bmedyagrup.com Open in urlscan Pro
160.153.137.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bmedyagrup.com/
Submission: On January 28 via automatic, source urlhaus (January 28th 2020, 5:47:48 pm UTC)

Summary HTTP 149 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 43 IPs in 11 countries across 40 domains to perform 149 HTTP transactions. The main IP is 160.153.137.99, located in Scottsdale, United States and belongs to GODADDY-AMS, DE. The main domain is bmedyagrup.com.

This is the only time bmedyagrup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	160.153.137.99 160.153.137.99	21501 (GODADDY-AMS) (GODADDY-AMS)
49 100	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
5	2a02:26b0:800... 2a02:26b0:8000:29::1:c	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	2600:9000:214... 2600:9000:214f:d800:1c:4bbb:9180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.101.80.192 46.101.80.192	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.82.112.92 104.82.112.92	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
6	146.185.142.91 146.185.142.91	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
2 2	52.58.102.227 52.58.102.227	16509 (AMAZON-02) (AMAZON-02)
1 1	35.157.107.235 35.157.107.235	16509 (AMAZON-02) (AMAZON-02)
1 2	52.28.211.49 52.28.211.49	16509 (AMAZON-02) (AMAZON-02)
5	138.68.105.0 138.68.105.0	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4 6	185.33.223.197 185.33.223.197	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1 1	46.101.136.217 46.101.136.217	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
4 4	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1	143.204.214.54 143.204.214.54	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26b0:800... 2a02:26b0:8000:29::1:1e	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1 10	2a02:26b0:800... 2a02:26b0:8000:29::1:5a	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	52.56.239.183 52.56.239.183	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
3	104.16.53.4 104.16.53.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	52.213.151.76 52.213.151.76	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.16.91.60 104.16.91.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.197.186.95 18.197.186.95	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:3800:19:2cf2:a900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	143.204.214.70 143.204.214.70	16509 (AMAZON-02) (AMAZON-02)
1	96.46.176.147 96.46.176.147	7979 (SERVERS) (SERVERS)
2	52.54.101.83 52.54.101.83	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.214.95 143.204.214.95	16509 (AMAZON-02) (AMAZON-02)
2	143.204.214.116 143.204.214.116	16509 (AMAZON-02) (AMAZON-02)
1	188.132.227.42 188.132.227.42	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	2a02:26b0:800... 2a02:26b0:8000:29::1:21	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a02:26b0:800... 2a02:26b0:8000:29::1:15	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	95.100.73.41 95.100.73.41	16625 (AKAMAI-AS) (AKAMAI-AS)
149	43

1 160.153.137.99 (Scottsdale, United States)

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-137-99.ip.secureserver.net

bmedyagrup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

100 2a02:fe80:1010::16 (United Kingdom) 49 redirects

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26b0:8000:29::1:c (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

cdn2.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:d800:1c:4bbb:9180:93a1 (United States)

ASN16509 (AMAZON-02, US)

adserver.reklamstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.101.80.192 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

lessbuttons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.82.112.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-82-112-92.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.185.142.91 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.rekmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.102.227 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-102-227.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.107.235 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-107-235.eu-central-1.compute.amazonaws.com

bsw.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.211.49 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-211-49.eu-central-1.compute.amazonaws.com

aws-fr-sync.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.68.105.0 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: com.reklamstore.bank.v3.lb0

bank.reklamstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.223.197 (Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.251 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.101.136.217 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: com.reklamselfie.iq

iq.reklamselfie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.70.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-54.fra53.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26b0:8000:29::1:1e (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

admatic.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26b0:8000:29::1:5a (Turkey) 1 redirects

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

ads4.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.56.239.183 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-239-183.eu-west-2.compute.amazonaws.com

spadsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.4 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.213.151.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.91.60 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.186.95 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-186-95.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:3800:19:2cf2:a900:93a1 (United States)

ASN16509 (AMAZON-02, US)

currency.prebid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-70.fra53.r.cloudfront.net

adimg.rekmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.176.147 (Dallas, United States)

ASN7979 (SERVERS, US)

api.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.101.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-101-83.compute-1.amazonaws.com

www.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-95.fra53.r.cloudfront.net

img2.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-116.fra53.r.cloudfront.net

img5.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img4.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.132.227.42 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-42-227-132-188.sadecehosting.net

cdn5.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26b0:8000:29::1:21 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

ads5.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26b0:8000:29::1:15 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

cdn6.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.73.41 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-73-41.deploy.static.akamaitechnologies.com

img.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	secureservercdn.net 49 redirects secureservercdn.net	2 MB
19	admatic.com.tr 1 redirects cdn2.admatic.com.tr ads4.admatic.com.tr cdn5.admatic.com.tr ads5.admatic.com.tr cdn6.admatic.com.tr	669 KB
12	cpx.to p.cpx.to s.cpx.to	12 KB
8	rekmob.com ads.rekmob.com adimg.rekmob.com	8 KB
6	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	5 KB
6	doubleclick.net 4 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	1 KB
6	reklamstore.com adserver.reklamstore.com bank.reklamstore.com	59 KB
5	zergnet.com www.zergnet.com img2.zergnet.com img5.zergnet.com img4.zergnet.com	62 KB
5	bidswitch.net 4 redirects x.bidswitch.net aws-fr-sync.bidswitch.net pool.grid-data.bidswitch.net	3 KB
5	gstatic.com fonts.gstatic.com	60 KB
4	pubmatic.com 4 redirects image2.pubmatic.com	2 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	124 KB
3	yabidos.com pixel.yabidos.com	25 KB
3	eyeota.net 1 redirects ps.eyeota.net	2 KB
3	adform.net 1 redirects adx.adform.net dmp.adform.net	1 KB
2	secureserver.net 1 redirects img.secureserver.net	2 KB
2	yandex.ru 1 redirects mc.yandex.ru	2 KB
2	prebid.org currency.prebid.org	3 KB
2	truoptik.com 2 redirects dmp.truoptik.com	1 KB
2	glotgrx.com pre.glotgrx.com	1 KB
2	creativecdn.com prebid-eu.creativecdn.com	398 B
2	googletagmanager.com 1 redirects www.googletagmanager.com	21 KB
2	criteo.net static.criteo.net	45 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	googlesyndication.com pagead2.googlesyndication.com	120 KB
1	w.org s.w.org	457 B
1	mgid.com api.mgid.com	107 B
1	criteo.com bidder.criteo.com	143 B
1	facebook.com graph.facebook.com	529 B
1	spadsync.com spadsync.com	291 B
1	consensu.org admatic.mgr.consensu.org	605 B
1	reklamselfie.com 1 redirects iq.reklamselfie.com	215 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	778 B
1	google.de adservice.google.de	778 B
1	digitru.st 1 redirects bsw.digitru.st	558 B
1	wsimg.com img1.wsimg.com	5 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	lessbuttons.com lessbuttons.com	4 KB
1	bmedyagrup.com bmedyagrup.com	17 KB
149	40

	Domain	Requested by
100	secureservercdn.net	49 redirects bmedyagrup.com
11	s.cpx.to	p.cpx.to bmedyagrup.com
10	ads4.admatic.com.tr	1 redirects cdn2.admatic.com.tr cdn5.admatic.com.tr
6	ads.rekmob.com	adserver.reklamstore.com bmedyagrup.com
5	bank.reklamstore.com	adserver.reklamstore.com bmedyagrup.com bank.reklamstore.com
5	fonts.gstatic.com	bmedyagrup.com
5	cdn2.admatic.com.tr	bmedyagrup.com cdn2.admatic.com.tr www.googletagservices.com ads4.admatic.com.tr
4	image2.pubmatic.com	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	2 redirects adserver.reklamstore.com
3	pixel.yabidos.com	adserver.reklamstore.com pixel.yabidos.com
3	ps.eyeota.net	1 redirects bmedyagrup.com ps.eyeota.net
2	img.secureserver.net	1 redirects
2	cdn6.admatic.com.tr	bmedyagrup.com
2	www.zergnet.com	adserver.reklamstore.com www.zergnet.com
2	adimg.rekmob.com	bmedyagrup.com
2	mc.yandex.ru	1 redirects bmedyagrup.com
2	currency.prebid.org	cdn2.admatic.com.tr
2	secure.adnxs.com	2 redirects
2	dmp.truoptik.com	2 redirects
2	pre.glotgrx.com	bmedyagrup.com
2	adx.adform.net	1 redirects bmedyagrup.com
2	prebid-eu.creativecdn.com	adserver.reklamstore.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	aws-fr-sync.bidswitch.net	1 redirects bmedyagrup.com
2	x.bidswitch.net	2 redirects
2	www.googletagmanager.com	1 redirects bmedyagrup.com
2	static.criteo.net	adserver.reklamstore.com cdn2.admatic.com.tr
2	pagead2.googlesyndication.com	bmedyagrup.com pagead2.googlesyndication.com
2	fonts.googleapis.com	bmedyagrup.com www.zergnet.com
1	pixel.wp.com	bmedyagrup.com
1	s.w.org	bmedyagrup.com
1	ads5.admatic.com.tr	ads4.admatic.com.tr
1	cdn5.admatic.com.tr	cdn2.admatic.com.tr
1	img4.zergnet.com	bmedyagrup.com
1	img5.zergnet.com	bmedyagrup.com
1	img2.zergnet.com	bmedyagrup.com
1	api.mgid.com	ajax.googleapis.com
1	ajax.googleapis.com	adserver.reklamstore.com
1	bidder.criteo.com	cdn2.admatic.com.tr
1	pool.grid-data.bidswitch.net	1 redirects
1	graph.facebook.com	lessbuttons.com
1	spadsync.com	cdn2.admatic.com.tr
1	admatic.mgr.consensu.org	cdn2.admatic.com.tr
1	p.cpx.to	bank.reklamstore.com
1	dmp.adform.net	bank.reklamstore.com
1	iq.reklamselfie.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	bsw.digitru.st	1 redirects
1	imasdk.googleapis.com	adserver.reklamstore.com
1	img1.wsimg.com	bmedyagrup.com
1	stats.wp.com	bmedyagrup.com
1	cdn.onesignal.com	bmedyagrup.com
1	lessbuttons.com	bmedyagrup.com
1	adserver.reklamstore.com	bmedyagrup.com
1	bmedyagrup.com
149	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
thttps
www.instagram.com
twitter.com
www.youtube.com
www.imonthemes.com

Subject Issuer	Validity	Valid
secureservercdn.net Let's Encrypt Authority X3	`2019-12-03` - `2020-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
lessbuttons.com Let's Encrypt Authority X3	`2019-12-15` - `2020-03-14`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2018-09-25` - `2020-09-25`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.reklamstore.com COMODO RSA Domain Validation Secure Server CA	`2017-09-08` - `2020-09-07`	3 years	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2019-12-02` - `2020-03-01`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
ads4.admatic.com.tr Let's Encrypt Authority X3	`2020-01-13` - `2020-04-12`	3 months	crt.sh
spadsync.com Go Daddy Secure Certificate Authority - G2	`2019-05-09` - `2021-05-09`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.yabidos.com Go Daddy Secure Certificate Authority - G2	`2019-05-19` - `2020-07-18`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.prebid.org Amazon	`2019-09-27` - `2020-10-27`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2019-09-13` - `2020-11-12`	a year	crt.sh
www.zergnet.com Go Daddy Secure Certificate Authority - G2	`2019-05-24` - `2021-07-13`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.zergnet.com Amazon	`2019-05-24` - `2020-06-24`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
cdn5.admatic.com.tr Let's Encrypt Authority X3	`2020-01-14` - `2020-04-13`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2019-10-22` - `2021-10-22`	2 years	crt.sh

This page contains 10 frames:

Primary Page: http://bmedyagrup.com/
Frame ID: FB8E7CC683D59DF173616FB7E288B5F8
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200123/r20190131/zrt_lookup.html
Frame ID: 4DB8D7084C094F8722EF890DBEEF6123
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7453040142644558&output=html&adk=3046330955&adf=2044148826&lmt=1580233637&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fbmedyagrup.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580233637854&bpp=12&bdt=5223&fdt=109&idt=109&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2695872456956&frm=20&pv=2&ga_vid=1888565964.1580233638&ga_sid=1580233638&ga_hid=1183634734&ga_fc=0&iag=0&icsg=562949995372544&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=26835106&oid=3&pvsid=2388445242632022&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=125
Frame ID: 8429EF88BFD3F83FF8925610C6858907
Requests: 1 HTTP requests in this frame

Frame: https://ads4.admatic.com.tr/showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?8651
Frame ID: 99E8C61A9613D06F559EA7AE8ED084D9
Requests: 1 HTTP requests in this frame

Frame: https://ads4.admatic.com.tr/showad/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/0?domain=bmedyagrup.com&ts=1580233638069&url=http%3A%2F%2Fbmedyagrup.com%2F&kFilter=0&pid=c832396a-b956-43f1-b99f-9827aab85d83&bn=Chrome&bmv=79&os=Mac%20OS&dfjs=1&smartpipe=adc722c4-42c7-40e6-9d8a-4db9d857ba186a7e
Frame ID: 525B03E2D326A70E26664B576CB851AF
Requests: 14 HTTP requests in this frame

Frame: https://ads4.admatic.com.tr/showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?6295
Frame ID: B73FCEC4E6B57CC9351974C809329CF8
Requests: 1 HTTP requests in this frame

Frame: https://ads4.admatic.com.tr/showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?4327
Frame ID: C8C166B48FFA3D947F9224573AAE77E7
Requests: 1 HTTP requests in this frame

Frame: http://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Frame ID: BA2D58FD7AE4060A19BAC5923495358C
Requests: 5 HTTP requests in this frame

Frame: https://www.zergnet.com/zerg.js?id=79052
Frame ID: F7263DB3CE95F29BD48EF15B5354CD0F
Requests: 9 HTTP requests in this frame

Frame: https://ads4.admatic.com.tr/showad/px/ums/sync/html
Frame ID: 1649DAECA09C0CFE6738784CB5DAAFC6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

149
Requests

75 %
HTTPS

36 %
IPv6

40
Domains

58
Subdomains

43
IPs

11
Countries

3227 kB
Transfer

5483 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/buyukarslanmedya-113121740234955/?__tn__=%2Cd%2CP-R&eid=ARBakLOsA3j05A3X1h6sFn-P7cjnu-GHus4UCURnC_Y85bLhna9vVunV7gCKeWJfsdbbXLjw1evNuje1
Title: facebook

Search URL Search Domain Scan URL

URL: https://thttps//www.youtube.com/channel/UCQ4UQxRk4Ck_OfqEd1Oir9w?view_as=subscriberwitter.com/
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/buyukarslanmedya/
Title: instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/BykarslanMedya1
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQ4UQxRk4Ck_OfqEd1Oir9w?view_as=subscriber
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.imonthemes.com/
Title: Theme by Imon Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2&time=1580219619

Request Chain 1

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2&time=1580219619

Request Chain 2

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/blocks.style.build.css?ver=1.20.1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/blocks.style.build.css?ver=1.20.1&time=1580219619

Request Chain 3

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dashicons.min.css?ver=5.3.2&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dashicons.min.css?ver=5.3.2&time=1580219619

Request Chain 4

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.5.10&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.5.10&time=1580219619

Request Chain 5

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.1&time=1580219619

Request Chain 6

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0&time=1580219619

Request Chain 7

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1&time=1580219619

Request Chain 9

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/style.css?ver=1.1.0&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/style.css?ver=1.1.0&time=1580219619

Request Chain 10

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20191207&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20191207&time=1580219619

Request Chain 11

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1&time=1580219619

Request Chain 12

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406&time=1580219619

Request Chain 13

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/inc/kirki/assets/css/kirki-styles.css?ver=3.0.35.3&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/inc/kirki/assets/css/kirki-styles.css?ver=3.0.35.3&time=1580219619

Request Chain 14

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.1.1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.1.1&time=1580219619

Request Chain 15

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1580219619

Request Chain 16

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1580219619

Request Chain 17

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1&time=1580219619

Request Chain 18

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1&time=1580219619

Request Chain 19

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2&time=1580219619

Request Chain 20

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/cropped-asdsadsad-1-6-2048x79.png HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/cropped-asdsadsad-1-6-2048x79.png

Request Chain 21

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-428x400.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-428x400.jpg

Request Chain 22

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-428x400.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-428x400.jpg

Request Chain 23

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-428x400.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-428x400.jpg

Request Chain 24

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg

Request Chain 25

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg

Request Chain 26

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-2048x1365.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-2048x1365.jpg

Request Chain 27

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76.jpg

Request Chain 28

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458.jpg

Request Chain 29

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha.jpg

Request Chain 30

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2.jpg

Request Chain 33

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-600x300.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-600x300.jpg

Request Chain 34

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-600x300.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-600x300.jpg

Request Chain 35

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-600x300.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-600x300.jpg

Request Chain 36

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458-600x300.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458-600x300.jpg

Request Chain 37

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-600x300.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-600x300.jpg

Request Chain 38

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2-600x300.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2-600x300.jpg

Request Chain 40

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/EPFBVYLXkAEHYn7-1200x600.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/EPFBVYLXkAEHYn7-1200x600.jpg

Request Chain 41

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/3363e0e8-1ef8-c812-b336-8ea1bccda625.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/3363e0e8-1ef8-c812-b336-8ea1bccda625.jpg

Request Chain 42

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-880x600.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-880x600.jpg

Request Chain 43

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-110x85.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-110x85.jpg

Request Chain 44

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-110x85.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-110x85.jpg

Request Chain 45

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76-110x85.jpg HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76-110x85.jpg

Request Chain 46

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/kill-adblock//images/logo.png HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/kill-adblock//images/logo.png

Request Chain 48

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/js/vendors/slick.min.js?ver=1.20.1&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/js/vendors/slick.min.js?ver=1.20.1&time=1580219619

Request Chain 49

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209&time=1580219619

Request Chain 50

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.3.2&time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.3.2&time=1580219619

Request Chain 54

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg?time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg?time=1580219619

Request Chain 55

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg?time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg?time=1580219619

Request Chain 56

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-scaled.jpg?time=1580219619 HTTP 301
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-scaled.jpg?time=1580219619

Request Chain 64

http://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer

Request Chain 65

http://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
http://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
http://bsw.digitru.st/syncx?ssp=reklamstore HTTP 302
http://aws-fr-sync.bidswitch.net/sync?ssp=reklamstore&bsw_own_uuid= HTTP 302
http://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=reklamstore&bsw_own_uuid=

Request Chain 78

https://adx.adform.net/adx/?rp=4&bWlkPTc1OTU5Nw%3D%3D&callback=adf__EfM6qqczTje8kxvXWY2T HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTc1OTU5Nw%3D%3D&callback=adf__EfM6qqczTje8kxvXWY2T

Request Chain 83

http://iq.reklamselfie.com/585ce73218044 HTTP 302
https://bank.reklamstore.com/rs.js

Request Chain 84

http://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e3073a5d940b HTTP 302
https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e3073a5d940b

Request Chain 85

http://ib.adnxs.com/getuid?http://bank.reklamstore.com/anx.php?uid=$UID HTTP 302
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fbank.reklamstore.com%2Fanx.php%3Fuid%3D%24UID HTTP 302
http://bank.reklamstore.com/anx.php?uid=9137790523209796744

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm=&google_tc= HTTP 302
https://bank.reklamstore.com/adx.php?google_gid=CAESEHu9-N__OQPtsKUZrwWoSI8&google_cver=1

Request Chain 107

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd01c9d44-39a2-454b-ac20-5881bfcb7489 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd01c9d44-39a2-454b-ac20-5881bfcb7489 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D389D638-DABB-4497-B5FE-20E58D2006DC&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&google_gid=CAESEF64Kjke1tn3VaAIIzWEVlM&google_cver=1

Request Chain 109

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&fck=997c09d73d59d17&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=88493d66492b0c59bb6e000766f9b5aa&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&dsp=TRUOPTIK&fck=997c09d73d59d17

Request Chain 110

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D10%26fid%3Dd01c9d44-39a2-454b-ac20-5881bfcb7489 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=9137790523209796744&pid=12475&ref=&hn_ver=10&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489

Request Chain 111

https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
https://s.cpx.to/sync?dsp_uid=1e2da026-165a-4856-9e55-7e8229a97d3a&dsp=BIDSWITCH

Request Chain 112

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&fck=997c1efe5390255&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=a19143857fcc3e8226ebe901585f4bc5&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&dsp=TRUOPTIK&fck=997c1efe5390255

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&google_gid=CAESEF64Kjke1tn3VaAIIzWEVlM&google_cver=1

Request Chain 114

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D69eccee5-6e4f-428e-992a-317ce6d17f5c HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D69eccee5-6e4f-428e-992a-317ce6d17f5c HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5B62A04D-6FAB-412E-9CC2-E7D92557D9A8&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c

Request Chain 115

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D10%26fid%3D69eccee5-6e4f-428e-992a-317ce6d17f5c HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=9137790523209796744&pid=12475&ref=&hn_ver=10&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c

Request Chain 124

https://mc.yandex.ru/watch/51950195 HTTP 302
https://mc.yandex.ru/watch/51950195/1

Request Chain 144

https://ads4.admatic.com.tr/prebid/static/usersync/v3/async_usersync.html HTTP 302
https://ads4.admatic.com.tr/showad/px/ums/sync/html

Request Chain 147

http://img.secureserver.net/t/1/tl/event?cts=1580233653155&tce=1580233632598&tcs=1580233632586&tdc=1580233652902&tdclee=1580233647897&tdcles=1580233647842&tdi=1580233647842&tdl=1580233632632&tdle=1580233632586&tdls=1580233632566&tfs=1580233632566&tns=1580233632566&trqs=1580233632598&tre=1580233632643&trps=1580233632629&tles=1580233652902&tlee=1580233652954&ht=perf&dh=bmedyagrup.com&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&vci=675189238&cv=1.0.6&z=2036302964&vg=2295a9b5-3155-49bb-a74a-0fbe166d243b&vtg=2295a9b5-3155-49bb-a74a-0fbe166d243b&ap=wpaas&trfd=%7B%22cts%22%3A1580233647842%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22n3nlwpwebof002.prod.ams3.secureserver.net%22%2C%22xid%22%3A%2243098897%22%2C%22wp%22%3A%225.3.2%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%7D&dp=%2F HTTP 301
https://img.secureserver.net/t/1/tl/event?cts=1580233653155&tce=1580233632598&tcs=1580233632586&tdc=1580233652902&tdclee=1580233647897&tdcles=1580233647842&tdi=1580233647842&tdl=1580233632632&tdle=1580233632586&tdls=1580233632566&tfs=1580233632566&tns=1580233632566&trqs=1580233632598&tre=1580233632643&trps=1580233632629&tles=1580233652902&tlee=1580233652954&ht=perf&dh=bmedyagrup.com&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&vci=675189238&cv=1.0.6&z=2036302964&vg=2295a9b5-3155-49bb-a74a-0fbe166d243b&vtg=2295a9b5-3155-49bb-a74a-0fbe166d243b&ap=wpaas&trfd=%7B%22cts%22%3A1580233647842%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22n3nlwpwebof002.prod.ams3.secureserver.net%22%2C%22xid%22%3A%2243098897%22%2C%22wp%22%3A%225.3.2%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%7D&dp=%2F

149 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bmedyagrup.com/ 104 KB
17 KB 64ms
32ms Document
text/html 160.153.137.99
GODADDY-AMS

General

Check archive.org

Show headers Download Go to

Full URL

http://bmedyagrup.com/

Protocol

HTTP/1.1

Server

160.153.137.99 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),

Reverse DNS

ip-160-153-137-99.ip.secureserver.net

Software

Resource Hash

558b5e50ac5b68c9bf625b3b9d98463f8d98cc71cb34a5e680e70566672adc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: bmedyagrup.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=UTF-8
X-Cacheable: YES:Forced
Content-Length: 16937
Date: Tue, 28 Jan 2020 17:47:12 GMT
Age: 13519
Vary: Accept-Encoding, User-Agent
X-Cache: cached
X-Cache-Hit: HIT
X-Backend: all_requests
Accept-Ranges: none

GET
H2

200

style.min.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2&time=1580219619

40 KB
6 KB

64ms
31ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 6163
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Nov 2019 22:06:04 GMT
server: nginx
cache-control: max-age=315360000
etag: "a1fb-596a0a3682b00-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

theme.min.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2&time=1580219619

2 KB
997 B

55ms
39ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

45f461bf78813a1ee5c3a025b6b9bf83f9c78da98390f7208826dbd64573ec10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 639
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Sep 2019 15:19:18 GMT
server: nginx
cache-control: max-age=315360000
etag: "793-592e97a278980-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

blocks.style.build.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/blocks.style.build.css?ver=1.20.1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/blocks.style.build.css?ver=1.20.1&time=1580219619

145 KB
20 KB

5080ms
5051ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/blocks.style.build.css?ver=1.20.1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5d0aa940e58cb6b03ee8707f6435a8e56c48f66ad834d4838333e2db34795054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14006
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 20052
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 23:27:39 GMT
server: nginx
cache-control: max-age=315360000
etag: "245e7-59ceb1a84948d-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/blocks.style.build.css?ver=1.20.1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

dashicons.min.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dashicons.min.css?ver=5.3.2&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dashicons.min.css?ver=5.3.2&time=1580219619

46 KB
28 KB

51ms
30ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dashicons.min.css?ver=5.3.2&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 28481
x-xss-protection: 1; mode=block
last-modified: Wed, 15 May 2019 16:08:57 GMT
server: nginx
cache-control: max-age=315360000
etag: "b9c6-588ef5dded840-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/css/dashicons.min.css?ver=5.3.2&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

everest-forms.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/everest-forms/assets/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.5.10&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.5.10&time=1580219619

17 KB
3 KB

54ms
38ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.5.10&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

87352e7d6efad017173e9c6b013e5987e7e56eeff12648de5facfd840ba77e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 2826
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jan 2020 22:53:50 GMT
server: nginx
cache-control: max-age=315360000
etag: "423a-59c9a2a2d464b-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.5.10&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

frontend.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/post-views-counter/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.1&time=1580219619

289 B
558 B

5061ms
5027ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14006
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 201
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Jan 2020 22:16:57 GMT
server: nginx
cache-control: max-age=315360000
etag: "121-59cadc420ba99-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

newspaperss.min.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0&time=1580219619

149 KB
21 KB

58ms
31ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

077dfd9a39946d218e3052428a9281909f7ae77142e35f2b3e9eeb60a0bf4b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 21547
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jan 2020 23:33:52 GMT
server: nginx
cache-control: max-age=315360000
etag: "25208-59c9ab9628dbc-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/css/newspaperss.min.css?ver=1.0&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

font-awesome.min.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1&time=1580219619

30 KB
7 KB

59ms
32ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 13996
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 7057
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jan 2020 23:33:52 GMT
server: nginx
cache-control: max-age=315360000
etag: "791c-59c9ab9658e80-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK css
fonts.googleapis.com/ 16 KB
2 KB 22ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19e380d8f0a4b344b6530d3a6d6e40c9e3173d9185087cd3b823bb03007fc6a2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 17:47:12 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 28 Jan 2020 17:47:12 GMT

GET
H2

200

style.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/style.css?ver=1.1.0&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/style.css?ver=1.1.0&time=1580219619

83 KB
14 KB

57ms
33ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/style.css?ver=1.1.0&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

52159f8f685d2d875e6bc43adb913343392e0ad2c29f330d6274ec31d410d7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 14350
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jan 2020 23:33:52 GMT
server: nginx
cache-control: max-age=315360000
etag: "14c34-59c9ab962c5e7-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/style.css?ver=1.1.0&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

socicon.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20191207&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20191207&time=1580219619

20 KB
4 KB

56ms
33ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20191207&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

6f88461eff9662ba1d469393859300974537a63977ee374e47c747df4b177301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 13991
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 3742
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jan 2020 14:02:51 GMT
server: nginx
cache-control: max-age=315360000
etag: "518c-59cbafaf2fd8e-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20191207&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

genericons.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/_inc/genericons/genericons/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1&time=1580219619

28 KB
16 KB

53ms
30ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 16441
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 23:28:11 GMT
server: nginx
cache-control: max-age=315360000
etag: "6e6a-59ceb1c6ce954-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

academicons.min.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406&time=1580219619

7 KB
2 KB

40ms
39ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

949d3f7ad7481fd0926420e32b9e816aa1054f66e265cc0a794412c69d8145ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 1266
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jan 2020 14:02:51 GMT
server: nginx
cache-control: max-age=315360000
etag: "1a66-59cbafaf30d22-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

kirki-styles.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/inc/kirki/assets/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/inc/kirki/assets/css/kirki-styles.css?ver=3.0.35.3&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/inc/kirki/assets/css/kirki-styles.css?ver=3.0.35.3&time=1580219619

0
372 B

53ms
35ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/inc/kirki/assets/css/kirki-styles.css?ver=3.0.35.3&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 20
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jan 2020 23:33:51 GMT
server: nginx
cache-control: max-age=315360000
etag: "0-59c9ab94d39ed"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/inc/kirki/assets/css/kirki-styles.css?ver=3.0.35.3&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

jetpack.css
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/css/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.1.1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.1.1&time=1580219619

70 KB
13 KB

50ms
33ms

Stylesheet
text/css

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.1.1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

072cfdc3b5c6541f3d3c06ebd4c138ab38b6e7983704b73dcb46710ac3ccb05b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 12562
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 23:28:06 GMT
server: nginx
cache-control: max-age=315360000
etag: "117db-59ceb1c187e80-gzip"
content-type: text/css
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/jetpack/css/jetpack.css?ver=8.1.1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

jquery.js Show response
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1580219619

95 KB
33 KB

53ms
38ms

Script
application/javascript

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 33776
x-xss-protection: 1; mode=block
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
cache-control: max-age=315360000
etag: "17a69-5890dc7401880-gzip"
content-type: application/javascript
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

jquery-migrate.min.js Show response
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1580219619

10 KB
4 KB

44ms
33ms

Script
application/javascript

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 13990
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 4014
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
cache-control: max-age=315360000
etag: "2748-5333ff613c400-gzip"
content-type: application/javascript
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

newspaperss.min.js Show response
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1&time=1580219619

3 KB
2 KB

42ms
31ms

Script
application/javascript

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cec5174b062879b4d7ab1c883d607fc4812e7622353f6db2f1ccd31aad9ff84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14000
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 1254
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jan 2020 23:33:50 GMT
server: nginx
cache-control: max-age=315360000
etag: "bf6-59c9ab944ec18-gzip"
content-type: application/javascript
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss.min.js?ver=1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

newspaperss_other.min.js Show response
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1&time=1580219619

220 KB
57 KB

52ms
41ms

Script
application/javascript

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

663e5684a7acd3bbe38304a9420b104f3ea052acd60564c40b86185ff1779885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14000
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 57491
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jan 2020 23:33:50 GMT
server: nginx
cache-control: max-age=315360000
etag: "3714c-59c9ab9446850-gzip"
content-type: application/javascript
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/js/newspaperss_other.min.js?ver=1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

wp-emoji-release.min.js Show response
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2&time=1580219619

14 KB
5 KB

35ms
34ms

Script
application/javascript

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 13989
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 4626
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Nov 2019 22:16:02 GMT
server: nginx
cache-control: max-age=315360000
etag: "362a-596a0c70cec80-gzip"
content-type: application/javascript
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

cropped-asdsadsad-1-6-2048x79.png
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/cropped-asdsadsad-1-6-2048x79.png
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/cropped-asdsadsad-1-6-2048x79.png

7 KB
7 KB

32ms
32ms

Image
image/png

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/cropped-asdsadsad-1-6-2048x79.png

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

73f95cf0a9f883363f49452e584a675c8dc2ab7c030d5b56a77dee9b265d619e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:12 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 27979
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 6753
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 20:19:50 GMT
server: nginx
cache-control: max-age=315360000
etag: "1a61-59d24d4512aed"
content-type: image/png
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/cropped-asdsadsad-1-6-2048x79.png
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

son-dakika-1-428x400.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-428x400.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-428x400.jpg

24 KB
25 KB

15125ms
15124ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-428x400.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

2415915d06de544b2c0b1a6aa29ab178a15e99e0c1c6148dfc8183aa1c58265b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:32 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
status: 200
x-sucuri-cache: MISS
content-length: 24929
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 18:33:09 GMT
server: nginx
cache-control: max-age=315360000
etag: "6161-59ce6fd4c7291"
content-type: image/jpeg
x-cache-hit: MISS
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-428x400.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

5e2da00562fa8170594db682-428x400.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-428x400.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-428x400.jpg

37 KB
37 KB

68ms
67ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-428x400.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

4021be9e8f2fe3120701e8d43f37b21d48a26141a4fa5aeda776428a1eac5813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 55770
x-cache: cached
status: 200
x-sucuri-cache: HIT
content-length: 37895
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 20:37:41 GMT
server: nginx
cache-control: max-age=315360000
etag: "9407-59d25142f8b4f"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-428x400.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

photo-of-cup-near-flat-screen-television-2726370-428x400.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-428x400.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-428x400.jpg

14 KB
15 KB

82ms
81ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-428x400.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

faebc8e7322c41cfb2ec30397afbd7c623d01217caedd94fee404c07ee73b99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 61437
x-cache: cached
status: 200
x-sucuri-cache: HIT
content-length: 14569
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 15:48:35 GMT
server: nginx
cache-control: max-age=315360000
etag: "38e9-59d210a49019f"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-428x400.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

son-dakika-1.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg

78 KB
79 KB

5034ms
5034ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

2173db83e64724db6083a469dac90ad11c52ea3dcc6557cf514d58928354d6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 342317
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 80123
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 18:33:08 GMT
server: nginx
cache-control: max-age=315360000
etag: "138fb-59ce6fd415f2e"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

5e2da00562fa8170594db682.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg

123 KB
124 KB

5079ms
5078ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f9259008f6fe85533681b293f526fdd3355b43a7b98526ae00e2b371c8ee772c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 76072
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 126403
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 20:37:40 GMT
server: nginx
cache-control: max-age=315360000
etag: "1edc3-59d2514227175"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

photo-of-cup-near-flat-screen-television-2726370-2048x1365.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-2048x1365.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-2048x1365.jpg

94 KB
94 KB

5053ms
5053ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-2048x1365.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0ff1497ecffe68eabfbfc12ce5c561d81753059580625485c8cd322f45a5cc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
status: 200
x-sucuri-cache: MISS
content-length: 96208
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 15:48:35 GMT
server: nginx
cache-control: max-age=315360000
etag: "177d0-59d210a431ed9"
content-type: image/jpeg
x-cache-hit: MISS
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-2048x1365.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

105e9259-5868-4bcb-8424-3647acfa0f76.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76.jpg

57 KB
57 KB

77ms
76ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

095b25f20600476bb484847104b411fa7892b2502826a2a25cfd721f4a4d4a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 157921
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 58095
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:52:42 GMT
server: nginx
cache-control: max-age=315360000
etag: "e2ef-59d12029f1bf0"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

2563989_810x458.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458.jpg

74 KB
74 KB

46ms
45ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

787de5318212b9f65a047eb522ae444cbe2a10267b777f5ef7e681473bb2a0ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 158483
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 75673
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:44:06 GMT
server: nginx
cache-control: max-age=315360000
etag: "12799-59d11e3d9a0d4"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

irak-iha.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha.jpg

93 KB
93 KB

40ms
39ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

3c8c3d3166a07e11ebfc3042350923a8570a6357219a43e37bcfdedc9f4dd6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 160309
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 94822
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:14:04 GMT
server: nginx
cache-control: max-age=315360000
etag: "17266-59d11787c0f27"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

0x0-2.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2.jpg

92 KB
92 KB

77ms
76ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

db7cdaa85c987a4c71b79925fba099cf0fe669d041c8acd091d2b28d3ff21f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 160520
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 93752
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:10:16 GMT
server: nginx
cache-control: max-age=315360000
etag: "16e38-59d116ae57878"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 105 KB
38 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bafadcb1056d5f65b1de0cdb416a76a604d26086b591883eaf124466c6e8df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37802
x-xss-protection: 0
server: cafe
etag: 4561118870873313084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Jan 2020 17:47:17 GMT

GET
H/1.1 200
OK showad.js Show response
cdn2.admatic.com.tr/showad/ 516 KB
172 KB 88ms
43ms Script
text/javascript 2a02:26b0:8000:29::1:c
SH

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn2.admatic.com.tr/showad/showad.js
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 2a02:26b0:8000:29::1:c , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f325274c83fdb74900ede2d771165f24d8d6e9c3bea3cd7563d2b0e3d840d49d

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:17 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=UTF-8
Last-Modified: Mon, 06 Jan 2020 10:37:37 GMT
Server: Microsoft-IIS/10.0
ETag: "80ae8507dc4d51:0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=7200
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 175172

GET
H2

200

son-dakika-1-600x300.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-600x300.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-600x300.jpg

23 KB
24 KB

77ms
76ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-600x300.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

c8150a6485e37f6ef60feda9836c6e685c3fa24db0035ef1978be5a656a5c3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 342566
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 24054
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 18:33:10 GMT
server: nginx
cache-control: max-age=315360000
etag: "5df6-59ce6fd57becf"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-600x300.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

5e2da00562fa8170594db682-600x300.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-600x300.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-600x300.jpg

40 KB
41 KB

56ms
55ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-600x300.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

1da84b6e14ade0032c033c3106e0d3228f8e5552abee04cadac0c80120083735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 76070
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 41380
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 20:37:42 GMT
server: nginx
cache-control: max-age=315360000
etag: "a1a4-59d25143a67e7"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-600x300.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

photo-of-cup-near-flat-screen-television-2726370-600x300.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-600x300.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-600x300.jpg

14 KB
15 KB

39ms
38ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-600x300.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0de22b75b144df003fb0d1c8163480ddef08937cb2e2881bbcee6f906b25146c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 61441
x-cache: cached
status: 200
x-sucuri-cache: HIT
content-length: 14649
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 15:48:37 GMT
server: nginx
cache-control: max-age=315360000
etag: "3939-59d210a607dd1"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-600x300.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

2563989_810x458-600x300.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458-600x300.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458-600x300.jpg

32 KB
32 KB

38ms
37ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458-600x300.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

8bed74f524c43e032e1de2a2df5d24e132afe308c0eb47604e4d7169d6cb6eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 157925
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 32521
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:44:06 GMT
server: nginx
cache-control: max-age=315360000
etag: "7f09-59d11e3e5083c"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/2563989_810x458-600x300.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

irak-iha-600x300.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-600x300.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-600x300.jpg

30 KB
30 KB

38ms
37ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-600x300.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

bf0984b15dddee3538aefeaf5ebd490e7bd901936e1e6dd23eb719398a185690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 160308
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 30837
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:14:06 GMT
server: nginx
cache-control: max-age=315360000
etag: "7875-59d11788e0aa0"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-600x300.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

0x0-2-600x300.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2-600x300.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2-600x300.jpg

41 KB
41 KB

38ms
37ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2-600x300.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

829ac070b5d78313dc49fa7792b09591d1ad3bb6b332ad505907eddddcff9782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 160528
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 41803
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:10:17 GMT
server: nginx
cache-control: max-age=315360000
etag: "a34b-59d116af1feaa"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/0x0-2-600x300.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK reklamstore.js Show response
adserver.reklamstore.com/ 94 KB
29 KB 27ms
6ms Script
application/javascript 2600:9000:214f:d800:1c:4bbb:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver.reklamstore.com/reklamstore.js
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 2600:9000:214f:d800:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff3b1af6b436bcd7442ad162f26377bdc788fe1e95d3fc8149e45f4294abcce8

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 15:06:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jan 2020 14:51:45 GMT
Server: AmazonS3
Age: 10512
ETag: "48e6034ec2f19ad12f87b6f66a450e8c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Content-Length: 29559
X-Amz-Cf-Id: wNsTdpnoXcvPKvPxynbGK3rEWO4PQu8M0Cjx4ysCX_XGgOxnHZ70jA==

GET
H2

200

EPFBVYLXkAEHYn7-1200x600.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/EPFBVYLXkAEHYn7-1200x600.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/EPFBVYLXkAEHYn7-1200x600.jpg

163 KB
164 KB

5077ms
5077ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/EPFBVYLXkAEHYn7-1200x600.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

e4c00976a60c9cfaa79743b350ba139a02be110aabb5b33f0b9b23b86ff1250d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 329468
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 167302
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 22:12:57 GMT
server: nginx
cache-control: max-age=315360000
etag: "28d86-59cea0f5747ea"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/EPFBVYLXkAEHYn7-1200x600.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

3363e0e8-1ef8-c812-b336-8ea1bccda625.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/3363e0e8-1ef8-c812-b336-8ea1bccda625.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/3363e0e8-1ef8-c812-b336-8ea1bccda625.jpg

89 KB
89 KB

97ms
97ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/3363e0e8-1ef8-c812-b336-8ea1bccda625.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e4b60b0839272d368430dcf504aa916616266df74d8025b1ae18abe916b8a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 493310
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 90726
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Jan 2020 00:44:19 GMT
server: nginx
cache-control: max-age=315360000
etag: "16266-59cc3f0fc9200"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/3363e0e8-1ef8-c812-b336-8ea1bccda625.jpg
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

irak-iha-880x600.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-880x600.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-880x600.jpg

77 KB
77 KB

35ms
35ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-880x600.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

9be67b6b4cda14eea622e9b74d1520672ba179298a09474b453dd860e904c07e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 160326
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 78578
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:14:06 GMT
server: nginx
cache-control: max-age=315360000
etag: "132f2-59d11788ca8c2"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/irak-iha-880x600.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

son-dakika-1-110x85.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-110x85.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-110x85.jpg

4 KB
4 KB

5027ms
5027ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-110x85.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

410046250886187bda5ba9b430906e521af1125ac7299c9d1d66c9a47cc46fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:27 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 342568
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 4038
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 18:33:10 GMT
server: nginx
cache-control: max-age=315360000
etag: "fc6-59ce6fd52dafa"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1-110x85.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

5e2da00562fa8170594db682-110x85.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-110x85.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-110x85.jpg

5 KB
5 KB

28ms
28ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-110x85.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

4e64cec8447a6889d6c07d5fd4a674a90aef28257d24a5f75c56e3f3b08a22ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 76069
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 4704
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 20:37:42 GMT
server: nginx
cache-control: max-age=315360000
etag: "1260-59d25143650aa"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682-110x85.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

105e9259-5868-4bcb-8424-3647acfa0f76-110x85.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76-110x85.jpg
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76-110x85.jpg

2 KB
2 KB

32ms
32ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76-110x85.jpg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

45e137e517980fa8d25ca605a6fec1340558b642d225284cad071bfcc48aa9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 157924
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 1561
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 21:52:42 GMT
server: nginx
cache-control: max-age=315360000
etag: "619-59d1202a50036"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/105e9259-5868-4bcb-8424-3647acfa0f76-110x85.jpg
Date: Tue, 28 Jan 2020 17:47:22 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

logo.png
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/kill-adblock//images/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/kill-adblock//images/logo.png
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/kill-adblock//images/logo.png

9 KB
9 KB

35ms
34ms

Image
image/png

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/kill-adblock//images/logo.png

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5b735e45514506d0ef8a81c39fd7c6ea8fc3e31ab51daef8bb5de321f9e8841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:23 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 190703
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 8967
x-xss-protection: 1; mode=block
last-modified: Sun, 26 Jan 2020 12:47:25 GMT
server: nginx
cache-control: max-age=315360000
etag: "2307-59d0a64907740"
content-type: image/png
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/kill-adblock//images/logo.png
Date: Tue, 28 Jan 2020 17:47:23 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK script.js Show response
lessbuttons.com/ 19 KB
4 KB 327ms
253ms Script
text/javascript 46.101.80.192
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lessbuttons.com/script.js?position=bottom&onmobile=bottom&facebook=1&twitter=1&gmail=1&zindex=0

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.101.80.192 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

58d7f6330ebfe0338b6d166c42b00b4a739bedbcbeaf60eecf1847a8ed81ce2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=20000000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.10.3 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=20000000
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2

200

slick.min.js Show response
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/js/vendors/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/js/vendors/slick.min.js?ver=1.20.1&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/js/vendors/slick.min.js?ver=1.20.1&time=1580219619

42 KB
11 KB

15062ms
15062ms

Script
application/javascript

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/js/vendors/slick.min.js?ver=1.20.1&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5b1ed3101b0a0e98a6ff3d3dee220bf7096c896a144560c48dd3ed45f4fb5065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 0
x-cache: uncached
status: 200
x-sucuri-cache: MISS
content-length: 10437
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 23:27:39 GMT
server: nginx
cache-control: max-age=315360000
etag: "a753-59ceb1a80c510-gzip"
content-type: application/javascript
x-cache-hit: MISS
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/coblocks/dist/js/vendors/slick.min.js?ver=1.20.1&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

social-icons-widget-frontend.js Show response
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209&time=1580219619

860 B
658 B

5073ms
5073ms

Script
application/javascript

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

6853d729a67593739860d399dc73e21340de4f57bda79cc930f536e428967b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 14001
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 290
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jan 2020 14:02:51 GMT
server: nginx
cache-control: max-age=315360000
etag: "35c-59cbafaf12184-gzip"
content-type: application/javascript
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209&time=1580219619
Date: Tue, 28 Jan 2020 17:47:12 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

wp-embed.min.js Show response
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.3.2&time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.3.2&time=1580219619

1 KB
1 KB

106ms
106ms

Script
application/javascript

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.3.2&time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 13998
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 740
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Oct 2019 19:49:10 GMT
server: nginx
cache-control: max-age=315360000
etag: "577-5942f1cbbd980-gzip"
content-type: application/javascript
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/wp-embed.min.js?ver=5.3.2&time=1580219619
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 27ms
11ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.2
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dcaa408e1dc85fa06ad3d998b43f55bd26a5c5c5c7eb008077fa2e8d5bb29ab

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 586
etag: W/"e27e2ea063ce250c408ecf2118db76b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 55c4ca6c3a8e9ace-FRA
expires: Fri, 31 Jan 2020 17:47:17 GMT

GET
H2 200 e-202005.js Show response
stats.wp.com/ 9 KB
3 KB 42ms
13ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202005.js
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 24 Jan 2021 11:52:06 GMT

GET
H2 200 tcc_l.combined.1.0.6.min.js Show response
img1.wsimg.com/tcc/ 12 KB
5 KB 90ms
28ms Script
application/javascript 104.82.112.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.82.112.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-82-112-92.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2017 16:26:41 GMT
access-control-allow-origin: *
etag: "52ef5c943baad21:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4564
expires: Wed, 27 Jan 2021 17:47:17 GMT

GET
H2

200

son-dakika-1.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg?time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg?time=1580219619

78 KB
79 KB

103ms
102ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg?time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

2173db83e64724db6083a469dac90ad11c52ea3dcc6557cf514d58928354d6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 10191
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 80123
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Jan 2020 18:33:08 GMT
server: nginx
cache-control: max-age=315360000
etag: "138fb-59ce6fd415f2e"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/son-dakika-1.jpg?time=1580219619
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

5e2da00562fa8170594db682.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg?time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg?time=1580219619

123 KB
124 KB

102ms
101ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg?time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f9259008f6fe85533681b293f526fdd3355b43a7b98526ae00e2b371c8ee772c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 10191
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 126403
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 20:37:40 GMT
server: nginx
cache-control: max-age=315360000
etag: "1edc3-59d2514227175"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/5e2da00562fa8170594db682.jpg?time=1580219619
Date: Tue, 28 Jan 2020 17:47:17 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

photo-of-cup-near-flat-screen-television-2726370-scaled.jpg
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/
Redirect Chain

http://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-scaled.jpg?time=1580219619
https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-scaled.jpg?time=1580219619

133 KB
134 KB

50ms
49ms

Image
image/jpeg

2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-scaled.jpg?time=1580219619

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

240f2ba78c2defd9060ac436574cfe538c233bb2e8a5dcbaf8ae4191b15db1fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:23 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 10196
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 136601
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Jan 2020 15:48:32 GMT
server: nginx
cache-control: max-age=315360000
etag: "21599-59d210a1cf43f"
content-type: image/jpeg
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/uploads/2020/01/photo-of-cup-near-flat-screen-television-2726370-scaled.jpg?time=1580219619
Date: Tue, 28 Jan 2020 17:47:23 GMT
X-Sucuri-ID: 15016
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Origin: http://bmedyagrup.com

Response headers

Date: Wed, 22 Jan 2020 06:19:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:45:55 GMT
Server: sffe
Age: 559653
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14044
X-XSS-Protection: 0
Expires: Thu, 21 Jan 2021 06:19:44 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Origin: http://bmedyagrup.com

Response headers

Date: Thu, 19 Dec 2019 21:14:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:45:54 GMT
Server: sffe
Age: 3443582
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14176
X-XSS-Protection: 0
Expires: Fri, 18 Dec 2020 21:14:15 GMT

GET
H/1.1 200
OK S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
fonts.gstatic.com/s/lato/v16/ 3 KB
3 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Origin: http://bmedyagrup.com

Response headers

Date: Tue, 14 Jan 2020 02:27:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:45:44 GMT
Server: sffe
Age: 1264793
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2888
X-XSS-Protection: 0
Expires: Wed, 13 Jan 2021 02:27:24 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwaPGQ3q5d0N7w.woff2
fonts.gstatic.com/s/lato/v16/ 3 KB
3 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwaPGQ3q5d0N7w.woff2

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9777cdc714f5f41e30b3ce3bef443895e7e454bc304e32bb97d20c4e3d78032e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Origin: http://bmedyagrup.com

Response headers

Date: Tue, 14 Jan 2020 01:07:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 03:45:46 GMT
Server: sffe
Age: 1269560
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2944
X-XSS-Protection: 0
Expires: Wed, 13 Jan 2021 01:07:57 GMT

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 93 KB
29 KB 33ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://static.criteo.net/js/ld/publishertag.js
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 136bdf6003a20291fa880c2aaf8dde86fad3da0925b8b23a8a82f39ef9061e29

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
last-modified: Mon, 20 Jan 2020 17:35:22 GMT
server: nginx
etag: W/"5e25e4da-175ed"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 29 Jan 2020 17:47:17 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 270 KB
92 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46eaa78140ea25a90d717b938f9e4f041679c03820cfa62ff3e9ea2c7016cb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 93767
X-XSS-Protection: 0
Expires: Tue, 28 Jan 2020 17:47:17 GMT

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 297 B
612 B 51ms
38ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.rekmob.com/m/props/?regionId=611321
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: a99ef66371daf1c1f72954cc5683f72747791b9b64240e1bee67bc27229a05b3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com

Response headers

Date: Tue, 28 Jan 2020 17:35:00 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: NL
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer
https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer

56 KB
21 KB

14ms
13ms

Script
application/javascript

2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c02af50f5f6406aeb30542783e97774a62ac984403f7db06c2982ae68cf7079

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: br
last-modified: Tue, 28 Jan 2020 16:12:23 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21543
x-xss-protection: 0
expires: Tue, 28 Jan 2020 17:47:17 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer
Date: Tue, 28 Jan 2020 17:47:17 GMT
Server: Google Tag Manager
Content-Length: 268
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

sync
aws-fr-sync.bidswitch.net/ul_cb/
Redirect Chain

http://x.bidswitch.net/sync?ssp=reklamstore
http://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
http://bsw.digitru.st/syncx?ssp=reklamstore
http://aws-fr-sync.bidswitch.net/sync?ssp=reklamstore&bsw_own_uuid=
http://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=reklamstore&bsw_own_uuid=

43 B
300 B

26ms
25ms

Image
image/gif

52.28.211.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=reklamstore&bsw_own_uuid=
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 52.28.211.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-211-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: http://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=reklamstore&bsw_own_uuid=
Date: Tue, 28 Jan 2020 17:47:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 fontawesome-webfont.woff2
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/fonts/ 75 KB
76 KB 5082ms
5048ms Font
font/woff2 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/themes/newspaperss/fonts/awesome/css/font-awesome.min.css?ver=1&time=1580219619
Origin: http://bmedyagrup.com

Response headers

date: Tue, 28 Jan 2020 17:47:22 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 57857
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jan 2020 23:33:52 GMT
server: nginx
cache-control: max-age=315360000
etag: "12d68-59c9ab9663a2b"
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 socicon.ttf
secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/ 54 KB
54 KB 88ms
54ms Font
font/ttf 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United Kingdom, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

c22c4f772a11111563e5ff177bef50d000d724d01667e334c582eb97a4eebc56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20191207&time=1580219619
Origin: http://bmedyagrup.com

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
x-content-type-options: nosniff
x-cacheable: YES:Forced
x-backend: all_requests
age: 57584
x-cache: cached
status: 200
x-sucuri-cache: MISS
content-length: 55180
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jan 2020 14:02:51 GMT
server: nginx
cache-control: max-age=315360000
etag: "d78c-59cbafaf22813"
vary: User-Agent
content-type: font/ttf
access-control-allow-origin: *
x-cache-hit: HIT
x-sucuri-id: 15016
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 322 B
621 B 44ms
32ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.rekmob.com/m/props/?regionId=611329
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 1b1b49414afaa9b5f9f32b6599d6c6e2695a2be56cccda138943d5a8d5129036

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com

Response headers

Date: Tue, 28 Jan 2020 17:35:00 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: NL
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H/1.1 200
OK init.js Show response
bank.reklamstore.com/ 125 KB
28 KB 64ms
49ms Script
application/javascript 138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://bank.reklamstore.com/init.js?v1
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 7e4895a9d150935ee2b1a687a504fa970f334cb1c16233a9bc4f1fda22e18c59

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:45:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 13:16:00 GMT
Server: nginx/1.14.0
Etag: eccbc87e4b5ce2fe28308fd9f2a7baf3
Vary: Accept-Encoding
P3P: policyref="http://bank.reklamstore.com/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 27844
Expires: Tue, 28 Jan 2020 18:47:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
778 B 51ms
30ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bmedyagrup.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
778 B 33ms
20ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bmedyagrup.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/ 220 KB
82 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c548e1be2e05f58275517fbc9d9fe83f3e4e1cfa2c2bde0d2c4c821320c7b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84107
x-xss-protection: 0
server: cafe
etag: 1376662113721379642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jan 2020 17:47:17 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200123/r20190131/ Frame 4DB8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200123/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200123/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://bmedyagrup.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 23 Jan 2020 14:39:01 GMT
expires: Thu, 06 Feb 2020 14:39:01 GMT
content-type: text/html; charset=UTF-8
etag: 4350393549794053402
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6578
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 443296
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v2/ 21 B
711 B 28ms
16ms XHR
application/json 185.33.223.197
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v2/prebid

Requested by

Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 17:47:19 GMT
X-Proxy-Origin: 85.159.237.67; 85.159.237.67; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid: 2db7003d-0e24-457e-a2b6-c5a41d28d851
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://bmedyagrup.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK adp Show response
ads.rekmob.com/m/ 8 KB
3 KB 197ms
185ms Script
text/plain 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.rekmob.com/m/adp?uid=8c2420bdef0945c2bac42aff92176b84&ufid=pghrH5TvsaYpCZZ1kOPP&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__pghrH5TvsaYpCZZ1kOPP&ref=bmedyagrup.com&_=1580233637883&crtg=-1
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: fbe7f5c5050615452d12af07b6cef6cc0db31c78eea125a4078ee80cb9556777

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:35:00 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: NL
Vary: Accept-Encoding
Content-Type: text/plain;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 204 / Show response
prebid-eu.creativecdn.com/bidder/prebid/bids/ 0
199 B 46ms
15ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 28 Jan 2020 17:47:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://bmedyagrup.com
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v2/ 21 B
710 B 14ms
14ms XHR
application/json 185.33.223.197
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v2/prebid

Requested by

Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 17:47:19 GMT
X-Proxy-Origin: 85.159.237.67; 85.159.237.67; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: 07709988-ef08-4551-af44-15196ac816c6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://bmedyagrup.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTc1OTU5Nw%3D%3D&callback=adf__EfM6qqczTje8kxvXWY2T
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTc1OTU5Nw%3D%3D&callback=adf__EfM6qqczTje8kxvXWY2T

33 B
566 B

31ms
31ms

Script
text/javascript

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTc1OTU5Nw%3D%3D&callback=adf__EfM6qqczTje8kxvXWY2T

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

646cc4f0c6e773578d27a64d78a8b20102017bd2b0f5994013b7c0b73e352289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:18 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 160
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:17 GMT
server: nginx
access-control-allow-origin: *
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTc1OTU5Nw%3D%3D&callback=adf__EfM6qqczTje8kxvXWY2T
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 302
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK adp Show response
ads.rekmob.com/m/ 4 KB
2 KB 174ms
161ms Script
text/plain 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.rekmob.com/m/adp?uid=065a0aff604b454886fce2b0cfa48d7f&ufid=EfM6qqczTje8kxvXWY2T&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__EfM6qqczTje8kxvXWY2T&ref=bmedyagrup.com&_=1580233637916&crtg=-1
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: a542ceefb49d8ecc0742217c81ef1f1fac07dd34219b9aa904dbe8dc4f3d2090

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:35:00 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: NL
Vary: Accept-Encoding
Content-Type: text/plain;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 204 / Show response
prebid-eu.creativecdn.com/bidder/prebid/bids/ 0
199 B 17ms
17ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 28 Jan 2020 17:47:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://bmedyagrup.com
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8429 0
0 26ms
25ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7453040142644558&output=html&adk=3046330955&adf=2044148826&lmt=1580233637&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fbmedyagrup.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580233637854&bpp=12&bdt=5223&fdt=109&idt=109&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2695872456956&frm=20&pv=2&ga_vid=1888565964.1580233638&ga_sid=1580233638&ga_hid=1183634734&ga_fc=0&iag=0&icsg=562949995372544&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=26835106&oid=3&pvsid=2388445242632022&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=125

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7453040142644558&output=html&adk=3046330955&adf=2044148826&lmt=1580233637&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fbmedyagrup.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580233637854&bpp=12&bdt=5223&fdt=109&idt=109&shv=r20200123&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2695872456956&frm=20&pv=2&ga_vid=1888565964.1580233638&ga_sid=1580233638&ga_hid=1183634734&ga_fc=0&iag=0&icsg=562949995372544&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=26835106&oid=3&pvsid=2388445242632022&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://bmedyagrup.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Jan 2020 17:47:18 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 28-Jan-2020 18:02:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Tue, 28 Jan 2020 17:47:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200123/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48db482e657fcf98aa556a1b6318cafe94fff32756b2a4c20e51c95547f42c60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580158369636768"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28051
x-xss-protection: 0
expires: Tue, 28 Jan 2020 17:47:18 GMT

GET
H/1.1

200
OK

rs.js Show response
bank.reklamstore.com/
Redirect Chain

http://iq.reklamselfie.com/585ce73218044
https://bank.reklamstore.com/rs.js

24 B
378 B

109ms
27ms

Script
application/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/rs.js
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:45:31 GMT
Last-Modified: Tue, 21 Feb 2017 07:13:43 GMT
Server: nginx/1.14.0
ETag: "18-549051ec0ae13"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24

Redirect headers

Location: https://bank.reklamstore.com/rs.js
Date: Tue, 28 Jan 2020 17:47:22 GMT
Server: openresty/1.11.2.2
Connection: keep-alive
Content-Length: 167
Content-Type: text/html

GET
H/1.1

200
OK

pixel Show response
ps.eyeota.net/
Redirect Chain

http://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e3073a5d940b
https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e3073a5d940b

994 B
1 KB

90ms
28ms

Script
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e3073a5d940b
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b26a7cb9dad4f92a4116cf37b62716008197273897f75fb166f65d44d24c71bd

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
Content-Length: 994
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e3073a5d940b
Cache-Control: no-cache
Content-length: 0

GET
H/1.1

200
OK

anx.php Show response
bank.reklamstore.com/
Redirect Chain

http://ib.adnxs.com/getuid?http://bank.reklamstore.com/anx.php?uid=$UID
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fbank.reklamstore.com%2Fanx.php%3Fuid%3D%24UID
http://bank.reklamstore.com/anx.php?uid=9137790523209796744

41 B
440 B

36ms
36ms

Script
text/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://bank.reklamstore.com/anx.php?uid=9137790523209796744
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: aa65555d7e01d66ac2ca504c2e11f4b21a533ea414cd6620104524e17d7e6c3e

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:45:31 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Length: 41

Redirect headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 17:47:20 GMT
AN-X-Request-Uuid: bce7258a-56de-4e48-a437-1848d8e19ada
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: http://bank.reklamstore.com/anx.php?uid=9137790523209796744
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.67; 85.159.237.67; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.73:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx.php Show response
bank.reklamstore.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm=&google_tc=
https://bank.reklamstore.com/adx.php?google_gid=CAESEHu9-N__OQPtsKUZrwWoSI8&google_cver=1

49 B
454 B

108ms
60ms

Script
text/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/adx.php?google_gid=CAESEHu9-N__OQPtsKUZrwWoSI8&google_cver=1
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: d0cf462c7b9d175224269b0705f2910ca745514212ae050d4c7cdad6f8502f5a

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:45:31 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 49

Redirect headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:18 GMT
server: HTTP server (unknown)
location: https://bank.reklamstore.com/adx.php?google_gid=CAESEHu9-N__OQPtsKUZrwWoSI8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK match Show response
dmp.adform.net/serving/cookie/ 35 B
411 B 63ms
50ms Script
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

http://dmp.adform.net/serving/cookie/match?party=1068

Requested by

Host: bank.reklamstore.com
URL: http://bank.reklamstore.com/init.js?v1

Protocol

HTTP/1.1

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 17:47:18 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=90
Expires: -1

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12475/ 1 KB
2 KB 90ms
21ms Script
application/javascript 143.204.214.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12475/px.js
Requested by: Host: bank.reklamstore.com
URL: http://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-54.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6821d7bdf52b33e1a8d6fc7fd6a90ca62f753a3f4c4de52dcfe2285ebe8db085

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 02:10:21 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 26 Jun 2019 15:39:51 GMT
Server: AmazonS3
Age: 2302596
ETag: "1787b75236cbeaf2e68cc3e778682a57"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: mTjvD1KS0CzCLUAuIWJlPz3g9oCtNXq798E0grxVFczACfeiiTAWbQ==

GET
H2 200 query Show response
admatic.mgr.consensu.org/ 19 B
605 B 157ms
52ms XHR
application/json 2a02:26b0:8000:29::1:1e
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://admatic.mgr.consensu.org/query
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:26b0:8000:29::1:1e , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: e9c3c5d55b8780688e2c047d655d38d3d16db2662e041462e2b32302b1d9c56d

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jan 2020 17:47:17 GMT
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
content-length: 138
server: Microsoft-IIS/10.0
access-control-max-age: 86400
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: application/json
access-control-allow-origin: http://bmedyagrup.com
cache-control: no-cache, must-revalidate,no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Encoding, Authorization

GET
H2 200 a61fd813-ddea-4f39-955e-2a60216323c8
ads4.admatic.com.tr/showad/px/ums/sync/html/ Frame 99E8 0
0 140ms
49ms Document
text/html 2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr/showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?8651
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash

Request headers

:method: GET
:authority: ads4.admatic.com.tr
:scheme: https
:path: /showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?8651
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://bmedyagrup.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/

Response headers

status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: -1
server: Microsoft-IIS/10.0
set-cookie: __adm_ui=a61fd813ddea4f39955e2a60216323c8; Expires=Fri, 22 Jan 2021 20:47:18 GMT; Domain=admatic.com.tr; Path=/; Secure; SameSite=None ARRAffinity=63f3e4fec5e4d982b9f6241478f6dc3d25eb506b9e7a317df6aa520374ebff30;Path=/;Domain=ads4.admatic.com.tr;secure;SameSite=None
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-allow-methods: GET, POST
access-control-allow-origin: https://bmedyagrup.com
access-control-max-age: 86400
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
timing-allow-origin: *
date: Tue, 28 Jan 2020 17:47:18 GMT
content-length: 206

GET
H/1.1 200
OK ads.css
cdn2.admatic.com.tr/content/ 14 KB
4 KB 43ms
43ms Stylesheet
text/css 2a02:26b0:8000:29::1:c
SH

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn2.admatic.com.tr/content/ads.css?cb=438954
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: HTTP/1.1
Server: 2a02:26b0:8000:29::1:c , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: dba4d22701369b2c2e7adfa8c39cfea3e5ffbb503d3d510fcc79e34a7aa20ca8

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:17 GMT
Content-Encoding: gzip
Content-Type: text/css
Last-Modified: Mon, 27 Feb 2017 07:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0accdbca90d21:0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=7200
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 3623

POST
H2 200 / Show response
ads4.admatic.com.tr/showad/px/ums/giad/ 60 B
675 B 136ms
47ms XHR
application/json 2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr/showad/px/ums/giad/
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: 55bf202fd57abb7b1bc44c4e6d91d662a936633f4a5e68a076bf14c613bf2593

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jan 2020 17:47:18 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
content-length: 60
pragma: no-cache
server: Microsoft-IIS/10.0
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: http://bmedyagrup.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 204 sync Show response
spadsync.com/ 0
291 B 75ms
21ms XHR
text/plain 52.56.239.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spadsync.com/sync?sptoken=adc722c4-42c7-40e6-9d8a-4db9d857ba186a7e&sspid=r5T&ssphost=admatic.com.tr
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.239.183 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-239-183.eu-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com

Response headers

date: Tue, 28 Jan 2020 17:47:18 GMT
server: openresty
status: 204
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 0 Show response
ads4.admatic.com.tr/showad/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/ Frame 525B 3 KB
3 KB 145ms
63ms Script
application/x-javascript 2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr/showad/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/0?domain=bmedyagrup.com&ts=1580233638069&url=http%3A%2F%2Fbmedyagrup.com%2F&kFilter=0&pid=c832396a-b956-43f1-b99f-9827aab85d83&bn=Chrome&bmv=79&os=Mac%20OS&dfjs=1&smartpipe=adc722c4-42c7-40e6-9d8a-4db9d857ba186a7e
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: 11aaa80b4fc99a5e9226d45f37410812d48202f5c34fae00b1f6eec948d6f7ed

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:18 GMT
content-type: application/x-javascript; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store
timing-allow-origin: *
content-length: 3342
expires: -1

GET
H2 200 a61fd813-ddea-4f39-955e-2a60216323c8
ads4.admatic.com.tr/showad/px/ums/sync/html/ Frame B73F 0
0 121ms
49ms Document
text/html 2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr/showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?6295
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash

Request headers

:method: GET
:authority: ads4.admatic.com.tr
:scheme: https
:path: /showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?6295
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://bmedyagrup.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/

Response headers

status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: -1
server: Microsoft-IIS/10.0
set-cookie: __adm_ui=a61fd813ddea4f39955e2a60216323c8; Expires=Fri, 22 Jan 2021 20:47:18 GMT; Domain=admatic.com.tr; Path=/; Secure; SameSite=None ARRAffinity=8555afab295ac79de17d77856bae0318e1ce9ad338d0c84350e24ab54edf6a9d;Path=/;Domain=ads4.admatic.com.tr;secure;SameSite=None
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-allow-methods: GET, POST
access-control-allow-origin: https://bmedyagrup.com
access-control-max-age: 86400
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
timing-allow-origin: *
date: Tue, 28 Jan 2020 17:47:18 GMT
content-length: 206

GET
H2 200 http%3A%2F%2Fbmedyagrup.com%2F Show response
graph.facebook.com/ 75 B
529 B 55ms
43ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/http%3A%2F%2Fbmedyagrup.com%2F?callback=lessbuttons_com_parseRequestFB

Requested by

Host: lessbuttons.com
URL: https://lessbuttons.com/script.js?position=bottom&onmobile=bottom&facebook=1&twitter=1&gmail=1&zindex=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab682b09c58df461d528e1d3387c63fea8b854306afe1d1441531fa51dabc14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Tue, 28 Jan 2020 17:47:18 GMT, Tue, 28 Jan 2020 17:47:18 GMT
x-fb-rev: 1001647722
alt-svc: h3-24=":443"; ma=3600
content-length: 75
pragma: no-cache
x-fb-debug: hn0fdiza5NlyoDPNBds0+jczn07N3EdjBtYF+Qtzja7n/mhtVlvueY8aGoExstdSjZtaEtn46y0KzkhWEjSUlw==
x-fb-trace-id: DogTc4uLJ4X
etag: "a658147bcd683bce1ba7f730ba8bd5e1773e7e5e"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A0XH6nwAIJ99PM__eN2O_nL
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.11
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 3 KB
1 KB 64ms
29ms Script
application/javascript 104.16.53.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=33561&s=bmedyagrup.com&x=rekmob&nci=&adtg=8c2420bdef0945c2bac42aff92176b84&nai=&si=29453&pn=&h=250&w=300&bp=&pp=&ci=&ip=85.159.237.67&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/79.0.3945.88%20Safari/537.36
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecbef203e42fb2a75d59fd5e21b8374640ae7807ffc0ce8297fb13c668bb44dd

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5099
status: 200
x-amz-request-id: A4EFF668A92F754B
x-amz-id-2: nxg2yFX0epk+dY7Z0uGdMbvDg98e061/SoWvIBHfG5QDxGrp/DANv41gg3gXNdjYg8HYS/Wkr0M=
last-modified: Wed, 25 Jul 2018 15:30:39 GMT
server: cloudflare
etag: W/"9f84b85eedc840e448384f1ad74aa599"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 55c4ca6e6c6ec79d-AMS
expires: Tue, 28 Jan 2020 19:47:18 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 3 KB
2 KB 46ms
23ms Script
application/javascript 104.16.53.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=33561&s=bmedyagrup.com&x=rekmob&nci=&adtg=065a0aff604b454886fce2b0cfa48d7f&nai=&si=29453&pn=&h=600&w=300&bp=&pp=&ci=&ip=85.159.237.67&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/79.0.3945.88%20Safari/537.36
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecbef203e42fb2a75d59fd5e21b8374640ae7807ffc0ce8297fb13c668bb44dd

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5099
status: 200
x-amz-request-id: A4EFF668A92F754B
x-amz-id-2: nxg2yFX0epk+dY7Z0uGdMbvDg98e061/SoWvIBHfG5QDxGrp/DANv41gg3gXNdjYg8HYS/Wkr0M=
last-modified: Wed, 25 Jul 2018 15:30:39 GMT
server: cloudflare
etag: W/"9f84b85eedc840e448384f1ad74aa599"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 55c4ca6e6c71c79d-AMS
expires: Tue, 28 Jan 2020 19:47:18 GMT

GET
H/1.1 200
OK bgb.png
cdn2.admatic.com.tr/content/ 124 B
513 B 43ms
43ms Image
image/png 2a02:26b0:8000:29::1:c
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn2.admatic.com.tr/content/bgb.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: HTTP/1.1
Server: 2a02:26b0:8000:29::1:c , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2e068948229c5af3b37a6927a61efe4851a09c71ade24f529d1ad56b01e31ff2

Request headers

Referer: http://cdn2.admatic.com.tr/content/ads.css?cb=438954
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
Last-Modified: Wed, 27 Jan 2016 07:30:22 GMT
Server: Microsoft-IIS/10.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
ETag: "0bb9b94d458d11:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=7200
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 124

GET
H/1.1 200
OK flimpobj.js Show response
pixel.yabidos.com/ 26 KB
22 KB 33ms
21ms Script
application/javascript 104.16.53.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.yabidos.com/flimpobj.js?cb=1580233638164&ver1=2.2.2&qid=230383f5530383f5434353&rnd=588qvmrw2i1d&cid=544
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=33561&s=bmedyagrup.com&x=rekmob&nci=&adtg=065a0aff604b454886fce2b0cfa48d7f&nai=&si=29453&pn=&h=600&w=300&bp=&pp=&ci=&ip=85.159.237.67&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/79.0.3945.88%20Safari/537.36
Protocol: HTTP/1.1
Server: 104.16.53.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a6a95358bbe66f535950d0e3cd41d290cf152778ec09e895eb554e102ac670

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 5135
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 089FD74D01E67F18
x-amz-id-2: e91IPU3ME7MVlgsurL6QGJ4bCBwnE58Ub8ir7LN0OZCWUgRWLBHux7llJ4yyy/ZeSZRHgVbU4sI=
Last-Modified: Thu, 07 Nov 2019 15:38:03 GMT
Server: cloudflare
ETag: W/"fd2176d6074a8c2717ddfe3601ec023e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=7200
CF-RAY: 55c4ca6eaf5cbd87-AMS
Expires: Tue, 28 Jan 2020 19:47:18 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 771 B
1 KB 120ms
30ms Script
application/javascript 52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=10&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

113f5b9a09fa94b4cf5781b6c001863dab47a72a0b3e6937633940fbbab8080d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 771
Expires: Tue, 14 Jan 2020 09:43:48 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 771 B
1 KB 132ms
33ms Script
application/javascript 52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=10&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2f35996fb654118f095b415c9f785c8a4c7d9253d418be3f3e8a422f7364dff4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 771
Expires: Tue, 14 Jan 2020 09:43:48 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 0
344 B 23ms
23ms Script
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e3073a5d940b&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1
Requested by: Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e3073a5d940b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 a61fd813-ddea-4f39-955e-2a60216323c8
ads4.admatic.com.tr/showad/px/ums/sync/html/ Frame C8C1 0
0 46ms
45ms Document
text/html 2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr/showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?4327
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash

Request headers

:method: GET
:authority: ads4.admatic.com.tr
:scheme: https
:path: /showad/px/ums/sync/html/a61fd813-ddea-4f39-955e-2a60216323c8?4327
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://bmedyagrup.com/
accept-encoding: gzip, deflate, br
cookie: __adm_ui=a61fd813ddea4f39955e2a60216323c8; ARRAffinity=63f3e4fec5e4d982b9f6241478f6dc3d25eb506b9e7a317df6aa520374ebff30
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/

Response headers

status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: -1
server: Microsoft-IIS/10.0
set-cookie: __adm_ui=a61fd813ddea4f39955e2a60216323c8; Expires=Fri, 22 Jan 2021 20:47:18 GMT; Domain=admatic.com.tr; Path=/; Secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-allow-methods: GET, POST
access-control-allow-origin: https://bmedyagrup.com
access-control-max-age: 86400
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
timing-allow-origin: *
date: Tue, 28 Jan 2020 17:47:18 GMT
content-length: 206

GET
H/1.1 200
OK nflrc.gif
pre.glotgrx.com/ 26 B
726 B 17ms
10ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pre.glotgrx.com/nflrc.gif?cb=1580233638223670&ver=1.2r79&qid=230383f5530383f5434353&p=33561&s=bmedyagrup.com&x=rekmob&cid=544&od1=&od2=&adtg=8c2420bdef0945c2bac42aff92176b84&nci=&nai=&si=29453&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=588qvmrw2i1d&tps=47&ver1=2.2.2&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/79.0.3945.88%20Safari/537.36&os=&mm=&di=&ip=85.159.237.67&ci=&pp=&bp=&w=300&h=250&pn=&1=cf962c926857f47b17346ba1059bd0e2&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%222%22,%22f%22:%221380%22}&ats=1585x4708&atf=&dbgcid=544&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=26&icp=http%253A//bmedyagrup.com/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-144-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_null_undefined_null_null_undefined_null&fli=1162461445&flerr=0&trim=&fio=18
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
CF-Cache-Status: HIT
Age: 1426
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
x-amz-id-2: x8nOgnxaexzDXPyoBAQ9iHZgl+Rp/Dp77pnE3swvgFNcZPRSFM3Vd634QY3vzBMz7TSGIA38kaw=
Last-Modified: Thu, 12 Jan 2017 21:28:05 GMT
Server: cloudflare
ETag: "6a43099d5c8fe991a7aa7ebaca53069d"
Vary: Accept-Encoding
x-amz-request-id: 6303696349E89FBF
Cache-Control: public, max-age=7200
Accept-Ranges: bytes
CF-RAY: 55c4ca6f58b8dfb1-FRA
Expires: Tue, 28 Jan 2020 19:47:18 GMT

POST
H/1.1 200
OK store.php Show response
bank.reklamstore.com/ 0
261 B 82ms
70ms XHR
text/html 138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://bank.reklamstore.com/store.php
Requested by: Host: bank.reklamstore.com
URL: http://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Jan 2020 17:45:31 GMT
Server: nginx/1.14.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd01c9d44-39a2-454b-ac20-5881bfcb7489
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd01c9d44-39a2-454b-ac20-5881bfcb7489
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D389D638-DABB-4497-B5FE-20E58D2006DC&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489

95 B
880 B

40ms
39ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D389D638-DABB-4497-B5FE-20E58D2006DC&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 28 Jan 2020 17:47:18 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D389D638-DABB-4497-B5FE-20E58D2006DC&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 447
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489
https://s.cpx.to/ca.png?dsp=dbm&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&google_gid=CAESEF64Kjke1tn3VaAIIzWEVlM&google_cver=1

95 B
803 B

34ms
34ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&google_gid=CAESEF64Kjke1tn3VaAIIzWEVlM&google_cver=1

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Date: Tue, 28 Jan 2020 17:47:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:18 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&google_gid=CAESEF64Kjke1tn3VaAIIzWEVlM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&fck=997c09d73d59d17&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=88493d66492b0c59bb6e000766f9b5aa&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&dsp=TRUOPTIK&fck=997c09d73d59d17

95 B
876 B

46ms
31ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=88493d66492b0c59bb6e000766f9b5aa&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&dsp=TRUOPTIK&fck=997c09d73d59d17

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 28 Jan 2020 17:47:18 GMT

Redirect headers

date: Tue, 28 Jan 2020 17:47:18 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
to-dmp-balancer: balancer1-dmp-ny2-eqx.truoptik.com
content-length: 154
pragma: no-cache
to-dmp-sync: sync6-dmp-ny2-eqx.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=88493d66492b0c59bb6e000766f9b5aa&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489&dsp=TRUOPTIK&fck=997c09d73d59d17
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-ray: 55c4ca6fa913c847-AMS
expires: 0

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D10%26fid%3Dd01c9d44-39a2-454b-ac20-5881bfcb7489
https://s.cpx.to/an_fire?app_nexus_uid=9137790523209796744&pid=12475&ref=&hn_ver=10&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489

95 B
864 B

63ms
45ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=9137790523209796744&pid=12475&ref=&hn_ver=10&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 28 Jan 2020 17:47:18 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 17:47:20 GMT
AN-X-Request-Uuid: 020e259b-685d-4da4-aa74-c263b8fa3a6b
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=9137790523209796744&pid=12475&ref=&hn_ver=10&fid=d01c9d44-39a2-454b-ac20-5881bfcb7489
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.67; 85.159.237.67; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://pool.grid-data.bidswitch.net/sync?pid=42
https://s.cpx.to/sync?dsp_uid=1e2da026-165a-4856-9e55-7e8229a97d3a&dsp=BIDSWITCH

95 B
881 B

82ms
31ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=1e2da026-165a-4856-9e55-7e8229a97d3a&dsp=BIDSWITCH

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 28 Jan 2020 17:47:18 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp_uid=1e2da026-165a-4856-9e55-7e8229a97d3a&dsp=BIDSWITCH
Date: Tue, 28 Jan 2020 17:47:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&fck=997c1efe5390255&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=a19143857fcc3e8226ebe901585f4bc5&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&dsp=TRUOPTIK&fck=997c1efe5390255

95 B
876 B

33ms
33ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=a19143857fcc3e8226ebe901585f4bc5&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&dsp=TRUOPTIK&fck=997c1efe5390255

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 28 Jan 2020 17:47:18 GMT

Redirect headers

date: Tue, 28 Jan 2020 17:47:18 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
to-dmp-balancer: balancer2-dmp-nyc1-do.truoptik.com
content-length: 154
pragma: no-cache
to-dmp-sync: sync6-dmp-ny2-eqx.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=a19143857fcc3e8226ebe901585f4bc5&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&dsp=TRUOPTIK&fck=997c1efe5390255
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-ray: 55c4ca6fa917c847-AMS
expires: 0

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c
https://s.cpx.to/ca.png?dsp=dbm&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&google_gid=CAESEF64Kjke1tn3VaAIIzWEVlM&google_cver=1

95 B
803 B

30ms
30ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&google_gid=CAESEF64Kjke1tn3VaAIIzWEVlM&google_cver=1

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Date: Tue, 28 Jan 2020 17:47:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:18 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c&google_gid=CAESEF64Kjke1tn3VaAIIzWEVlM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D69eccee5-6e4f-428e-992a-317ce6d17f5c
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D69eccee5-6e4f-428e-992a-317ce6d17f5c
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5B62A04D-6FAB-412E-9CC2-E7D92557D9A8&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c

95 B
880 B

58ms
30ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5B62A04D-6FAB-412E-9CC2-E7D92557D9A8&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 28 Jan 2020 17:47:18 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5B62A04D-6FAB-412E-9CC2-E7D92557D9A8&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D10%26fid%3D69eccee5-6e4f-428e-992a-317ce6d17f5c
https://s.cpx.to/an_fire?app_nexus_uid=9137790523209796744&pid=12475&ref=&hn_ver=10&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c

95 B
864 B

73ms
34ms

Image
image/png

52.213.151.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=9137790523209796744&pid=12475&ref=&hn_ver=10&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-151-76.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Jan 2020 17:47:18 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 28 Jan 2020 17:47:18 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 17:47:20 GMT
AN-X-Request-Uuid: 915710be-e18f-41d5-97d1-3f8fb9ebea32
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=9137790523209796744&pid=12475&ref=&hn_ver=10&fid=69eccee5-6e4f-428e-992a-317ce6d17f5c
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 85.159.237.67; 85.159.237.67; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.70:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK admaticprebidrender.js Show response
cdn2.admatic.com.tr/showad/ Frame 525B 188 KB
84 KB 43ms
43ms Script
text/javascript 2a02:26b0:8000:29::1:c
SH

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn2.admatic.com.tr/showad/admaticprebidrender.js
Requested by: Host: ads4.admatic.com.tr
URL: https://ads4.admatic.com.tr/showad/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/0?domain=bmedyagrup.com&ts=1580233638069&url=http%3A%2F%2Fbmedyagrup.com%2F&kFilter=0&pid=c832396a-b956-43f1-b99f-9827aab85d83&bn=Chrome&bmv=79&os=Mac%20OS&dfjs=1&smartpipe=adc722c4-42c7-40e6-9d8a-4db9d857ba186a7e
Protocol: HTTP/1.1
Server: 2a02:26b0:8000:29::1:c , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6cb6b2a940266ea265b855ade36497ebb23ea571c059d87927a07f5e3deadb1e

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=UTF-8
Last-Modified: Wed, 22 Jan 2020 09:10:14 GMT
Server: Microsoft-IIS/10.0
ETag: "05f92c13d1d51:0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=7200
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 85957

GET
H2 200 latest.json Show response
currency.prebid.org/ Frame 525B 1 KB
2 KB 552ms
520ms XHR
application/octet-stream 2600:9000:2057:3800:19:2cf2:a900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://currency.prebid.org/latest.json
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/admaticprebidrender.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:3800:19:2cf2:a900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bb52f10c3ccb688d93b6a0e4e42d940d435c810e8339ae82bf63c4099511a1f

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 28 Jan 2020 17:47:19 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
content-length: 1335
last-modified: Tue, 28 Jan 2020 10:01:06 GMT
server: AmazonS3
etag: "2750b0d1f1aa45e19bfeddeeec50086c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: PLZd93YbQLduHKkyPfft6VfZQkGCoz8CPptqleV6fs6IYYQn5b9afw==
expires: Wed, 29 Jan 2020 10:00:59 GMT

GET
H/1.1 200
OK admaticprebid.js Show response
cdn2.admatic.com.tr/showad/ Frame 525B 198 KB
65 KB 43ms
43ms Script
text/javascript 2a02:26b0:8000:29::1:c
SH

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn2.admatic.com.tr/showad/admaticprebid.js
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/admaticprebidrender.js
Protocol: HTTP/1.1
Server: 2a02:26b0:8000:29::1:c , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 34dc8209e1a375409c9370a71ea848157f9fd8a73b0b878f04b1c616634f7563

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:18 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=UTF-8
Last-Modified: Fri, 17 Jan 2020 08:58:21 GMT
Server: Microsoft-IIS/10.0
ETag: "8074864414cdd51:0"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=7200
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 66141

GET
H2 200 latest.json Show response
currency.prebid.org/ Frame 525B 1 KB
2 KB 475ms
475ms XHR
application/octet-stream 2600:9000:2057:3800:19:2cf2:a900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://currency.prebid.org/latest.json
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/admaticprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:3800:19:2cf2:a900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bb52f10c3ccb688d93b6a0e4e42d940d435c810e8339ae82bf63c4099511a1f

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jan 2020 17:47:19 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
status: 200
content-length: 1335
last-modified: Tue, 28 Jan 2020 10:01:06 GMT
server: AmazonS3
etag: "2750b0d1f1aa45e19bfeddeeec50086c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: YAL2Nx0J4qkckMusoMntCYxk4m9uiVidFrQwUsPZC9zONqvBN3xSkA==
expires: Wed, 29 Jan 2020 10:00:59 GMT

POST
H2 204 bidrequest Show response
ads4.admatic.com.tr/prebid/v3/ Frame 525B 0
38 B 168ms
168ms XHR
text/plain 2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr/prebid/v3/bidrequest
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/admaticprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:18 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
status: 204
x-powered-by: ARR/3.0
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://bmedyagrup.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 525B 0
143 B 45ms
14ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.4.0-pre&cb=12598022763
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/admaticprebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 28 Jan 2020 17:47:17 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://bmedyagrup.com
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK vbl.gif
pre.glotgrx.com/ 26 B
774 B 15ms
15ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pre.glotgrx.com/vbl.gif?cb=1580233639234&rnd=588qvmrw2i1d&ifm=0&uai=1&cid=544&s=bmedyagrup.com&p=33561&x=rekmob&adtg=8c2420bdef0945c2bac42aff92176b84&ats=1585x4708&atf=&nsi=&si=29453&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=http%253A//bmedyagrup.com/
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:19 GMT
CF-Cache-Status: HIT
Age: 1427
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
x-amz-id-2: n22e7rFesCzMyRL5vm/W/iW2z8H34wIfkKMvXnV2dOD/ftGRfHw8i3WVubyC5MVTu44wCDnSLFU=
Last-Modified: Wed, 05 Apr 2017 17:26:13 GMT
Server: cloudflare
ETag: "6a43099d5c8fe991a7aa7ebaca53069d"
Vary: Accept-Encoding
x-amz-request-id: 7D2821CA8D2544AB
Cache-Control: public, max-age=7200
x-amz-meta-s3b-last-modified: 20170405T172547Z
Accept-Ranges: bytes
CF-RAY: 55c4ca753ef5dfb1-FRA
Expires: Tue, 28 Jan 2020 19:47:19 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame BA2D 85 KB
30 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 10 Jan 2020 01:49:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 Mar 2017 20:55:54 GMT
Server: sffe
Age: 1612699
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30306
X-XSS-Protection: 0
Expires: Sat, 09 Jan 2021 01:49:00 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/51950195/ Frame BA2D
Redirect Chain

https://mc.yandex.ru/watch/51950195
https://mc.yandex.ru/watch/51950195/1

43 B
444 B

46ms
46ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/51950195/1

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 17:47:19 GMT
Last-Modified: Tue, 28-Jan-2020 17:47:19 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Tue, 28-Jan-2020 17:47:19 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Jan 2020 17:47:19 GMT
Last-Modified: Tue, 28-Jan-2020 17:47:19 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Location: /watch/51950195/1
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Tue, 28-Jan-2020 17:47:19 GMT

GET
H/1.1 200
OK rs-b.png
adimg.rekmob.com/logos/ Frame BA2D 471 B
911 B 42ms
29ms Image
image/png 143.204.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://adimg.rekmob.com/logos/rs-b.png
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 143.204.214.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-70.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 09:15:01 GMT
Via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 Jul 2018 10:20:15 GMT
Server: AmazonS3
Age: 51498
ETag: "5965d59f86a925e809f20a75e26c9d0c"
X-Cache: Hit from cloudfront
Content-Type: image/png
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Content-Length: 471
X-Amz-Cf-Id: JWnBn9xv2ryh6QpBwlBTaDpLetvMUE52QHue5FoTNlVI2gXQwbUNow==

GET
H/1.1 200
OK imp
ads.rekmob.com/m/ Frame BA2D 2 B
179 B 16ms
15ms Image
image/webp 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.rekmob.com/m/imp?uid=8c2420bdef0945c2bac42aff92176b84&udid=230490b881b84b91b624dab30c25d5ee&rid=NWUzMDczYTYwY2YyMjZhNjQ5MzQwODBh&adId=ODc5
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Code: NL
Date: Tue, 28 Jan 2020 17:35:02 GMT
Server: nginx/1.9.6
Connection: keep-alive
Content-Length: 2
Content-Type: image/webp;charset=ISO-8859-1

GET
H2 204 334643 Show response
api.mgid.com/ Frame BA2D 0
107 B 291ms
96ms XHR
text/plain 96.46.176.147
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mgid.com/334643?content_type=xml&src_id=29453_70706&token=5bc371388780ffdfaee7fb06c3b2e0fc&ip=85.159.237.67&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&_=1580233639413
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.46.176.147 Dallas, United States, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: http://bmedyagrup.com/
Origin: http://bmedyagrup.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Tue, 28 Jan 2020 17:47:19 GMT
x-mg-204-reason: blocked ip
server: nginx/1.15.10
access-control-allow-origin: http://bmedyagrup.com

GET
H2 200 zerg.js Show response
www.zergnet.com/ Frame F726 6 KB
3 KB 564ms
105ms Script
application/javascript 52.54.101.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/zerg.js?id=79052
Requested by: Host: adserver.reklamstore.com
URL: http://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.101.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-101-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 144ec6924f7e18d509f19d6c92f0966a1eecdc7ae83645e148b188523a7a7ba7

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jan 2020 17:47:19 GMT
content-encoding: gzip
expires: Tue, 04 Feb 2020 17:47:19 GMT
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK rs-b.png
adimg.rekmob.com/logos/ Frame F726 471 B
911 B 31ms
20ms Image
image/png 143.204.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://adimg.rekmob.com/logos/rs-b.png
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 143.204.214.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-70.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 10:39:34 GMT
Via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 Jul 2018 10:20:15 GMT
Server: AmazonS3
Age: 51498
ETag: "5965d59f86a925e809f20a75e26c9d0c"
X-Cache: Hit from cloudfront
Content-Type: image/png
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Content-Length: 471
X-Amz-Cf-Id: OemPhNryXH5_mZWD2c7066jG6_TTArnpHU1L2QvDuRLWbZF7VrZa8g==

GET
H2 200 output.js Show response
www.zergnet.com/ Frame F726 4 KB
2 KB 107ms
107ms Script
application/javascript 52.54.101.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/output.js?id=79052&time=1580233639987&sc=1&callback=json1596790
Requested by: Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=79052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.101.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-101-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9119c074ef60cc25df06f94de12aef2f89e4608b07d6f1cb37717b651db8190c

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:20 GMT
content-encoding: gzip
server: nginx
p3p: CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: application/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK imp
ads.rekmob.com/m/ Frame F726 2 B
179 B 16ms
15ms Image
image/webp 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ads.rekmob.com/m/imp?uid=065a0aff604b454886fce2b0cfa48d7f&udid=0bbf10ca7b08497e9533ff74a6fc91b7&rid=NWUzMDczYTYwY2YyMjZhNjQ5MzQwODBj&adId=MTI3Ng==
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Code: NL
Date: Tue, 28 Jan 2020 17:35:02 GMT
Server: nginx/1.9.6
Connection: keep-alive
Content-Length: 2
Content-Type: image/webp;charset=ISO-8859-1

GET
H2 200 css
fonts.googleapis.com/ Frame F726 3 KB
868 B 34ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:500,400

Requested by

Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=79052

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c3a75ff664f63b62509f2cce3b751024bad6cffe526b22d59156a673da41e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 28 Jan 2020 17:47:20 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 28 Jan 2020 17:47:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 28 Jan 2020 17:47:20 GMT

GET
H/1.1 200
OK 2882329_300.jpg
img2.zergnet.com/ Frame F726 17 KB
18 KB 101ms
23ms Image
image/jpeg 143.204.214.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.zergnet.com/2882329_300.jpg
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-95.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a53f28177811d93c6eace639bf6bfb89126f2bce66cdce3f7fbf116dfff4b1c

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 15:04:39 GMT
Via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
Last-Modified: Thu, 10 May 2018 19:28:49 GMT
Server: AmazonS3
Age: 9513762
ETag: "f630e2eeca0d7a8f0e590c4a594c9eee"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17761
X-Amz-Cf-Id: IfYrAXALjiytDhQhfIVCHfISIMKD-dAOZ-zDaMT6nHSgbfPljcShHg==
Expires: Fri, 10 May 2019 19:28:48 GMT

GET
H/1.1 200
OK 4594026_300.jpg
img5.zergnet.com/ Frame F726 18 KB
18 KB 98ms
20ms Image
image/jpeg 143.204.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img5.zergnet.com/4594026_300.jpg
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f225518171325dce15e88ad1a29960d18751ac4bc5478feca74cf919a28ad849

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 24 Oct 2019 15:33:04 GMT
Via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Oct 2019 15:26:17 GMT
Server: AmazonS3
Age: 8302456
ETag: "235b52b99046f44798a263e1e1606b6a"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17938
X-Amz-Cf-Id: a9gt2A-SaoMxenIg_418C-aEA2coVwE9CM4Ud3sHGc2ffp1mkkfLOA==
Expires: Sat, 24 Oct 2020 15:26:17 GMT

GET
H/1.1 200
OK 4355139_300.jpg
img4.zergnet.com/ Frame F726 21 KB
22 KB 97ms
21ms Image
image/jpeg 143.204.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/4355139_300.jpg
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a6faf6337ecee132c1d82d7d6df041052296713ac2e1c9bf893157867b9d070

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 02 Aug 2019 21:06:54 GMT
Via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
Last-Modified: Fri, 02 Aug 2019 21:03:49 GMT
Server: AmazonS3
Age: 15453627
ETag: "da57566395c98b0c07412dbf3d4f9749"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21810
X-Amz-Cf-Id: J5qW8Wkw491q3ckGEdXp_qnO0--podMCzSbVAiQQoFrB1QhQQe5eOQ==
Expires: Sun, 02 Aug 2020 21:03:48 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v29/ Frame F726 25 KB
25 KB 23ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v29/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald:500,400
Origin: http://bmedyagrup.com

Response headers

date: Thu, 23 Jan 2020 06:34:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 23:06:58 GMT
server: sffe
age: 472395
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 25376
x-xss-protection: 0
expires: Fri, 22 Jan 2021 06:34:05 GMT

GET
H/1.1 200
OK showadpassback.js Show response
cdn5.admatic.com.tr/showad/ Frame 525B 392 B
868 B 122ms
109ms Script
text/javascript 188.132.227.42
SH

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn5.admatic.com.tr/showad/showadpassback.js
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/admaticprebidrender.js
Protocol: HTTP/1.1
Server: 188.132.227.42 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS: static-42-227-132-188.sadecehosting.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1d4d9e23f0251c2ff16f9ba2abfebd849059276647d66fd9dd1a7d0704739f5d

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:21 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=UTF-8
Last-Modified: Fri, 10 Aug 2018 03:09:41 GMT
Server: Microsoft-IIS/10.0
ETag: "8085d945730d41:0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Cache-Control: public,max-age=7200
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Encoding
Content-Length: 274

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 525B 49 KB
16 KB 62ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/admaticprebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f16de3f1c2045e033d1bd569df7116a065579f1f3674349636c7341b4b2c411

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:21 GMT
content-encoding: gzip
last-modified: Mon, 20 Jan 2020 17:35:28 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5e25e4e0-c225"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 29 Jan 2020 17:47:21 GMT

GET
H2 200 0 Show response
ads4.admatic.com.tr//showad/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/ Frame 525B 1 KB
2 KB 370ms
370ms Script
application/x-javascript 2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr//showad/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/0?domain=bmedyagrup.com&ts=1580233638069&url=http%3a%2f%2fbmedyagrup.com%2f&kFilter=0&pid=c832396a-b956-43f1-b99f-9827aab85d83&bn=Chrome&bmv=79&os=Mac+OS&dfjs=1&smartpipe=adc722c4-42c7-40e6-9d8a-4db9d857ba186a7e&pbids=146409657745
Requested by: Host: cdn5.admatic.com.tr
URL: http://cdn5.admatic.com.tr/showad/showadpassback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: 0f392a2146275d611cd1f033fc0c0eae27b8996d66c313401046895f76372631

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:21 GMT
content-type: application/x-javascript; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store
timing-allow-origin: *
content-length: 1388
expires: -1

GET
H2 200 0 Show response
ads4.admatic.com.tr/pb/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/ Frame 525B 905 B
971 B 52ms
52ms Script
application/x-javascript 2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr/pb/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/0?domain=bmedyagrup.com&ts=1580233642084&url=http%3A%2F%2Fbmedyagrup.com%2F&kFilter=0&pid=c832396a-b956-43f1-b99f-9827aab85d83&bn=Chrome&bmv=79&os=Mac%20OS&dfjs=1&gdpr=false&gdpr_string=
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: 031f9d413abd8a5762c0db233e51d349587930c83595cab4a6b65f9a1326d122

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jan 2020 17:47:22 GMT
content-type: application/x-javascript; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store
timing-allow-origin: *
content-length: 905
expires: -1

GET
H/1.1 200
OK a61fd813-ddea-4f39-955e-2a60216323c8 Show response
ads5.admatic.com.tr/showad/social-responsibility/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/ Frame 525B 489 B
967 B 101ms
53ms Script
application/x-javascript 2a02:26b0:8000:29::1:21
SH

General

Check archive.org

Show headers Download Go to

Full URL: http://ads5.admatic.com.tr/showad/social-responsibility/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8?domain=bmedyagrup.com&url=http%3a%2f%2fbmedyagrup.com%2f&top=&left=
Requested by: Host: ads4.admatic.com.tr
URL: https://ads4.admatic.com.tr//showad/masthead/adm-290ac4b1-7777-448e-b7fb-8a840a59718f-div/adm-pub-135145377022/199531693583/501/970/250/1600/1200/a61fd813-ddea-4f39-955e-2a60216323c8/0?domain=bmedyagrup.com&ts=1580233638069&url=http%3a%2f%2fbmedyagrup.com%2f&kFilter=0&pid=c832396a-b956-43f1-b99f-9827aab85d83&bn=Chrome&bmv=79&os=Mac+OS&dfjs=1&smartpipe=adc722c4-42c7-40e6-9d8a-4db9d857ba186a7e&pbids=146409657745
Protocol: HTTP/1.1
Server: 2a02:26b0:8000:29::1:21 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash: 31a32a49ff447cbf22a3b3435d061f9cd4b42903b38d298a56324b34c8d4a6f6

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
Date: Tue, 28 Jan 2020 17:47:21 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ARR/3.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Cache-Control: private
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 489

GET
H/1.1 200
OK kzly-banner-970x250.gif
cdn6.admatic.com.tr/img/admaticcampaigns/kizilay/sefkat-nobeti/ Frame 525B 167 KB
168 KB 142ms
50ms Image
image/gif 2a02:26b0:8000:29::1:15
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn6.admatic.com.tr/img/admaticcampaigns/kizilay/sefkat-nobeti/kzly-banner-970x250.gif
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 2a02:26b0:8000:29::1:15 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4b90ef8902e09b1bf2279c4f002427d4ca86bf1e674afe90b8f64103f807c0cb

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
Date: Tue, 28 Jan 2020 17:47:21 GMT
Last-Modified: Fri, 30 Mar 2018 11:13:20 GMT
Server: Microsoft-IIS/10.0
ETag: "a5d7a81c18c8d31:0"
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/gif
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Encoding
Content-Length: 171107

GET
H2 200 kzly-banner-970x250.gif
cdn6.admatic.com.tr/img/admaticcampaigns/kizilay/sefkat-nobeti/ Frame 525B 167 KB
168 KB 163ms
44ms Image
image/gif 2a02:26b0:8000:29::1:15
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn6.admatic.com.tr/img/admaticcampaigns/kizilay/sefkat-nobeti/kzly-banner-970x250.gif
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:15 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4b90ef8902e09b1bf2279c4f002427d4ca86bf1e674afe90b8f64103f807c0cb

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 28 Jan 2020 17:47:21 GMT
last-modified: Fri, 30 Mar 2018 11:13:20 GMT
server: Microsoft-IIS/10.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
etag: "a5d7a81c18c8d31:0"
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: image/gif
status: 200
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Encoding
content-length: 171107

GET
H2

200

html
ads4.admatic.com.tr/showad/px/ums/sync/ Frame 1649
Redirect Chain

https://ads4.admatic.com.tr/prebid/static/usersync/v3/async_usersync.html
https://ads4.admatic.com.tr/showad/px/ums/sync/html

0
0

46ms
45ms

Document
text/html

2a02:26b0:8000:29::1:5a
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads4.admatic.com.tr/showad/px/ums/sync/html
Requested by: Host: cdn2.admatic.com.tr
URL: http://cdn2.admatic.com.tr/showad/admaticprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26b0:8000:29::1:5a , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ARR/3.0
Resource Hash

Request headers

:method: GET
:authority: ads4.admatic.com.tr
:scheme: https
:path: /showad/px/ums/sync/html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://bmedyagrup.com/
accept-encoding: gzip, deflate, br
cookie: __adm_ui=0d67e0692f1146f1bccc0018a76748c8; ARRAffinity=0d29dd319699856e02698355d026529ad8f136933054fd252c2db43722360214
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://bmedyagrup.com/

Response headers

status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: -1
server: Microsoft-IIS/10.0
set-cookie: __adm_ui=0d67e0692f1146f1bccc0018a76748c8; Expires=Fri, 22 Jan 2021 20:47:24 GMT; Domain=admatic.com.tr; Path=/; Secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-allow-methods: GET, POST
access-control-allow-origin: https://bmedyagrup.com
access-control-max-age: 86400
x-aspnet-version: 4.0.30319
x-powered-by: ARR/3.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
timing-allow-origin: *
date: Tue, 28 Jan 2020 17:47:24 GMT
content-length: 206

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
location: https://ads4.admatic.com.tr/showad/px/ums/sync/html
server: Microsoft-IIS/10.0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
timing-allow-origin: *
date: Tue, 28 Jan 2020 17:47:24 GMT
content-length: 174

GET
H2 200 2716.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 500 B
457 B 42ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/2716.svg

Requested by

Host: bmedyagrup.com
URL: http://bmedyagrup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

f39e7ecf003f57bad813ff5b686add8eca88b02f364e0ba946d1ddd8eb25e61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Tue, 28 Jan 2020 17:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
215 B 27ms
14ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A8.1.1&blog=171842021&post=0&tz=0&srv=bmedyagrup.com&host=bmedyagrup.com&ref=&fcp=5216&rand=0.7632842188574989
Requested by: Host: bmedyagrup.com
URL: http://bmedyagrup.com/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 28 Jan 2020 17:47:27 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H/1.1

200
OK

event
img.secureserver.net/t/1/tl/
Redirect Chain

http://img.secureserver.net/t/1/tl/event?cts=1580233653155&tce=1580233632598&tcs=1580233632586&tdc=1580233652902&tdclee=1580233647897&tdcles=1580233647842&tdi=1580233647842&tdl=1580233632632&tdle=1...
https://img.secureserver.net/t/1/tl/event?cts=1580233653155&tce=1580233632598&tcs=1580233632586&tdc=1580233652902&tdclee=1580233647897&tdcles=1580233647842&tdi=1580233647842&tdl=1580233632632&tdle=...

43 B
634 B

171ms
115ms

Image
image/gif

95.100.73.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.secureserver.net/t/1/tl/event?cts=1580233653155&tce=1580233632598&tcs=1580233632586&tdc=1580233652902&tdclee=1580233647897&tdcles=1580233647842&tdi=1580233647842&tdl=1580233632632&tdle=1580233632586&tdls=1580233632566&tfs=1580233632566&tns=1580233632566&trqs=1580233632598&tre=1580233632643&trps=1580233632629&tles=1580233652902&tlee=1580233652954&ht=perf&dh=bmedyagrup.com&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&vci=675189238&cv=1.0.6&z=2036302964&vg=2295a9b5-3155-49bb-a74a-0fbe166d243b&vtg=2295a9b5-3155-49bb-a74a-0fbe166d243b&ap=wpaas&trfd=%7B%22cts%22%3A1580233647842%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22n3nlwpwebof002.prod.ams3.secureserver.net%22%2C%22xid%22%3A%2243098897%22%2C%22wp%22%3A%225.3.2%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%7D&dp=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.73.41 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-73-41.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bmedyagrup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Tue, 28 Jan 2020 17:47:33 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://bmedyagrup.com, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://img.secureserver.net/t/1/tl/event?cts=1580233653155&tce=1580233632598&tcs=1580233632586&tdc=1580233652902&tdclee=1580233647897&tdcles=1580233647842&tdi=1580233647842&tdl=1580233632632&tdle=1580233632586&tdls=1580233632566&tfs=1580233632566&tns=1580233632566&trqs=1580233632598&tre=1580233632643&trps=1580233632629&tles=1580233652902&tlee=1580233652954&ht=perf&dh=bmedyagrup.com&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&vci=675189238&cv=1.0.6&z=2036302964&vg=2295a9b5-3155-49bb-a74a-0fbe166d243b&vtg=2295a9b5-3155-49bb-a74a-0fbe166d243b&ap=wpaas&trfd=%7B%22cts%22%3A1580233647842%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22n3nlwpwebof002.prod.ams3.secureserver.net%22%2C%22xid%22%3A%2243098897%22%2C%22wp%22%3A%225.3.2%22%2C%22php%22%3A%227.3.12%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%7D&dp=%2F
Date: Tue, 28 Jan 2020 17:47:33 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secureservercdn.net/160.153.137.99/y5r.6ef.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1&time=1580219619(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: http://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api	log	URL: http://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api	log	(Line 1) Message: keyword false
console-api	info	URL: http://cdn2.admatic.com.tr/showad/showad.js(Line 2) Message: %c AdMatic %c inited v4.4.1.81 background:#AC1F23;color:#fff;font-weight:bold;font-size:12px; color:#000;font-size:10px;
console-api	info	URL: http://cdn2.admatic.com.tr/showad/showad.js(Line 2) Message: %c AdMatic %c kf deprem background:#AC1F23;color:#fff;font-weight:bold;font-size:12px; color:#000;font-size:10px;
console-api	info	URL: http://cdn2.admatic.com.tr/showad/showad.js(Line 2) Message: %c AdMatic %c kf enkaz background:#AC1F23;color:#fff;font-weight:bold;font-size:12px; color:#000;font-size:10px;
console-api	info	URL: http://cdn2.admatic.com.tr/showad/showad.js(Line 2) Message: %c AdMatic %c kf intihar background:#AC1F23;color:#fff;font-weight:bold;font-size:12px; color:#000;font-size:10px;
console-api	info	URL: http://cdn2.admatic.com.tr/showad/showad.js(Line 2) Message: %c AdMatic %c inited v4.4.1.81 background:#AC1F23;color:#fff;font-weight:bold;font-size:12px; color:#000;font-size:10px;
console-api	info	URL: http://cdn2.admatic.com.tr/showad/showad.js(Line 2) Message: %c AdMatic %c kf deprem background:#AC1F23;color:#fff;font-weight:bold;font-size:12px; color:#000;font-size:10px;
console-api	info	URL: http://cdn2.admatic.com.tr/showad/showad.js(Line 2) Message: %c AdMatic %c kf enkaz background:#AC1F23;color:#fff;font-weight:bold;font-size:12px; color:#000;font-size:10px;
console-api	info	URL: http://cdn2.admatic.com.tr/showad/showad.js(Line 2) Message: %c AdMatic %c kf intihar background:#AC1F23;color:#fff;font-weight:bold;font-size:12px; color:#000;font-size:10px;
console-api	log	URL: https://bank.reklamstore.com/rs.js(Line 1) Message: rsjs1011
console-api	log	URL: http://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Results: rmb: 0.00000830992177707449, size: 300x250
console-api	log	URL: http://adserver.reklamstore.com/reklamstore.js(Line 1) Message: [object Object]
console-api	log	URL: http://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Results: rmb: 0.000008426871608184179, size: 300x600
console-api	log	URL: http://adserver.reklamstore.com/reklamstore.js(Line 1) Message: [object Object]
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.2(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	(Line 1) Message: keyword false
console-api	log	(Line 1) Message: keyword false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adimg.rekmob.com
admatic.mgr.consensu.org
ads.rekmob.com
ads4.admatic.com.tr
ads5.admatic.com.tr
adserver.reklamstore.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
api.mgid.com
aws-fr-sync.bidswitch.net
bank.reklamstore.com
bidder.criteo.com
bmedyagrup.com
bsw.digitru.st
cdn.onesignal.com
cdn2.admatic.com.tr
cdn5.admatic.com.tr
cdn6.admatic.com.tr
cm.g.doubleclick.net
currency.prebid.org
dmp.adform.net
dmp.truoptik.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
img.secureserver.net
img1.wsimg.com
img2.zergnet.com
img4.zergnet.com
img5.zergnet.com
iq.reklamselfie.com
lessbuttons.com
mc.yandex.ru
p.cpx.to
pagead2.googlesyndication.com
pixel.wp.com
pixel.yabidos.com
pool.grid-data.bidswitch.net
pre.glotgrx.com
prebid-eu.creativecdn.com
ps.eyeota.net
s.cpx.to
s.w.org
secure.adnxs.com
secureservercdn.net
spadsync.com
static.criteo.net
stats.wp.com
www.googletagmanager.com
www.googletagservices.com
www.zergnet.com
x.bidswitch.net
104.16.53.4
104.16.91.60
104.82.112.92
138.68.105.0
143.204.214.116
143.204.214.54
143.204.214.70
143.204.214.95
146.185.142.91
160.153.137.99
172.217.22.34
178.250.2.152
18.197.186.95
185.184.8.30
185.33.223.197
185.64.189.110
188.132.227.42
192.0.76.3
192.0.77.48
2600:9000:2057:3800:19:2cf2:a900:93a1
2600:9000:214f:d800:1c:4bbb:9180:93a1
2606:4700::6810:3f36
2606:4700::6812:e234
2a00:1450:4001:806::200a
2a00:1450:4001:809::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:821::2003
2a02:2638::3
2a02:26b0:8000:29::1:15
2a02:26b0:8000:29::1:1e
2a02:26b0:8000:29::1:21
2a02:26b0:8000:29::1:5a
2a02:26b0:8000:29::1:c
2a02:6b8::1:119
2a02:fe80:1010::16
2a03:2880:f01c:800e:face:b00c:0:2
3.125.70.222
35.157.107.235
37.157.2.238
37.157.6.251
46.101.136.217
46.101.80.192
52.213.151.76
52.28.211.49
52.54.101.83
52.56.239.183
52.58.102.227
95.100.73.41
96.46.176.147
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
031f9d413abd8a5762c0db233e51d349587930c83595cab4a6b65f9a1326d122
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
072cfdc3b5c6541f3d3c06ebd4c138ab38b6e7983704b73dcb46710ac3ccb05b
077dfd9a39946d218e3052428a9281909f7ae77142e35f2b3e9eeb60a0bf4b2c
095b25f20600476bb484847104b411fa7892b2502826a2a25cfd721f4a4d4a41
0de22b75b144df003fb0d1c8163480ddef08937cb2e2881bbcee6f906b25146c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f16de3f1c2045e033d1bd569df7116a065579f1f3674349636c7341b4b2c411
0f392a2146275d611cd1f033fc0c0eae27b8996d66c313401046895f76372631
0ff1497ecffe68eabfbfc12ce5c561d81753059580625485c8cd322f45a5cc90
113f5b9a09fa94b4cf5781b6c001863dab47a72a0b3e6937633940fbbab8080d
11aaa80b4fc99a5e9226d45f37410812d48202f5c34fae00b1f6eec948d6f7ed
136bdf6003a20291fa880c2aaf8dde86fad3da0925b8b23a8a82f39ef9061e29
144ec6924f7e18d509f19d6c92f0966a1eecdc7ae83645e148b188523a7a7ba7
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
19e380d8f0a4b344b6530d3a6d6e40c9e3173d9185087cd3b823bb03007fc6a2
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1b1b49414afaa9b5f9f32b6599d6c6e2695a2be56cccda138943d5a8d5129036
1d4d9e23f0251c2ff16f9ba2abfebd849059276647d66fd9dd1a7d0704739f5d
1da84b6e14ade0032c033c3106e0d3228f8e5552abee04cadac0c80120083735
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2173db83e64724db6083a469dac90ad11c52ea3dcc6557cf514d58928354d6a8
240f2ba78c2defd9060ac436574cfe538c233bb2e8a5dcbaf8ae4191b15db1fb
2415915d06de544b2c0b1a6aa29ab178a15e99e0c1c6148dfc8183aa1c58265b
2a53f28177811d93c6eace639bf6bfb89126f2bce66cdce3f7fbf116dfff4b1c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dcaa408e1dc85fa06ad3d998b43f55bd26a5c5c5c7eb008077fa2e8d5bb29ab
2e068948229c5af3b37a6927a61efe4851a09c71ade24f529d1ad56b01e31ff2
2f35996fb654118f095b415c9f785c8a4c7d9253d418be3f3e8a422f7364dff4
31a32a49ff447cbf22a3b3435d061f9cd4b42903b38d298a56324b34c8d4a6f6
34dc8209e1a375409c9370a71ea848157f9fd8a73b0b878f04b1c616634f7563
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c8c3d3166a07e11ebfc3042350923a8570a6357219a43e37bcfdedc9f4dd6ec
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
4021be9e8f2fe3120701e8d43f37b21d48a26141a4fa5aeda776428a1eac5813
410046250886187bda5ba9b430906e521af1125ac7299c9d1d66c9a47cc46fec
45e137e517980fa8d25ca605a6fec1340558b642d225284cad071bfcc48aa9c1
45f461bf78813a1ee5c3a025b6b9bf83f9c78da98390f7208826dbd64573ec10
46eaa78140ea25a90d717b938f9e4f041679c03820cfa62ff3e9ea2c7016cb39
48db482e657fcf98aa556a1b6318cafe94fff32756b2a4c20e51c95547f42c60
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49a6a95358bbe66f535950d0e3cd41d290cf152778ec09e895eb554e102ac670
4b90ef8902e09b1bf2279c4f002427d4ca86bf1e674afe90b8f64103f807c0cb
4e64cec8447a6889d6c07d5fd4a674a90aef28257d24a5f75c56e3f3b08a22ec
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
52159f8f685d2d875e6bc43adb913343392e0ad2c29f330d6274ec31d410d7e5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558b5e50ac5b68c9bf625b3b9d98463f8d98cc71cb34a5e680e70566672adc52
55bf202fd57abb7b1bc44c4e6d91d662a936633f4a5e68a076bf14c613bf2593
58d7f6330ebfe0338b6d166c42b00b4a739bedbcbeaf60eecf1847a8ed81ce2d
5a6faf6337ecee132c1d82d7d6df041052296713ac2e1c9bf893157867b9d070
5b1ed3101b0a0e98a6ff3d3dee220bf7096c896a144560c48dd3ed45f4fb5065
5b735e45514506d0ef8a81c39fd7c6ea8fc3e31ab51daef8bb5de321f9e8841b
5cec5174b062879b4d7ab1c883d607fc4812e7622353f6db2f1ccd31aad9ff84
5d0aa940e58cb6b03ee8707f6435a8e56c48f66ad834d4838333e2db34795054
646cc4f0c6e773578d27a64d78a8b20102017bd2b0f5994013b7c0b73e352289
663e5684a7acd3bbe38304a9420b104f3ea052acd60564c40b86185ff1779885
6821d7bdf52b33e1a8d6fc7fd6a90ca62f753a3f4c4de52dcfe2285ebe8db085
6853d729a67593739860d399dc73e21340de4f57bda79cc930f536e428967b4f
6bafadcb1056d5f65b1de0cdb416a76a604d26086b591883eaf124466c6e8df7
6c548e1be2e05f58275517fbc9d9fe83f3e4e1cfa2c2bde0d2c4c821320c7b2c
6cb6b2a940266ea265b855ade36497ebb23ea571c059d87927a07f5e3deadb1e
6f88461eff9662ba1d469393859300974537a63977ee374e47c747df4b177301
73f95cf0a9f883363f49452e584a675c8dc2ab7c030d5b56a77dee9b265d619e
787de5318212b9f65a047eb522ae444cbe2a10267b777f5ef7e681473bb2a0ae
7c02af50f5f6406aeb30542783e97774a62ac984403f7db06c2982ae68cf7079
7c3a75ff664f63b62509f2cce3b751024bad6cffe526b22d59156a673da41e17
7e4895a9d150935ee2b1a687a504fa970f334cb1c16233a9bc4f1fda22e18c59
7e4b60b0839272d368430dcf504aa916616266df74d8025b1ae18abe916b8a1e
7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
829ac070b5d78313dc49fa7792b09591d1ad3bb6b332ad505907eddddcff9782
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87352e7d6efad017173e9c6b013e5987e7e56eeff12648de5facfd840ba77e78
8bb52f10c3ccb688d93b6a0e4e42d940d435c810e8339ae82bf63c4099511a1f
8bed74f524c43e032e1de2a2df5d24e132afe308c0eb47604e4d7169d6cb6eea
9119c074ef60cc25df06f94de12aef2f89e4608b07d6f1cb37717b651db8190c
949d3f7ad7481fd0926420e32b9e816aa1054f66e265cc0a794412c69d8145ce
9777cdc714f5f41e30b3ce3bef443895e7e454bc304e32bb97d20c4e3d78032e
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9be67b6b4cda14eea622e9b74d1520672ba179298a09474b453dd860e904c07e
9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9
a542ceefb49d8ecc0742217c81ef1f1fac07dd34219b9aa904dbe8dc4f3d2090
a99ef66371daf1c1f72954cc5683f72747791b9b64240e1bee67bc27229a05b3
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
aa65555d7e01d66ac2ca504c2e11f4b21a533ea414cd6620104524e17d7e6c3e
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
ab682b09c58df461d528e1d3387c63fea8b854306afe1d1441531fa51dabc14b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26a7cb9dad4f92a4116cf37b62716008197273897f75fb166f65d44d24c71bd
bf0984b15dddee3538aefeaf5ebd490e7bd901936e1e6dd23eb719398a185690
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c22c4f772a11111563e5ff177bef50d000d724d01667e334c582eb97a4eebc56
c8150a6485e37f6ef60feda9836c6e685c3fa24db0035ef1978be5a656a5c3c6
d0cf462c7b9d175224269b0705f2910ca745514212ae050d4c7cdad6f8502f5a
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
db7cdaa85c987a4c71b79925fba099cf0fe669d041c8acd091d2b28d3ff21f38
dba4d22701369b2c2e7adfa8c39cfea3e5ffbb503d3d510fcc79e34a7aa20ca8
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c00976a60c9cfaa79743b350ba139a02be110aabb5b33f0b9b23b86ff1250d
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
e9c3c5d55b8780688e2c047d655d38d3d16db2662e041462e2b32302b1d9c56d
ecbef203e42fb2a75d59fd5e21b8374640ae7807ffc0ce8297fb13c668bb44dd
f225518171325dce15e88ad1a29960d18751ac4bc5478feca74cf919a28ad849
f325274c83fdb74900ede2d771165f24d8d6e9c3bea3cd7563d2b0e3d840d49d
f39e7ecf003f57bad813ff5b686add8eca88b02f364e0ba946d1ddd8eb25e61e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f9259008f6fe85533681b293f526fdd3355b43a7b98526ae00e2b371c8ee772c
faebc8e7322c41cfb2ec30397afbd7c623d01217caedd94fee404c07ee73b99c
fbe7f5c5050615452d12af07b6cef6cc0db31c78eea125a4078ee80cb9556777
ff3b1af6b436bcd7442ad162f26377bdc788fe1e95d3fc8149e45f4294abcce8

bmedyagrup.com Open in urlscan Pro 160.153.137.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

149 Requests

75 %HTTPS

36 %IPv6

40 Domains

58 Subdomains

43 IPs

11 Countries

3227 kBTransfer

5483 kBSize

0 Cookies

6 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

bmedyagrup.com Open in urlscan Pro
160.153.137.99 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

75 %
HTTPS

36 %
IPv6

40
Domains

58
Subdomains

43
IPs

11
Countries

3227 kB
Transfer

5483 kB
Size

0
Cookies

149 HTTP transactions
0 data transactions