvchul8_PTXTHkAYkvmVjb6_GsPexOGMYL5qYZRym4R5m5Jcs3dz_-IVRkpcOKcBSlBpliQBoLBKAf-zal4Gq546IjucFr2Id6QzlZ6AlHN-u8A9N9haHTkXVwXc4C5tXfBDhiG98H4PiM5fWpfTnn2KZqWiOdkVk8v9xeOXPHvnZ6eZjR4aL2Hxu6DHO-Tca5-EMVFt5tZSdNxU1obxZS_PQ-Zvg4mN542_RT-mIHABOOeusKZtpLHEshmsu46qs-bD2y5s9QXAfg7am-BTFxjCQLH_SmRvCjvk5tDPzA7HMmJ5YKWqQ%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=6211903583909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

server
keycdn-engine
date
Mon, 03 Jan 2022 22:58:32 GMT
content-type
text/html
content-length
930
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16ba8ac4"
expires
Mon, 10 Jan 2022 22:58:32 GMT
cache-control
max-age=604800
link
<http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
request_content.php
hal900015.redintelligence.net/ Frame BE4D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=951f813a0e&subid=&uid=e9796d4a9074e978&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxLa7l3_TYeLoEpre3wPIo4TYD92t6Khgu4_f1IgK8C4QASC6l-0eYJXikIKgB8gBCakClQjGCvbwsj6oAwGqBOgBT9DtccN_nob0MBfpd3AD46chFW5d_-ePKuUSbvu7CN5w8r_fpZBCUR45INq3AMRn71pzSh9DNHNoWMYWgXuzdAWOUH_tR2WzZp2tEIJkDmIGcTWQFif0-tWlQlgbNoTvKT0YYznpkyEki49zZkkWrAUN7YJIRe7vftsm1MgYlYXuhoFNjT8OMnggmEX4-29Mm2An7wSbWsQW2vMnEz_3XGipc4gmiRVdeu_dqCXIS4H-FrkhXLs7LBrCfEs3Xub5kmCz2-A1wZGYm7znU0JSLjOTne3DEhTk2lLgnxD4f8G0YjIAbPz6-cAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2gAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w%26sig%3DAOD64_1OTZ0759Bf-93UGNlrImTjMxm7jA%26client%3Dca-pub-5610649146674306%26dbm_c%3DAKAmf-DWbReOzBXhOW-zxLe2QtM91n9TkVSbozJ9r_OyBnRtmCaSSSdFWfPoZ0Jme5iBJ6fk6TGQzdQNUu0Ph-akqvMhGEeeu0kfCiCj0YkSdILtiy7ZO2i-BKJLb2q_pDj5GiEcou9eAsjtko_Q0hgICYHlLnmfXg%26cry%3D1%26dbm_d%3DAKAmf-Bx-X1jCSzmVCbSAm0JYLXgf5YBUQWgei4mUmIFLISN7CDRGusEVuZLna9syZbq3CvBXUI2brSdzYgqRjzXqKmI0flM29oT_BD5EIXPGnuNfthBWyhWb5nF-anemJKDT9V8K6CXmYKAkbfVNASTKyIgPjNrSK6NG1d2kpjYtIvchul8_PTXTHkAYkvmVjb6_GsPexOGMYL5qYZRym4R5m5Jcs3dz_-IVRkpcOKcBSlBpliQBoLBKAf-zal4Gq546IjucFr2Id6QzlZ6AlHN-u8A9N9haHTkXVwXc4C5tXfBDhiG98H4PiM5fWpfTnn2KZqWiOdkVk8v9xeOXPHvnZ6eZjR4aL2Hxu6DHO-Tca5-EMVFt5tZSdNxU1obxZS_PQ-Zvg4mN542_RT-mIHABOOeusKZtpLHEshmsu46qs-bD2y5s9QXAfg7am-BTFxjCQLH_SmRvCjvk5tDPzA7HMmJ5YKWqQ%26adurl%3D&documentReferer=http%3A%2F%2Farsiv.sahadan.com%2F&ancestorOrigins=http%3A%2F%2Farsiv.sahadan.com&random=6211903583909&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
470a443ee74afbf35bb57940fb86363c100bc636753762a9a024e4f0780245fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 03 Jan 2022 22:58:32 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2402
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 207D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fa3b6750d479cfa0cef0ca5d9cc2376669159583f50693d2e1b9692a9d98fe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
docs.min.css
js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/ Frame EF22 		59 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/css/docs.min.css
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
212.102.38.47 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-212-102-38-47.datapacket.com
Software
MerlinCDN /
Resource Hash
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Via
HTTP/1.1 Merlin CDN
X-Content-Type-Options
nosniff
Age
46395
grace
none
Transfer-Encoding
chunked
X-Cache
CMISS_01
P3P
CP= CAO PSA OUR
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Allow
GET, HEAD, POST
Server
MerlinCDN
X-Midtier
de-fra-dp-s01
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Edge
cz-prg-dp-s04
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
healthy
none
X-Age
0
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
X-VCT
0.000
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame EF22 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 08:12:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
139568
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33621
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Mon, 02 Jan 2023 08:12:24 GMT
beacon.js
sb.scorecardresearch.com/ Frame EF22 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sb.scorecardresearch.com/beacon.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
13.225.73.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-22.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Mon, 03 Jan 2022 04:50:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 26 Feb 2021 14:35:05 GMT
Server
AmazonS3
Age
146507
ETag
W/"1827f116c73f319409b97f10b8a58ade"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
tEIUNC6fhZT93R5tEvmhqWWWE7VL48hxw40Kf6q9Ms0yCjLHpC__Cw==
gstream.js
str.hit.gemius.pl/ Frame EF22 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://str.hit.gemius.pl/gstream.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-178-33-196.eu
Software
GHC /
Resource Hash
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Dec 2021 11:54:27 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
8037
Expires
Tue, 04 Jan 2022 10:58:32 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EF22 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Vary
Accept-Encoding
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Length
126523
X-XSS-Protection
0
Expires
Mon, 03 Jan 2022 22:58:32 GMT
docs.min.js
js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/ Frame EF22 		967 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.duhnet.tv/q/s/player/html5/1.20.2/assets/js/docs.min.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
212.102.38.47 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-212-102-38-47.datapacket.com
Software
MerlinCDN /
Resource Hash
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Via
HTTP/1.1 Merlin CDN
X-Content-Type-Options
nosniff
Age
42116
grace
none
Transfer-Encoding
chunked
X-Cache
CMISS_02
P3P
CP= CAO PSA OUR
Access-Control-Allow-Methods
GET, OPTIONS, POST, HEAD
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Allow
GET, HEAD, POST
Server
MerlinCDN
X-Midtier
tr-izm-nt-s05
Vary
Accept-Encoding
Strict-Transport-Security
max-age=16070400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge
cz-prg-dp-s04
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
X-ECACHE
HIT
healthy
none
X-Age
0
Access-Control-Allow-Headers
accept, origin, x-requested-with, content-type
X-Mcache
HIT
X-VCT
0.000
videojs-dock.js
is.cdn.md/i4/Js/ Frame EF22 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://is.cdn.md/i4/Js/videojs-dock.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
77.223.147.102 , Turkey, ASN43391 (NETDIREKT-AS, TR),
Reverse DNS
Software
CCAcc (1.0.1/nvm-ists3) /
Resource Hash
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Oct 2016 09:38:40 GMT
Server
CCAcc (1.0.1/nvm-ists3)
ETag
W/"5f2740967e20d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
s
84
Expires
Wed, 02 Feb 2022 22:58:32 GMT
/
track.adform.net/csimpr/ Frame 5399 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=52142524&csi=evCcRhkywPdSL7Yyn5eLGbUKckLA7VBlLEZQCuTalOXZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
50541931.gif
s1.adform.net/Banners/50541931/ Frame 5399 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/50541931/50541931.gif?bv=2
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c242481843389360649c10f0c781f5956e5274b9cfd7ca7a52cdef7dfef0f113
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
last-modified
Thu, 23 Dec 2021 13:15:51 GMT
server
nginx
etag
"61c47687-edf9"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
60921
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-9z0n
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3hOZMzDha68%2Fh2sBO2jkz1TBAOSQ7FQTrs5HQaHgo3KG6kTdajjaifYNi8AuM0H79lJ9%2B%2F6S9XVBDhbTGjgL3WAAEnjpToxmjOrRSrwpn8ZTulzV7Isk%2B4vyC%2Fd9Rsg7WPfo4o%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c7fd5192842d6cd-FRA
usync.js
eus.rubiconproject.com/ Frame E420 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60a2578b7373c7db3149c8f6422c3a48e8d12351d823b1d13b64617f563575ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40029
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9701
Expires
Tue, 04 Jan 2022 10:05:41 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame BE4D 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 17:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jan 2023 17:24:37 GMT
85444b226f71dc04e1928aeaa1129042d3a9ccc1.js
baltar.dimml.io/flow/d9wm/ 		0
282 B 		Script
General
Check archive.org
Download Go to
Full URL
http://baltar.dimml.io/flow/d9wm/85444b226f71dc04e1928aeaa1129042d3a9ccc1.js?clientId=2&dom=arsiv.sahadan.com&url=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&gemius_sent_once=1
Requested by
Host: cdn.dimml.io
URL: http://cdn.dimml.io/dimml.js
Protocol
HTTP/1.1
Server
63.33.8.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-8-36.eu-west-1.compute.amazonaws.com
Software
dimml-2.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 3 Jan 2022 22:58:32 GMT
X-DimML-Version
2.2 vH8ffFv9
Server
dimml-2.2
Vary
*
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 390C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.340,e2e.853,fs.301,reqs.302,ress.340,rese.342&srt=39&e=&id=csi_pagead&gqid=&qqid=CLeaoa3XlvUCFdyYdwodfooC_Q&rt=lb.152,ol.513
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
google2waycm.netmng.com/cm/ Frame 1DC5 		0
0
current
dclk-match.dotomi.com/match/bounce/ Frame 1DC5 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOkt_drGlWZqp4rviTXuh1c&google_cver=1&google_push=AYg5qPJrcrep6bMJFx4LFu_ZPqQ5SQaoJyuLPGgFmths56VlRKvJkgAZywHZLPzy4wMoEvxexyWhez9z-Japxr79-xo7EzpUgvGe
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 1DC5
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMcNhVssTCQtiKGnMHcowAw&google_cver=1&google_push=AYg5qPJUFs1LJ1uuYSwwKFg44_gQn1gdwTRSFzdd7LSII9znUO7aVfWT5O5l7fLhY01CV9Ppf0ce5gVNClnDZpuH95jmV9DZGpk
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2FDDF01607EB4C1986802485E7F6BB75&google_push=AYg5qPJUFs1LJ1uuYSwwKFg44_gQn1gdwTRSFzdd7LSII9znUO7aVfWT5O5l7fLhY01CV9Ppf0ce5gVNClnDZpu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2FDDF01607EB4C1986802485E7F6BB75&google_push=AYg5qPJUFs1LJ1uuYSwwKFg44_gQn1gdwTRSFzdd7LSII9znUO7aVfWT5O5l7fLhY01CV9Ppf0ce5gVNClnDZpuH95jmV9DZGpk
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jan 2022 22:58:32 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2FDDF01607EB4C1986802485E7F6BB75&google_push=AYg5qPJUFs1LJ1uuYSwwKFg44_gQn1gdwTRSFzdd7LSII9znUO7aVfWT5O5l7fLhY01CV9Ppf0ce5gVNClnDZpuH95jmV9DZGpk
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 02 Jan 2022 22:58:32 GMT
pixel
cm.g.doubleclick.net/ Frame 1DC5
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESENZ6ROGvxdppJjHg7pQ2tVc&google_cver=1&google_push=AYg5qPIIltm8N0sYwdqZT-gXqu_8uXtp_zSDHGW0UfKZ-SGTg0hZw6EpPr7ep-g7Zqv_ssFm_npARLLwZIw...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPIIltm8N0sYwdqZT-gXqu_8uXtp_zSDHGW0UfKZ-SGTg0hZw6EpPr7ep-g7Zqv_ssFm_npARLLwZIwBdeVCUR41thpVln7F
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPIIltm8N0sYwdqZT-gXqu_8uXtp_zSDHGW0UfKZ-SGTg0hZw6EpPr7ep-g7Zqv_ssFm_npARLLwZIwBdeVCUR41thpVln7F
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPIIltm8N0sYwdqZT-gXqu_8uXtp_zSDHGW0UfKZ-SGTg0hZw6EpPr7ep-g7Zqv_ssFm_npARLLwZIwBdeVCUR41thpVln7F
Date
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 1DC5
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESENDipKYOjh6aayOZoCO3kRA&google_cver=1&google_push=AYg5qPKFXmUxxzGltpIgQtj-B1TyLnl9BNp0CEB9ARNmpLKuf5pxnTygazFDmubvsBQdYkFEjgJJ3pOrBJ6a0W-I9m1UIhAO3v0
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESENDipKYOjh6aayOZoCO3kRA&google_cver=1&google_push=AYg5qPKFXmUxxzGltpIgQtj-B1TyLnl9BNp0CEB9ARNmpLKuf5pxnTygazFDmubvsBQdYkFEjgJJ3pOrBJ6a0W-I9m1UIhAO3v0&b...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPKFXmUxxzGltpIgQtj-B1TyLnl9BNp0CEB9ARNmpLKuf5pxnTygazFDmubvsBQdYkFEjgJJ3pOrBJ6a0W-I9m1UIhAO3v0&google_hm=qStoKF7EFaEAAikABlF-Iips...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPKFXmUxxzGltpIgQtj-B1TyLnl9BNp0CEB9ARNmpLKuf5pxnTygazFDmubvsBQdYkFEjgJJ3pOrBJ6a0W-I9m1UIhAO3v0&google_hm=qStoKF7EFaEAAikABlF-IipsPA%3D%3D
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f1-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPKFXmUxxzGltpIgQtj-B1TyLnl9BNp0CEB9ARNmpLKuf5pxnTygazFDmubvsBQdYkFEjgJJ3pOrBJ6a0W-I9m1UIhAO3v0&google_hm=qStoKF7EFaEAAikABlF-IipsPA%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
gg_pixel
sync.adaptv.advertising.com/ Frame 1DC5 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEDqLPqxKDW7k5wa437TAoNA&google_cver=1&google_push=AYg5qPIeKGsI8p2sA-4E_8jT5gjrVRSnpZOF5j5XAGBzyArGl-Mn8ZHucpOGGctS-Pc9EbECrXn_JUqjhjpiB96TDQOxnpZGcuS-
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.159.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-159-188.compute-1.amazonaws.com
Software
ribs2.0 /
Resource Hash
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Server
ribs2.0
Connection
keep-alive
Content-Length
14
Content-Type
text/plain
pixel
cm.g.doubleclick.net/ Frame 1DC5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p8dtVRfBRoGBhgekaNYfkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p8dtVRfBRoGBhgekaNYfkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL6OQ3xE9HMMcwgZvlIYpS7qEmKF4TC_mUUJwhmpzjkiodrt60Oi2mewRSGLEVY9-MS4uBERWzUZ3Fs2yk8pIHghDMbcqVQ
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p8dtVRfBRoGBhgekaNYfkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL6OQ3xE9HMMcwgZvlIYpS7qEmKF4TC_mUUJwhmpzjkiodrt60Oi2mewRSGLEVY9-MS4uBERWzUZ3Fs2yk8pIHghDMbcqVQ
date
Mon, 03 Jan 2022 22:58:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 1DC5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlhkJaFKYlXDSuCoIfDQFtNzZEqrDbpQni7O22w8JNm7Ul1wei8qLEDcMcZSkrnbO1mWij
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rs
ad4m.at/ Frame DF97 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d1a45557a6138021838c921bdf04bad726ccef7cbc3732c44aa7026c7d17c2

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c7fd519586ad6cd-FRA
date
Mon, 03 Jan 2022 22:58:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAImW%2FNzEjhPNsT0m4J%2B6pyLFi5953hu4zsNo%2FPIwi2K6M0oQkHo0%2FUVJSpYMVdYTG4qQfLBIWN%2FNGkYQbQDf3RdquyEqLXfuRXRAOWIdBc9CWwX9doRpIsHTOJTLUPCj2H56g8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-9z0n
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E04 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKja4l3_TYbzRMJbC7_UPqsuj-AEAAAAAOAHgBAI&bg=!ra6lrurNAAZKWFskSlg7ACkAdvg8WtEZFj9r3M9Z2mJugnqcCL6y1Lrq7Ye_HoUGsntlpuupGCcoNgIAAAFvUgAAABloAQeZAwl_VjkUMPBVQg9CbX4Xg2WXRblf6laYX6kp5kM-8ChuTqm2zD6d_QrPQUvtD1trg4P14tsvA9b0snR-9A6_S-9tPcO8EyRI7UVnvfGdQrdF6cc-8yq23crPwhYSDLJsRTaV8mGrNOtquQFUL6gCqOpg87l5N0e1LH87L6YvOgmEn_MCKHe9sinSqh_4O0lBbDiZ2LHMWKKSTknyMqhl8BPlPTFwaIMVS6vlXuNQz14uXRK-QmI1yb3AmZgOBNu7a2IWmfy3s6zpftiUVpEV4ipKtLnb9l4iD6ldibe7xl8ycXZLYpzk8aB3V9WaEpjHl5TvbDT6_n7tMvCA8_lpkXDIMI5qX26IbUjWGmTYmDja0Mp0tGyeIE99DdSbgtYFt_YP8o721Vg_huQKDMOhI1RPSJuAL3nE0kWzo9mC60_rwjD_FRAMH0KmEznq9O8ber9ehwoCet7ElThMEMRrHkZx9_7j2_AOf9676sWlQGpSn5zD2TQS6ZXF0WWAhn52OfK4EsgfNTDiLUXBdhISmkEUTqhX3vd6lKk-1BxV_IGB8yl-3AAfQzV-hZxI6XM1CT2XlsAxFOWMOUx_1Hr5aDzhO2UdHlzdgrzUOh75rFs6wfKOhBKQH-buipQHQgYwwEkurOUGS5AG_6z4Nr8OtRzWcFdRM4-upvN0Lx33PRv5l8D7_s1EGwLVdXxXjo6G2b2wa53SlI0vs88k9kkeu-RdkNpYZPAekCW-44j2lDnIqO-k5hrpbOgNNhPUf4cryjnMhGf4wisJs0Nysx4JQ1UNZaoVyw1pzC6-1L0b_f5YLs32xRdKsb7CFY9czKTsfY_EW1j8ZaklwiggHDIk9fpNF75p5vSqWq-1pR2Zcuc3q_uVEkgOH-nvWuLZn88KGSnyRenZNS7UrMEmtWsdfWh983sf0KVtKrvL_h31RUfFVz4KWg3cltCDnjePQr7NHZn9916vHKMmC005UvfgPf-Umwavm6WfsIavzBL5be2HGqOvugdTZ9vkrhUrySkOv-UMruvlS2WsFq4
Requested by
Host: daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
URL: https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame E420 		284 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
5daa34953a867809056448757b76591b
Content-Type
image/jpg
gtm.js
www.googletagmanager.com/ Frame 81CD 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da9464ece3c706a854b59ec1c0524bfd0a447a486097391f70b9607b27be028f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32242
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jan 2022 22:58:32 GMT
gemiuslib.js
str.hit.gemius.pl/ Frame EF22 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://str.hit.gemius.pl/gemiuslib.js
Requested by
Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gstream.js
Protocol
HTTP/1.1
Server
178.33.196.208 , France, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-178-33-196.eu
Software
GHC /
Resource Hash
153bd10bfdcb09b45a61621f8133985a0322660419b99891492a925be6da0e10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Dec 2021 11:54:27 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
10487
Expires
Tue, 04 Jan 2022 10:58:32 GMT
truncated
/ Frame EF22 		1 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://js.duhnet.tv/
Origin
http://arsiv.sahadan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
lsget.html
ls.hit.gemius.pl/ Frame CAD4 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ls.hit.gemius.pl/lsget.html
Requested by
Host: str.hit.gemius.pl
URL: http://str.hit.gemius.pl/gemiuslib.js
Protocol
HTTP/1.1
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
be1f768f39d33afaed688506ccdd62fbd1cb9d51ef1be362d451d430098c75b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Expires
Wed, 02 Feb 2022 22:58:32 GMT
Server
GHC
Accept-Ranges
none
Cache-Control
private, max-age=2592000
Last-Modified
Mon, 16 Jul 2012 10:03:40 GMT
ETag
PRIVATE7520710249
Vary
Accept-Encoding,Origin,User-Agent
Cross-Origin-Resource-Policy
cross-origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Type
text/html;charset=utf-8
Content-Length
2716
Content-Encoding
gzip
rar
as.ad4m.at/ad/ Frame 215C 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982282ae3a90f29e236f838051817d7a6e0184c8812e926317c6c2bd2ba170f9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kcwr9xd6kfa6e4q8r423gk8ggs9z0v22dvdaf38f226r3gw50mhqg0ewcw4e9w7z034fe9vhr1nhh477zywhnxnba9qysqw0x01yfn1ytkkjy3pxz5e178zzs87cntsrwntt545dvhrkqrpdqvj4g8f36963r3mqxhjtmdr7azf91cmk48arj189e81z1qn51hbcn9rmgfkfsth48kbzr7zw3nbwsgdevezg6wpq19977k534e0pq2ksqstrq7ksbv0ec4x41abx7gy06y35jcpfhfft6nmd8ew3rmasa3qc52khwgf238tst40y4mm67pmd18gpz8rz18jxnwrdfgsfd5nkr3k9da2kpcaszy7jzngf3v513ksjtym79dn8ge238y1shpnkebkmkmmjqgh6jmbv3fg4hgwh8ejkajv596hs00cp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%26client%3Dca-pub-5610649146674306%26adurl%3D

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c7fd5199d0b4309-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 215C 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
455608
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 29 Dec 2021 16:25:04 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c7fd519edd74309-FRA
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 215C 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Mon, 03 Jan 2022 22:58:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
462311
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdsYdplWe2VFuW7eDo9nKghYCaMoVzHRBeWc_q6a6t0uqhH5NWxQhLiKvmU1h9Q6QpMsZFqiNrVtmC46-ZvQ2TbLpnwDwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ty3uBH99j%2F4zyrU91%2FMyJBfyGC%2FtAIG5czWTIshaRk%2F4Os2SNeUhV%2BBZiUVKYmoToInDgpWKekOTWpUUoqYNX22Q%2FQsa3zUShVMuPxM1z58Cu28QPugRwJrsI3bpWbyyb8rm4I0LbMfyvzuO"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Tue, 04 Jan 2022 22:58:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c7fd519edda4309-FRA
cf-bgj
imgq:85,h2pri
8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.
assets.ad4m.at/product_image/ Frame 215C 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2645e770f595032c42715c6cc1ebda7cef04e1bf2faadea2b8d5686b34042b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=gfkikg==, md5=avEG5yogcCrUEMfBdrzXRg==
date
Mon, 03 Jan 2022 22:58:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2170724
cf-polished
qual=85, origFmt=jpeg, origSize=51563
x-guploader-uploadid
ADPycdugP7qVPGDx0uGj6mfE2ke0rucAiw2q96yNzDhkG7B1OAJh3h9_zRWfGRxqOfarex2V7kPTHzVxOTxtdzy1F7tRD602SQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="8268F80203B2870DC4906ECACF07D5681B4610E20AB03421A134D0741618B0482746C1BEB793CE31091452FAF3A55E9AF3218E4BF79E8E1F82DD22242835D6D2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18118
last-modified
Thu, 06 May 2021 15:15:12 GMT
server
cloudflare
etag
"6af106e72a20702ad410c7c176bcd746"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9651t%2Fj9DtK3bwcz5mfPCZ0hIFSaOxzWwHS820%2Be3%2FVysYgz2D8kd71IvIxP%2FbQ3dwokWcZXdZygXgG2sdTVvrY0Icm0e3r4HcN%2B92XtHfnEWWyuvdZHYlJd3wrLpHeR74aZ87dNIbR%2Fm7OZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620314112255078
content-type
image/webp
expires
Tue, 04 Jan 2022 22:58:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
51563
accept-ranges
bytes
cf-ray
6c7fd519eddd4309-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame 215C
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022010323583261432418283X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grz...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202201032358326143241...
43 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022010323583261432418283X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022010323583261432418283X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 215C 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Mon, 03 Jan 2022 22:58:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1201531
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9aPORIunw9LsiRgrfspTjzdm%2Fb4O1%2FFM9tpBvvVVibliArAjZpnivxsvVbm6%2BB%2F%2B5ErQtV36ritjSMgJANi9EkBqHtDXZDO4zQTcpYLkxJTrazAq0pRug0nc07YqTHNCjFvJ9F01lO%2BUN81"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Tue, 04 Jan 2022 22:58:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c7fd519edde4309-FRA
cf-bgj
imgq:85,h2pri
109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
assets.ad4m.at/product_image/ Frame 215C 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=HwscaQ==, md5=QEKMkuOfQyYKQIg2TmID3Q==
date
Mon, 03 Jan 2022 22:58:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1201497
cf-polished
qual=85, origFmt=jpeg, origSize=109711
x-guploader-uploadid
ADPycdvWh0v-ouOP7GcI4aIzCj3p6HaDpM83MBv9L86pOt0HZptREue0D83OTLjQUb3ZnMiD3nkhmE4xzG7Y9-OhJ3vs1Lz5cw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20822
last-modified
Thu, 21 Oct 2021 08:32:12 GMT
server
cloudflare
etag
"40428c92e39f43260a4088364e6203dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJgW1D%2FBakBtnjYtQfkVVqmKq7Oum1A8Gy8Ma0FWCkaBtcz%2FcMZL4h9eaAg0oCu9EB4j4BBsIJQhNbI76CV%2BHgWzddW6CVQoDWpHTZUXSBPTBF9uNvxacNbL3NRIgvjBZVcpagyDcHcwQGJg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634805132458381
content-type
image/webp
expires
Tue, 04 Jan 2022 22:58:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
109711
accept-ranges
bytes
cf-ray
6c7fd519eddf4309-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame 215C
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022010323583261432418281X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grze...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20220103235832614324182...
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010323583261432418281X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010323583261432418281X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 215C 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Mon, 03 Jan 2022 22:58:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1201499
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsBhB4SVbJUId60_2wHZUuWtHjLMoe6bTHlFfyjCEmZdEXkw_UjuYWIUZ_IKN87qb1Urx01sOoLtw5CjdqWHx0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWCSK1n8ZAu7JH9cAI1YOqKl83dWEzQa%2FymqFOC4LhvuNL%2BXmtT%2Fyfn57chx0eHpN9HzoJ5gf%2BqDOAWzs24y5%2FIJvxT1%2BxTmLQDxgtWXFtocVtJA6HWhwg7qO1ycAVKBMiQB54yd8zWSXCiV"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Tue, 04 Jan 2022 22:58:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c7fd519ede14309-FRA
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame 215C 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Mon, 03 Jan 2022 22:58:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1201500
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdu670Rk0ISPcs7txQwGYIL1NvXNwFkHaqljLnngC8hZQe9GoRcQBXOqPMxMUAPKD1P6hyAQ8mreDGPEoxRJxgs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Bho0E7TAOZD95TtcGkfBLzcZd3GgL2PcBEik5pl7laq0YsB6%2Bh1DyB9sPP0yAIIOidLkz4u3bF2%2B7UudWdfxz1aBmDm5BsDsMh8zegcsTRv53G9YifC0y0WZhCPkGR2t5Mk46uw8nomPqUo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Tue, 04 Jan 2022 22:58:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c7fd519ede44309-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 215C 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
e352064b386edf7819f2e4a18303859a9c85e1c5b0f24142ed8ed874ec8df0ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:32 GMT
Last-Modified
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1477
Expires
Mon, 26 Jul 1997 05:00:00 GMT
viewability
hal900015.redintelligence.net/ Frame BE4D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=89026200375653600757589011828015&a=4e683850&vb=m
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
link.html
track.webgains.com/ Frame BE4D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=264925&wgcampaignid=99582&js=1&clickref=89026200375653600757589011828015&viewref=89026200375653600757589011828015&nw=1
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
179e326a2c601b23bb7f228a47e41306d2993f0c5aa3a895202a371509c81491

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:32 GMT
Last-Modified
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1266
Expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame BE4D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
analytics.js
www.google-analytics.com/ Frame EF22 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7046
date
Mon, 03 Jan 2022 21:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 03 Jan 2022 23:01:06 GMT
truncated
/ Frame EF22 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Referer
http://js.duhnet.tv/
Origin
http://arsiv.sahadan.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
1i6d1esumynw1espo9api0z5t_2400000.mp4
daznplayervod.daznservices.com/ePlayer2/20211228/ Frame EF22 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://daznplayervod.daznservices.com/ePlayer2/20211228/1i6d1esumynw1espo9api0z5t_2400000.mp4
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://arsiv.sahadan.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Last-Modified
Tue, 28 Dec 2021 14:10:08 GMT
Server
AmazonS3
x-amz-request-id
KQTE4M2PFR3GG69A
ETag
"bed02c1d17a6e58c526d7f28002ba828-7"
Content-Type
video/mp4
Content-Range
bytes 0-36196535/36196536
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36196536
x-amz-id-2
Dw5QvJKyDhJt7y2tXqdZ/F85aNkF8GXIffvAgyuInRmshZOlxKMGQtTDcwqUVzLM9iO1B/oo4rs=
bridge3.493.0_tr.html
imasdk.googleapis.com/js/core/ Frame 8BCA 		598 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.493.0_tr.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb4258439d8804f48eed11c830eeb2f15e89be31580d1ec36056aadef87d8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Length
199042
Date
Sun, 02 Jan 2022 20:29:37 GMT
Expires
Mon, 02 Jan 2023 20:29:37 GMT
Last-Modified
Wed, 15 Dec 2021 20:12:41 GMT
X-Content-Type-Options
nosniff
Server
sffe
X-XSS-Protection
0
Age
95335
Cache-Control
public, max-age=31536000
client.js
s0.2mdn.net/instream/video/ Frame EF22 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jan 2022 22:58:32 GMT
sahadan_lqes0l6n04vl1o98gwpixrcvk.png
images.performgroup.com/di/library/eplayer3_user_guide/94/76/ Frame EF22 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.performgroup.com/di/library/eplayer3_user_guide/94/76/sahadan_lqes0l6n04vl1o98gwpixrcvk.png?h=28
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/VideoPlayer/VideoPlayer.aspx?id=10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v&autoplay=true&showads=true&page=anasayfa
Protocol
HTTP/1.1
Server
2.18.232.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-159.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d0faca785be135eeeaee5cd2ba681e5ababa983819df716a01acfe8c67f26e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:32 GMT
Last-Modified
Fri, 31 Dec 2021 14:33:21 GMT
Server
Apache
ETag
"131c-5d4720d79ce40"
Content-Type
image/png
X-Server-Id
bd0114353458c9fd2868620875abfc7dfdcd244c
Cache-Control
max-age=35319
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4892
Expires
Tue, 04 Jan 2022 08:47:11 GMT
collect
www.google-analytics.com/j/ Frame EF22 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=793155815&t=event&_s=1&dl=http%3A%2F%2Farsiv.sahadan.com%2FVideoPlayer%2FVideoPlayer.aspx%3Fid%3D10c4d6c257f8d7a5df19ee112e.3lmm6y7qzgvv1j29atc62pl6v%26autoplay%3Dtrue%26showads%3Dtrue%26page%3Danasayfa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=640x360&je=0&ec=Videos&ea=play&el=1i6d1esumynw1espo9api0z5t&_utma=140208355.1874813665.1641250711.1641250711.1641250711.1&_utmz=140208355.1641250712.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1641250712842&_u=AACCAEABAAAAAC~&jid=&gjid=&cid=1874813665.1641250711&tid=UA-241588-1&_gid=2144301582.1641250712&_slc=1&z=140313919
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://arsiv.sahadan.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://arsiv.sahadan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8E89 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 03 Jan 2022 23:00:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A0DC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrc-PaOiLJrYmLx75EaJR1FQrhTzB5BLnB7fCCAKUBAZ6SjVY9M6pTw5LF84Jda1jhEnDSXcNIuNTKTMKlCL9lFAOKfeg0VJ3Xg71UIes9v1oAkZt1DR-eoJP_9ffepCoGgq1PfM9-7O4D&sai=AMfl-YStcxQCj_onU6mNOt2aBoxUJ3w19AM0glSMTp8IPenf06oJCX0-EE4aAFVdNNoNU64fxLYl90ic1Dt2Sh8j2fh43h8ws_udUoFskC8FsafaqxFbDwYNAD7azrgzx7Z0&sig=Cg0ArKJSzBKtPjl8sfbJEAE&id=ampim&o=310,127&d=980,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&tfs=90&tls=1092&g=100&h=100&tt=1092&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=898654483
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame BE4D 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=264925&wgcampaignid=99582&js=1&clickref=89026200375653600757589011828015&viewref=89026200375653600757589011828015&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.73.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-126.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
83641
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 03 Jan 2022 01:40:00 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
51794
x-amz-cf-id
FFoqiiuqs9SA3kBHC7INh2xUOB74J_0jD4dwLLcleLTqD0mHSPiSOw==
link.html
track.webgains.com/ Frame BE4D 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=95451600385095700757589011828010&wglinkid=264925
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
090dbba0b9af117640d424eccbf3fcaf3cee51f16dfe2fe1b630801284194c67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:32 GMT
Last-Modified
Mon, 03 Jan 2022 22:58:32 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 215C 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.73.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-126.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
83641
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 03 Jan 2022 01:40:00 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
51794
x-amz-cf-id
RN_UnUpGKexLIoAsm6zTkqNq6VmINkme25zAHS3d6adAnTnUSV78yw==
link.html
track.webgains.com/ Frame 215C 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid2wXU6fqfYGRuVHWHkt8tAJbHxSgt7JRagoneid__asuidKJAAkiS94Ptzr6Pwhwm8zXSb8wkRKVoeasuid__webplexmedia_advancedad_Desktop_300x250&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20352%2C161594%2C43784&b=R5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=QpKH4fdjU8PKTxH5HYt9CZZWSDT4TzPFV%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=160&d=600&e=TBn7grzerMTWf-6s7dGKKmufdwcE9vLj&g=501e55be075936b659995c2c9b391900%2F2351204975091930185&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1641250712556&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1km8d4kmt00tnpehtfgjm7ev29xgn9mz1cfhzeq0dr2227spcg5nfncqsbabwrysrs1frtadekp2haypr3f6w1fyaj89n8faqfhrnbe21qnkqbysfkjx3z4q52xbgyacxz3kw2b8ycmm64pgeg71qyg1928as2gnksyc7qwdj6ydbpdweahhzgwmncckdscvkxmdwh470kapgk706xp766zzjvxywxea73bkja04qdy4nzfj0tmpxmg5sx8bk7f2f45x03yg3jwpe0ndx8ag%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCRZ0xl3_TYffyKdyx3gP-lIroD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU2MTA2NDkxNDY2NzQzMDagAcKu6N0DyAEJqQJwcw7gJvOyPuACAKgDAaoEigJP0Hg9moQ1MXq1h7foJt3qh3lZ73MXXiYZKdI63CUNfDviyup39Yui3QAgfzvwZ0n1Y8_pX6FAOlmR8q6P6ui5HZ_CeF1m9yILqBppmZO3LAN3BBQ1Sfvh0FodnYvcDPoPky6Kl8AlhYzFXg7OMtbbJ34Ngft9evMExLlQURQ08fVGNPZWelzeGX-gQztDpjhhmJAr3myFnrsaqSNAK7GePJJnyKN5MpMFrZbSOKanQbIvXMJSPCaYM9-Xwf_yVEcmsA6CwXwt9paC9yH0SSoxNFIzyR9RNKNNHke8y9lrbgDSq_F7fGegQd79noMKAZU_ewrvebvsAHZ-AKlkctQOCSXRGwHNAvJRpOAEAYAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMzg2MDk1MjUzNDU2MDQ2-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3FhOhRi6w4F1E_r97bdD_S6n0W3w%252526client%25253Dca-pub-5610649146674306%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 22:58:33 GMT
Last-Modified
Mon, 03 Jan 2022 22:58:33 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 390C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTc2tIEEpolwk0SE0gU4JCxQUFY82RjOpqIDAEuJ5nTjBzA2d-Kv-Gh2KXqcUsFdCVt_AodpKlXgql2XA6YjOgtA&sig=Cg0ArKJSzO7mZxSBYGzoEAE&cid=CAASF-RoB7bHRxLay-T9RoBWhycH5pvYwHJP&id=lidar2&mcvt=1012&p=0,1290,600,1450&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=681918164&rs=4&la=0&cr=0&vs=4&r=v&rst=1641250711944&rpt=164&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5399 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.335,e2e.1509,fs.296,reqs.296,ress.335,rese.336&srt=40&e=&id=csi_pagead&gqid=&qqid=CLaaoa3XlvUCFdyYdwodfooC_Q&rt=lb.176,ol.1174
Requested by
Host: arsiv.sahadan.com
URL: http://arsiv.sahadan.com/Default.aspx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1766dc602ea4a12ffb424befef96d2c6d07564faf9f21370ef28d1c6a2d7c79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8496
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 03 Jan 2022 22:58:33 GMT
v1
ads.yahoo.com/cms/ Frame E420
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBA...
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXZAAR52-28-L0LH&sigv=1&esig=2~3ba9142c58d3d42b38891f2d178ac6361d00b4f7&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eX...
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXZAAR52-28-L0LH&sigv=1&esig=2~3ba9142c58d3d42b38891f2d178ac6361d00b4f7&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:33 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXZAAR52-28-L0LH&sigv=1&esig=2~3ba9142c58d3d42b38891f2d178ac6361d00b4f7&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
img
sync.mathtag.com/sync/ Frame E420 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:33 GMT
Server
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 03 Jan 2022 22:58:32 GMT
709414.gif
id.rlcdn.com/ Frame E420 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Jan 2022 22:58:33 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
tap.php
pixel.rubiconproject.com/ Frame E420
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEg...
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiC...
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1&put=CAESEDB7Oj0BTt3M7EL_o5tqgtE&google_cver=1
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
5daa34953a867809056448757b76591b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&gdpr=1&put=CAESEDB7Oj0BTt3M7EL_o5tqgtE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E420
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1haQUFSNTItMjgtTDBMSA==&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1haQUFSNTItMjgtTDBMSA==&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1haQUFSNTItMjgtTDBMSA==&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E420
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQg...
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQg...
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b5b39080-a2e9-4621-8d88-fd6e12cf552b&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhR...
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b5b39080-a2e9-4621-8d88-fd6e12cf552b&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&expires=30
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
5daa34953a867809056448757b76591b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b5b39080-a2e9-4621-8d88-fd6e12cf552b&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
607
pixel
cm.g.doubleclick.net/ Frame E420
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABB...
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcyY2Y1NmM1ODNkMzU5YjA0NDQ2ZDI1NTcwNjQyZmI5YWU4ZjhjZQ&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcyY2Y1NmM1ODNkMzU5YjA0NDQ2ZDI1NTcwNjQyZmI5YWU4ZjhjZQ&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcyY2Y1NmM1ODNkMzU5YjA0NDQ2ZDI1NTcwNjQyZmI5YWU4ZjhjZQ&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Z0C49VXX1dqhzIBxwwA04Mn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame E420
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQE...
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Z0C49VXX1dqhzIBxwwA04Mn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISI...
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/Z0C49VXX1dqhzIBxwwA04Mn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Protocol
H2
Server
2a05:d018:d29:3605:5da:b029:1b25:7ea6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:58:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

Location
https://pr-bh.ybp.yahoo.com/sync/rubicon/Z0C49VXX1dqhzIBxwwA04Mn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPSQvvmPSQvvm__AAA__DX-AAAAwVqv6fbpG34X03Pp_JkghGL6h8eXVQGAcDoBmQgsTByIIbg0kwhRom9AISIRgcABAZYJCAsgwQhCSkCHBEgIYIhiCGBgQBIBAgQEAABBDBBAAABgQgEBDACAEAQgggEIcAEA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B3F1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 03 Jan 2022 15:04:42 GMT
expires
Tue, 03 Jan 2023 15:04:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CC41 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b8acc3dfb082694b0dc2deadb6754dbc3f1cc095464b9ae3631d7ba944728ebf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4ua+kPDWPQdmDUelrOX+IA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 03 Jan 2022 22:58:33 GMT
date
Mon, 03 Jan 2022 22:58:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-4ua+kPDWPQdmDUelrOX+IA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=1547982108&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7...
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=1547982108&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1547982108&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.1874813665.1641250711.1641250711.1641250711.1&_utmz=140208355.1641250712.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1641250713364&_u=KQBCAEABAAAAAC~&jid=&gjid=&cid=1874813665.1641250711&tid=UA-241588-1&_gid=2144301582.1641250712&z=71092863
Protocol
H3
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 15:32:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26762
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j96&a=1547982108&t=event&_s=2&dl=http%3A%2F%2Farsiv.sahadan.com%2FDefault.aspx&ul=en-us&de=UTF-8&dt=Sahadan.com%20-%20iddaa%2C%20canl%C4%B1%20ma%C3%A7%20sonu%C3%A7lar%C4%B1%2C%20ma%C3%A7%20skorlar%C4%B1%2C%20puan%20durumu%2C%20spor%20haberleri%2C%20futbol%2C%20iddaa%20program%C4%B1%2C%20istatistikler%2C%20%C4%B0ddaa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Detect&ea=NotFound&el=div%20visible%20with%20attribute%3A%20zero_attr-clientWidth&ev=6&_utma=140208355.1874813665.1641250711.1641250711.1641250711.1&_utmz=140208355.1641250712.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1641250713364&_u=KQBCAEABAAAAAC~&jid=&gjid=&cid=1874813665.1641250711&tid=UA-241588-1&_gid=2144301582.1641250712&z=71092863
Non-Authoritative-Reason
HSTS
U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
pagead2.googlesyndication.com/bg/ Frame B3F1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 03:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13577
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 03:41:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CC41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=4339884962712339&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 207D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF4PR_HgN8FuumZH-HksA8CPbm_iK3ENTtBq3qHIJ7o9RmGChpCExNzn9fqgHDl2QPEYa070hoR-zre1sUQSDj3oo5u3A8bj1VoXJm&sai=AMfl-YQZu14L980-X4O-jmp9hNpoo7Rcp7EFiPUiNXVCvJJ5bRxnDWq5hvH26hcM_tKR_Pl79Nxp1cNINMv31Fz4wbS795XKY96uL01T35SIeXtmQKKY9tPK8RxwVN64NqI&sig=Cg0ArKJSzJbQX1XGcn6TEAE&cid=CAASFeRozkRxI5V7uIFJwpm2_ECoDdc5-w&id=lidar2&mcvt=1003&p=388,974,638,1274&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3494619969&rs=4&la=0&cr=0&vs=4&r=v&rst=1641250711635&rpt=813&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900015.redintelligence.net/ Frame BE4D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=89026200375653600757589011828015&a=4e683850&vb=v
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=89026200375653600757589011828015&a=f9696404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 22:58:33 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
tracking-event
api.webgains.io/ Frame BE4D 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hal900015.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Jan 2022 22:58:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hal900015.redintelligence.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 03 Jan 2022 22:58:33 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 215C 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Jan 2022 22:58:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 03 Jan 2022 22:58:33 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=4339884962712339&bg=!SkmlSQ3NAAZKWFskSlg7ACkAdvg8WgPrq_fRU3cWQwk416YOXwn2iUf1C6HPe7QATkMGfj7E8cY7ZgIAAAGGUgAAAAhoAQeZAqwuCvaNvANpFS2Fw2dhErH8sANvAcn_iNuYQhhAGPthizX1OJMfzO11c2I3ZN0bo1axrPizO6a4pcoM23ZHyJIyDiWN3SP4dgm-utAEp7UrwUooXAzv6Ptwvco79P0zTHllWzJFZcDM4P2WPuYlbEwBObgY0lx8CUDT56wWrBc_HWtjJDwAiHLJRd0usWZ7BgVMkYzCIc93cosSE4IVwCJIk-Iv3pJPBdRbgvJK2_K0QWvjxio0D0cYd047LEkqYv_7a_WcUuaCXSsLZY7Hv6PeD5R9b670ALKBeLFIozACAw54NMPBZKJi8fRflNwOByLE3dCeuR_vBe5x_c_SkEhVQnZT9A1iHTBgiHjpWtpPvfgYd8Mi2QG1T7Kh8scuCtS_SCYq2y4ZjqHTkUvqlAonOddhWu_PxFIWQ8eR2mJ91w6vHi0uayQBCmRsRORp689gng3PPoW-oC9T2k9CsDjGoPqBuxcN5xPH7xCBrub28H1GvOyAZVfqxrup_v-qXe70rjBOl7PYCMk78SWwL-PFmPDnTC0mPOn_dNkAZMmvmtOvGGp148150bxwErPiDyI_iSjSJDMoZpZC-CG2LettYGZfHcTXP1Yu2Uj2bLkjW5GH9-xzVcB1vJzBk4HoCz56pFqNpetnwnL3TRHTIN7LaPWQW3gEUnWJIbFCFZGLYhhtixNDbFxfqqLTGUczzFh5cDdSA-djSCPzwbwRHYBCeOxFY__JbtmUt1jxWV3MMZwBqOWI981suWtfv7itpBNQtWauAIfjqBCcQRSq8J6r12eWKL9prnb1aWL4EuCF4eB7KwMhSoJTiUaiZYkrG3edaO3bIUfyRQe8kGU1jVpQSH2qFfZaga8soH4dM3z47CNHwVTC6-XL34CNnWz2CCfDINUKbgpsFw4o-Hk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://arsiv.sahadan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 5399 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@52142524,5443039025267426308,100|1159|0|0|0|0|0|0|0||58|1|31|f5ad94a475a62b8b5bcb359236b231468d0955d8_1|1159||1|0|0|-oIkYeGDckji5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 5399 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=52142524&event=178&time=2&baid=50541931&name=Viewable%20impressions&imprid=5443039025267426308&icid=0&eData=evCcRhkywPe1exs2EkZjG9fB77aFYWClumjmAI-8sjxo4kOyoBiwbg2&rtbdata=wLCLH7Qx5BItcoKEM0VL7476ym7NIEljgeDAxWy9rsgf5PNl6HGOVaje0Y2w_vbMSjX5QGPyWYn4uf6b0djfb-ZnlvOqCbAn9b1r_ivO7-El8xvK_c-ftqUykxTt35aYu9QiePAH6JO5ORwtP4WqI8C9TGBfi-bEQycCk0pLcQ3vY_62RrtkV7k_9LrqvXsF6Nzm_LsoJ8ynWa4ggzrBdRWZ-isAxLH4hcLmOXPjuhAAUKcgkvmFrWE0KHBMf56jPpnLvINlvql_eeAKAYj1UovdTN9trICJXP5m27UeBIa02hrczxrC_Z3A9jIAdupbswLgU9SqEzahAuvJ93W9c3loU5_Pt-RIV3QhYBmYepHsXPCIrRbToVjtHEPMQt9sJrhyrIZ1nfiEWC8jj7Mo7DCGBCp5YOq1RStB_CAD72ftbdN7unfWxVfJr6defO_SuPQKSqhmM_sqHZ2FIwT8fzQepmQQCWG4vfCzB8a3cfdDTwcx3kyJK3Nyo6MxJZ0_4UFuhV40q881&rtbwp=6889CDF5D1A0ADDA&rnd=681649775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:33 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame 5399 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxDBN0HZ0vKw04l7GTBdAHOhrkatK4AOfMsXJvrbLIbgKnb9hnV3eI_JeFiSrrWsLXqQQ5NmxptvbPivbrWm_gsg&sig=Cg0ArKJSzLnwou1i7TIrEAE&cid=CAASF-RoXHU8RKOp6HAC0QX7zB0Rnoto0aY2&id=lidar2&mcvt=1000&p=0,150,604,310&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=890728524&rs=4&la=0&cr=0&vs=4&r=v&rst=1641250711938&rpt=1215&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 5399 		35 B
494 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@52142524,5443039025267426308,100|4658|0|0|0|0|0|0|0||233|1|31|f5ad94a475a62b8b5bcb359236b231468d0955d8_1|4658||1|0|0|-oIkYeGDckji5nP9TebYOumn3tQYot-A0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 22:58:37 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEKUXDfvDOr99uddDwH1jQDg&google_cver=1&google_push=AYg5qPKV-t7k3Q_d7BHh32nqsvaS8g2vinQf6yKE_7KAjtai2f8ZQ-Fn1OyVoZIjMw4CkyO8OA3-2AlM-9ov81loziDYeihubUzv

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| $ function| jQuery string| VERSION undefined| TEMPTROBJCOLOR undefined| TEMPTROBJ number| popupWidth function| HLon function| HLoff function| parseFloat2 function| putpoint function| replaceTurkish function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage function| openWin undefined| dateValid string| OK function| isDate function| validateNum function| isLeapYear function| PrevStandings_onclick function| Tc function| TcExchange function| MSc function| BBMSc function| BBTc function| BBStanding function| BBComp function| MScExchange function| Kc function| KcExchange function| OpenForum function| PDc function| Tahmin function| PDcExchange function| KPc function| replaceChars function| blinkIt function| getElementsById function| rgb2Hex function| IntToHex function| MakeHex function| getCookie function| setCookie function| __gid object| variables object| cookieVariables function| getValueWithQuote function| generateCookieString function| getGeneralCookie function| rollObj object| myRollObj function| cumulativeOffset function| relocateBanner function| openOddLink function| initDuelMatches function| StringBuilder function| popMatch function| popComparison function| popTeam function| popBasketTeam object| cookieVariablesX object| Medyanet_Display_Settings object| _0xf17a function| _0x449f function| _typeof undefined| ReklamUpArsivMackolikCom object| googletag number| stickyIsActive function| screenArea function| infiniteAds object| AdmostClient boolean| _cookieTest string| LOGO_PATH string| ICON_PATH string| IMG_PATH string| BTEAM_LOGO_PATH object| Mackolik object| tmp object| dimml object| ggeac object| google_js_reporting_queue object| _0x150d function| _0x5e59 undefined| ReklamUpInterstitial_v2 function| _amw1 undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal number| activeNewsPage boolean| boolSlideNews function| gotoNews boolean| has_panels boolean| has_filmstrip number| strip_size object| ampInaboxIframes object| ampInaboxPendingMessages function| atrk object| _atrk_opts boolean| _atrk_fired string| gaJsHost object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| _gat object| _gaq object| adblockDetector string| GoogleAnalyticsObject function| ga object| pageTracker string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| udm_ object| _comscore object| COMSCORE object| ns_p object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| google_tag_data object| gaplugins object| gaData object| expireTime number| begin number| end string| k number| google_global_correlator object| jQuery18202971224882695651 object| closure_lm_413195 object| GoogleGcLKhOms object| google_image_requests

61 Cookies

Domain/Path Name / Value
arsiv.sahadan.com/ Name: am_cookie_test
Value: true
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5Dl+M90+gew0zpBnnWNPYF/01ygLD6+uX6gDEPt0zy+Q/3DjSSA8QBaiC1pWk1uXyOxrOHf
.bluekai.com/ Name: bku
Value: UoD99Jjd6talcL6h
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmU8Z5wkPUjIZcnnfjCzvvdxuuVtI-kBkSTQqo14GAuh9C7WVXVPawVrq2ytPI
.sahadan.com/ Name: __asc
Value: d8c631fd17e222a685dd127d488
.sahadan.com/ Name: __auc
Value: d8c631fd17e222a685dd127d488
.adform.net/ Name: uid
Value: 5703802859155060687
.adform.net/ Name: TPC
Value: 1641250711648
.arsiv.sahadan.com/ Name: __utmc
Value: 140208355
.arsiv.sahadan.com/ Name: __utmz
Value: 140208355.1641250712.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.arsiv.sahadan.com/ Name: __utmt
Value: 1
.arsiv.sahadan.com/ Name: __utma
Value: 140208355.1874813665.1641250711.1641250711.1641250711.1
.arsiv.sahadan.com/ Name: __utmb
Value: 140208355.1.10.1641250712
.casalemedia.com/ Name: CMID
Value: YdN-l2IlIu05xDlYtyPWoQAA
.casalemedia.com/ Name: CMPS
Value: 3271
.scorecardresearch.com/ Name: UID
Value: 186PANFACRRRY3QCXQHAIYg1641250712
.casalemedia.com/ Name: CMPRO
Value: 1109
.adnxs.com/ Name: uuid2
Value: 2007689953071870848
.sahadan.com/ Name: __gads
Value: ID=71f8603b4cb315c3:T=1641250711:S=ALNI_MaRsy7nPvg9ULAfSvURK-g26tH5cw
.sahadan.com/ Name: _ga
Value: GA1.2.1874813665.1641250711
.sahadan.com/ Name: _gid
Value: GA1.2.2144301582.1641250712
.sahadan.com/ Name: _gat
Value: 1
.sahadan.com/ Name: __gfp_64b
Value: jGUR9QGdFXM8Yq94ovQyfq7xCwLAJWycFkYhHMIhT8T.v7|1641250711
.casalemedia.com/ Name: CMRUM3
Value: 2d61d37f982760CAESEHsCInjXQP0CDBFCTygzT3s
.casalemedia.com/ Name: CMST
Value: YdN-l2HTf5gA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVHmxDr=!]tbPl1M>e)ZlrFUfJ+tGXvWBNB$m6E^r2*cO7#._Yu9r<Ch2s_.zAzFHcA/*bpRz*qF1`*b_Kk**>3G
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: e736f2557c26d215
arsiv.sahadan.com/ Name: intdate
Value: 1641250712171
.hit.gemius.pl/ Name: Gtest
Value: KlSTxRMGQMQGQwOAhExfU3oissGMXP8c25nSGFJfCSSBXBG.
.bidswitch.net/ Name: tuuid
Value: 5d20b9f7-946a-4241-941d-b2e55d346044
.bidswitch.net/ Name: c
Value: 1641250712
.bidswitch.net/ Name: tuuid_lu
Value: 1641250712
.360yield.com/ Name: tuuid
Value: 8ca1b0f5-b12c-44aa-9942-9b3649f64544
.360yield.com/ Name: tuuid_lu
Value: 1641250712
.hit.gemius.pl/ Name: Gdyn
Value: KlQDFMaGQMQGQwOAhExfU3oissGMXP8c25nSGFJfCSSBFRxSG7RrGS6GkoiBFlM1YH8PlexaG0F6Sssa
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YdN-mAAC6gsQQgAm
.simpli.fi/ Name: suid
Value: 2FDDF01607EB4C1986802485E7F6BB75
.adsby.bidtheatre.com/ Name: __kuid
Value: 5c9b25e1-7b60-46db-8c4b-0c074bb5d0be.410464712
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A7C76D55-17C1-4681-8186-07A468D61F91
ads.avct.cloud/ Name: uuid
Value: 106ee5b3-e274-448a-9a9a-fc732e91f9c2
.adhigh.net/ Name: gi_u
Value: u6RezgrUf23M.AikABlF-IipsPA
.lead-alliance.net/ Name: ppv1225
Value: 2022010323583261432418281X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth
www.lead-alliance.net/ Name: PHPSESSID
Value: iickpl225anbcpjomopl5r2qrs
.lead-alliance.net/ Name: ppv1226
Value: 2022010323583261432418283X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1641250712808,"clickCookie":false}}
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0MTI1MDcxMnZsZWExZGUyMDIyMDEwMzIzNTgzMjYxNDMyNDE4MjgzWDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZFI1WGZnZjZRRlFHZEZrSHdIM3RRdGRkRGF3VHpUN2dzN29uZWlkX19hc3VpZFRCbjdncnplck1UV2YtNnM3ZEdLS211ZmR3Y0U5dkxqYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY3OQ
.o2online.de/ Name: nscQ485
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0MTI1MDcxMnZsZWExZGUyMDIyMDEwMzIzNTgzMjYxNDMyNDE4MjgxWDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZHBWRVUxZjhnZm1neDZha0g0SG10enRRUUtoZ1RSVDEyVUVvbmVpZF9fYXN1aWRUQm43Z3J6ZXJNVFdmLTZzN2RHS0ttdWZkd2NFOXZMamFzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTc2NjM
.blau.de/ Name: nscQ486
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022010323583261432418283X117679V1226132702MSoneidR5Xfgf6QFQGdFkHwH3tQtddDawTzT7gs7oneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022010323583261432418281X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuidTBn7grzerMTWf-6s7dGKKmufdwcE9vLjasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
.rubiconproject.com/ Name: khaos
Value: KXZAAR52-28-L0LH
.rlcdn.com/ Name: rlas3
Value: tn5LgG3ymUm+hG8J01+e83VASK1J7igLCWzDTmCYMSs=
.rlcdn.com/ Name: pxrc
Value: CAA=
.adsrvr.org/ Name: TDID
Value: b5b39080-a2e9-4621-8d88-fd6e12cf552b
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCMiXoJnTxac6EAUYBSABKAIyCwic8_bF6cWnOhAFOAE.
.yahoo.com/ Name: A3
Value: d=AQABBJl_02ECEGFXwxR-QCqSf_iVvLjWrVYFEgEBAQHR1GHdYQAAAAAA_eMAAA&S=AQAAAg568gJx26ZexeGxUSS-xw8
.rubiconproject.com/ Name: audit
Value: 1|Xw4fOFO78q1Y+eSVK5N1V/uYyo8vP77CSzthOROvQFSKJKlLrDxfhgr3MHhisvsmIsjAeuDcmJDLv0ZnN1+t0WpeS2MlTsz5tvacoCptBQ5aSvHTucKnAMJebP8onzHA9TDIfB9kYOubsd6GbyH18SYaVFKoq+22cxP3haczPthw5tYkJoE7yy2oxIZ+1Jn6IsqziRTFX6AiKTz4WH76qygVt0kgOw/7k7Hk/9jd1r0qoQTerpFsS5EmOqwXqCTFSIHEfhxHvVNCQwtFxvDBaa1yIooByDa6aVJZrD9+ffGgFerCuudLhaMKmjPPmgF/nnPYNIaOTfEgda+RwrVUDiaLH8fZ8QgFiQFSZ8QqE9SXQPbdky7czX6FMX49ELtxFGofg54VpZ7Fby6YnQkTIzsCpWrTb6LE8/DC6ik8zYjIEBUigHN0vv2g90aWRO4iL8iSHGrh3nc37yctpiwdYrUyB5I41YK9l0sKlVCpSmfTARsNMNPnCw6VeA7wj3vjp+lKXDpQyCi47hfoXn5jaiHb/y6qO1De3OlDu/ORdD8=

42 Console Messages

Source Level URL
Text
network error URL: http://b.cdn.md/admost/advertisement.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://is.cdn.md/i4/Css/jquery-autocomplete/jquery.autocomplete.css?v=3.295
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://b.cdn.md/admost/advertisement.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 33)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://go.admost.com/adx/js/admost.js?r=0.18929850186282504, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 33)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://go.admost.com/adx/js/admost.js?r=0.18929850186282504, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://is.cdn.md/i4/Css/jquery-autocomplete/jquery.autocomplete.css?v=3.295
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46730&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46730&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18834&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18834&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=38097&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=38097&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46727&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46727&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=49848&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=49848&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=34177&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=34177&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18833&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18833&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18830&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=18830&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46728&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46728&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 780)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 780)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 829)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://b.scorecardresearch.com/beacon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://arsiv.sahadan.com/Default.aspx(Line 829)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://b.scorecardresearch.com/beacon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=21376&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=21376&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46731&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=46731&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=29753&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=29753&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=26436&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=26436&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=51258&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://go.admost.com/adx/js/admost.js?r=0.18929850186282504
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://run.admost.com/adx/get.ashx?z=51258&accptck=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.493.0_tr.html#goog_1723647019
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEDqLPqxKDW7k5wa437TAoNA&google_cver=1&google_push=AYg5qPIeKGsI8p2sA-4E_8jT5gjrVRSnpZOF5j5XAGBzyArGl-Mn8ZHucpOGGctS-Pc9EbECrXn_JUqjhjpiB96TDQOxnpZGcuS-
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jKGw9bEsRKqZQps2SfZFRA&google_push=AYg5qPKsfUksy8nehelmF0sjXi57UBADMh49VK2jYPvbFEOWrDCuMXNPHPDmhERev04e7udme2dJB0SWEskXZjNr9kGTkwdsCZZC0g
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3ab2e4179e22bf8d2242d488833b2038.profile.mad51-c2.cloudfront.net
ad4m.at
ads.avct.cloud
ads.yahoo.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
arsiv.sahadan.com
as.ad4m.at
assets.ad4m.at
b.cdn.md
b.scorecardresearch.com
baltar.dimml.io
c.eu1.dyntrk.com
cc.adingo.jp
cdn.ampproject.org
cdn.dimml.io
cdn.eksiup.com
certify.alexametrics.com
cm.g.doubleclick.net
d31qbv1cthcecs.cloudfront.net
daa8196e9bff5d1d67f441c38e8c20b2.safeframe.googlesyndication.com
daznplayervod.daznservices.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gatr.hit.gemius.pl
go.admost.com
google2waycm.netmng.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900015.redintelligence.net
hm.cdn.md
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
images.performgroup.com
imasdk.googleapis.com
is.cdn.md
js.duhnet.tv
ls.hit.gemius.pl
match.adsby.bidtheatre.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel-sync.sitescout.com
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
px.adhigh.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
run.admost.com
s0.2mdn.net
s1.adform.net
sahadan.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
stats.g.doubleclick.net
str.hit.gemius.pl
sync-tm.everesttech.net
sync.adaptv.advertising.com
sync.mathtag.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.sahadan.com
www.telefonica-partner.de
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.215.191
104.117.200.100
13.224.193.44
13.224.193.92
13.225.73.126
13.225.73.22
13.225.73.71
138.201.135.164
138.201.63.117
142.250.181.226
142.250.185.98
146.59.30.104
151.101.66.49
159.65.197.210
169.50.137.184
178.33.196.208
18.157.214.75
18.182.119.142
185.29.132.245
185.33.223.38
185.64.190.78
193.232.148.140
195.244.61.20
2.16.186.99
2.18.232.159
2.18.234.21
212.102.38.47
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:3033::ac43:9ddd
2a00:1288:80:800::7001
2a00:1450:4001:803::200e
2a00:1450:4001:808::2006
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9c
2a02:26f0:6c00::210:ba13
2a02:6ea0:c700::11
2a02:fa8:8806:20::2010
2a05:d018:d29:3605:5da:b029:1b25:7ea6
2a0b:4d07:101::1
3.137.80.24
35.244.174.68
35.71.131.137
37.157.2.239
37.157.6.235
46.236.13.147
46.4.62.19
51.178.20.139
51.83.238.53
52.200.159.188
52.84.66.94
54.72.0.164
63.33.204.129
63.33.8.36
66.155.71.149
77.223.147.102
8.39.36.141
82.113.101.132
82.113.101.236
82.222.8.82
84.200.5.215
88.99.63.132
89.187.169.47
94.130.135.117
0133a3a8bad96c183d5fd19407b4cc471dcdd5eb0e81c5504c198ae5a04d6d40
02fbaaef3cb1a897e67239316624f87b042d5edb6741d761dc7ced9c0261b0ba
035d95292ab6d0c014436714df0f4b48aee304e4120c1aa2aaf09455eefeeb99
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
07577bae1c36962bf85149a3062cf83bcb108139919e856b308d95625c2c7b35
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
090dbba0b9af117640d424eccbf3fcaf3cee51f16dfe2fe1b630801284194c67
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cf2453617f4e4fb8414b5da9e8ec53747747926ca60ac7c8e469c3a0498a775
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0f8a4d97a095963b61bd36a104dfcb9243803ad501ae70aff945e7745b9cf065
11f438c16ff18db8b5a9dc4812c96dfbee68a411a8933f22a22748538dc12734
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14ee0390722dba1d6e95b766412095d436df22f30b83dfbb9cb38fde3cd72c95
153bd10bfdcb09b45a61621f8133985a0322660419b99891492a925be6da0e10
179e326a2c601b23bb7f228a47e41306d2993f0c5aa3a895202a371509c81491
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b8d1b7b7d440f0f56cc5168807ff05c3c5289eeeaeef71fc1f32fd5ec34bab2
1d176977b3638332fd52719f4d65df2dc8d414ef593986f03188e3f6150ec7c9
1da7f3e0939689b3a2a6f9d0dacc8d6ca680bd68f66e8026ddd5ce5b429b375e
1dbe5850f671cf92fe1d7b55226a830fbe4daba614bf6c6ceeca9e236326930f
1e2b3b135068bbdabcef19f4a0cf04512ff34f07fff5ead866c64f4a51232ca5
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1f03edc0fddabfcb872fbeeaffb3ea6528557ac10a6bcce97170a3cccc109def
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea
2c13be7e6baf352ce470ded3c4ea9a4689ab876b4c07fdbfe7d5b4fb1be05787
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dc309c3f0b8c6c40a519e542e1cfd0e85c97081265c86441365b3bc116188a1
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
313d5cbad55a31674c5451e2a961ab892e951ea7c59396ea5a89c944c9b029bd
3229bc954954c3bf1d9220694b018e12f11ccf0d0d338416f0801f349b1bab9c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
34667fc83e3f4d9ff6080d44c4fc4dd87e0d3a6a8d680dbd3adb05a73d99f590
34b058060611bd5f35141dd12d7c3ad985289014f91e919d7d003a1a568751d9
34ca250e3df40b4f4365b7c00d16433251e6e31a3f97263d2261057e0093f49b
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a5cb498e8726b93a9f9d3d03ab2dc65258e1f7406db13d960105ec0608de07
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3de0fb18ba18e6b868d1460f9a41f5278a356fde9c6e48568ee534eb53fca655
3dfb78d105e89ffe3359c30a219301b46640e01cb726e00693b9a1e745b678b8
3ea5f5e57bcdba2a5925058f077a3c016ac0c03d940a9866f82bddd5bf150dd2
3f4d07bf3f86bcebf856c5f1c223f3b437a50d7eb34223b241e0fa5c9b630535
3f71c7e1467e9bac745ba1f27ec773b77b04b551e3b48eae8447a14c43aefc0d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d
470a443ee74afbf35bb57940fb86363c100bc636753762a9a024e4f0780245fd
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495be5b4906fd6d23b811c042ef22072ba7c0223c8d2957a33fa6fb8162d7d7e
498a7548ebd71cced7c4de147421721d3a2adc351ffa90dbd9442c40a14a0ed2
4b052c9811085c9b2021b3a1bcc9b4c802fa74564003f5c8cc0181410c2bfc54
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4c6c992921fa7602fa0a66a6d93519e08acdd55cb9e1c5a08019b17f97ee737c
4d51ea99e313dbc6911695892cac8ce386c91584e25465345c0f37dfa1a69edf
4ec12baf6cba1184f734c98640a42cd7a3208c2edf5871231eb6c3a58a021520
4f64f8e57fceff16ab30429262845ed261ba56e666ee48dd8c0f0616eefd0702
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50899151d35612d8c6cb1e77706ac4d7fa330238b238d73e978acadc6bffde1c
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
5310c87e9ce0788a6f31bc256bc44f08abe5c63a5773bd9bcae74bbe4f6deb80
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53ef9e8412836d3dce42ef6d118d1f55a593d35c8af0771d33e3419177e59253
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c0349b745b2c91beafd1092ae016282a01663d79440a718448bd1052ecc8858
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5fa3b6750d479cfa0cef0ca5d9cc2376669159583f50693d2e1b9692a9d98fe4
60a2578b7373c7db3149c8f6422c3a48e8d12351d823b1d13b64617f563575ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
649921158bff9c8e585017918ae84723c72b6d0259443374bcee1edfc2a4bf4c
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
731b0cf164b6d1cc5c15f70c7a04757865357116ea6a96b8daef5dc6df586b3d
75eec04a806a6a020174b58dbdd0628b16afe1b2fb44447f36734d7716a00a54
7a5bb4117307afeabae8a8361b33d075573b7f28f81f3e0ddc7268df37d3f89a
7d0faca785be135eeeaee5cd2ba681e5ababa983819df716a01acfe8c67f26e5
8066766856cfcc5281e074f9b30a3798ad99b17b8b23f61fdee10fa5f42165df
82577dee021cf0e24acd092be1c4e0f938c358a84be415702fd59653e04455f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8853e974d661a5636217c397d87dd0c3c3c67390b67f0924136430125ea8e933
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e3cb18eb042ed23ae297ff7473b0c18cbea28eb132886a0948eba41a199c74c
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
939d66e4a7a0900a22dbf062c990e4419d1a5433f9e2696d95361273b88e2991
93eb531af2c91ff08294a04ae8f7add5ec5e17fcbdeab809ebb364681106a96e
96c0598f9fe9df975d595a6ba24ebff8c1bd6fe14902dd37b2ebb639daedf5bf
982282ae3a90f29e236f838051817d7a6e0184c8812e926317c6c2bd2ba170f9
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d312140f3532b29659e3b5c2eb94ff9d7d5f09376b21993c5909442eece0067
9e0475bc6b5858f1d4d16178f48f9993fc45ecd976c9c147330ed300fc220c51
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1766dc602ea4a12ffb424befef96d2c6d07564faf9f21370ef28d1c6a2d7c79
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a30e7f3239b07a4811f6c77a5c62fc5b5774033f099783db947047cd0a0ef113
a314bd0381551764a32150f16251feccf4184b14859eadec2e06cb0d35d4681e
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a70adfd204147a2e7ea2192469eaafab0935574bf3d535fab591884292e1f16f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81cecefe8865615fe3e4c8858e69f1d92f4cff8a56095d2c57bdfb61fb07439
aa2cb8a5241d24ae98bad193afc76ca3b5437f2d95c62c7c49dbdc9ad6a2fac9
aa7369bd67dcdcdbaf5ba74d1c61fa7f283d798fa638981d76a04012722767a0
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b129af6091372028a8296486a045bc665544c6ba26ee655c17307d3009499a06
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e317fcc235bda88e1e27bb47371a98d7e9cca8b2ea9d686da89dce1eb94e66
b3f2e69fff634830a400c124c00dd5c97f023d6154a03aa9ec9a5eb690c9f196
b4a7ef9af3af11bb37d635bfed849032d26ef1cd51095cff7e664fcddf9e114c
b8acc3dfb082694b0dc2deadb6754dbc3f1cc095464b9ae3631d7ba944728ebf
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bcff12265914473540611183c9bdf4625a7b13f1fe91270381319630f620857c
bd38f4235270d65eee736f3e6d35dba3630db657037155e0bda45180556a3fac
be1f768f39d33afaed688506ccdd62fbd1cb9d51ef1be362d451d430098c75b8
c21a3f821b4d312076f3a473f9e741b53658761b5f0886873e12039eb5190cbe
c242481843389360649c10f0c781f5956e5274b9cfd7ca7a52cdef7dfef0f113
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c582ef349c1cc16471a86d96735d6640c93a471bfd2e708534609e37dcc25cac
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9f87658a7b94edb8cfb9d5a4eac38e02356f844c196f3ae616af4874b677acd
cb3b4de95116371c7ee87e5308c5d0d635a39d38af23eb0f45aa77dfecd03409
cbb6c5966181e607c1589c627520e91b6cae691d6e38316edf720dfa42581e4d
ccb4258439d8804f48eed11c830eeb2f15e89be31580d1ec36056aadef87d8dc
cecaa3c6afa068e141ee4972e5449634fb581b3447bfa6169d3c038d2450a5e8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d48a8523a020f68bd098702ae2c51a8382044138f2a881d7993f844225418221
d4d1a45557a6138021838c921bdf04bad726ccef7cbc3732c44aa7026c7d17c2
d93e17588f48e21f0f1e47e57d6019e748b2b5625796708ccf7767ddc7c9db70
d9717d1dd967ab5e2e1b5bd14057443dd50939780aaac1b0b2623a4e4a60d95f
da9464ece3c706a854b59ec1c0524bfd0a447a486097391f70b9607b27be028f
dd58de3902c15d409f0eea272f2d273b3565c7ec1d45fe02e102eb95d4799def
de43d91c56349c70269b3be1dde83c43ecb0a6c351c99aed11434ae7ede44d29
ded1d9b7817a8247c96877fb6bfef1f651d94018cc4df64f298209867a4307e9
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3117acbfa076ed23967bb05724bf73bc9cf6c64d009a1d74b3a309a1f356395
e352064b386edf7819f2e4a18303859a9c85e1c5b0f24142ed8ed874ec8df0ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444291a8eb00c0786a77e8b783c318b2d77db35e6715aff504a46d8e64b3335
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e46f1ab48cc551d62ff6ff0685e88aba6d7dd50f0a7058d0780c2b9a024fe409
e4bc697496bb350dee2dd90f94e8454e52a371f64121a5565f0a54652a0716e5
e62af54a296f56631510f41fe04abc6fdb1b703d6e2968a50a6741c5aac93ea0
e88b0bfb1a5b2f07eef2b4883fc4ed247384926620e3dbdd529da24bb66fa40a
e9ef8c5630768eac23544ef13c37e2158f1508b43657a11f482c6dbdf2ffad79
ea3273964fd64f1966a84354ec26014e38f1f725f5dcec8a5777f63e7531d430
ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449
ec56b2a59262e7489dfdeb863840fbf779478550f423b3cb9b4a9047342da21b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2404449674744c9dd2c7d80b12f9f2d51ca217855ee0f96d0f6948cb21ab7cc
f2645e770f595032c42715c6cc1ebda7cef04e1bf2faadea2b8d5686b34042b1
f48277bac80c392db5df54ce8ece3e8250b505d37555a1848cdbe63b5224df26
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f82d1328ae32a1a43d2c4e33412ce43d84a6c0c8b4dc7ccf3837828caf24e107
f855c360bb218603ea7521114a929494daa11227c101bbffa1f667d4fd406028
f8be2b29dda37f54a8496ead2f868146c46258db3f4af9ba4833d1c4f3e91fa0
f8c438d279c6bd38c07d7713ec638668b54cbb2b2e55d01e3a7ba28f144365ee
fddc433f7cc747ef4fe82c66486feb8783af32e11f590cf4bb46708b8ec05418
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914