www.salesalevia.com Open in urlscan Pro
2606:4700:3034::ac43:cf02 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mynewcbdoil.com/
Effective URL:
http://www.salesalevia.com/
Submission Tags: tranco_l324
Submission: On November 21 via api (November 21st 2021, 3:24:49 am UTC) from DE — Scanned from DE

Summary HTTP 165 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 28 domains to perform 165 HTTP transactions. The main IP is 2606:4700:3034::ac43:cf02, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.salesalevia.com.

This is the only time www.salesalevia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:dfb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::ac43:c38c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:b778	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3034::ac43:cf02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:810::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 10	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3036::6815:4ad0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21 21	2606:4700:20:... 2606:4700:20::ac43:4670	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700:303... 2606:4700:3033::ac43:befc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.138.160 18.66.138.160	16509 (AMAZON-02) (AMAZON-02)
4	158.69.139.225 158.69.139.225	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
2	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	2606:4700:303... 2606:4700:3033::ac43:bd2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
165	26

1 2606:4700:3031::ac43:dfb4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mynewcbdoil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:c38c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.xlviagragen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:b778 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cialistrxonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::ac43:cf02 (United States)

ASN13335 (CLOUDFLARENET, US)

www.salesalevia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.75.88.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:4ad0 (United States)

ASN13335 (CLOUDFLARENET, US)

upload.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.47 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:20::ac43:4670 (United States) 21 redirects

ASN13335 (CLOUDFLARENET, US)

git.player25.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:3033::ac43:befc (United States)

ASN13335 (CLOUDFLARENET, US)

inanamiyorumhalaburdasin.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.138.160 (United States)

ASN16509 (AMAZON-02, US)

jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 158.69.139.225 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip225.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.114.214 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:bd2c (United States)

ASN13335 (CLOUDFLARENET, US)

dtsedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com 4.bp.blogspot.com 3.bp.blogspot.com	27 MB
25	inanamiyorumhalaburdasin.cloud inanamiyorumhalaburdasin.cloud	1 MB
21	player25.xyz 21 redirects git.player25.xyz	16 KB
18	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	17 KB
9	addthis.com 1 redirects s7.addthis.com m.addthis.com api-public.addthis.com	218 KB
5	gstatic.com fonts.gstatic.com	72 KB
5	jsdelivr.net cdn.jsdelivr.net	238 KB
4	dtscout.com t.dtscout.com	6 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com stackpath.bootstrapcdn.com	108 KB
4	blogger.com www.blogger.com	186 KB
4	salesalevia.com www.salesalevia.com	41 KB
3	amung.us whos.amung.us widgets.amung.us	7 KB
3	google-analytics.com www.google-analytics.com	40 KB
2	pinterest.com widgets.pinterest.com	440 B
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	86 KB
1	dtsedge.com dtsedge.com	582 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	addthisedge.com v1.addthisedge.com	989 B
1	jwpsrv.com jwpsrv.com	41 KB
1	moatads.com z.moatads.com	1 KB
1	blogblog.com resources.blogblog.com	319 B
1	rawgit.com 1 redirects cdn.rawgit.com	658 B
1	jquery.com code.jquery.com	33 KB
1	waust.at waust.at	8 KB
1	upload.ink upload.ink	63 KB
1	cialistrxonline.com 1 redirects www.cialistrxonline.com	843 B
1	xlviagragen.com 1 redirects www.xlviagragen.com	825 B
1	mynewcbdoil.com 1 redirects mynewcbdoil.com	817 B
165	28

	Domain	Requested by
27	1.bp.blogspot.com	www.salesalevia.com inanamiyorumhalaburdasin.cloud
25	inanamiyorumhalaburdasin.cloud	www.salesalevia.com inanamiyorumhalaburdasin.cloud
21	git.player25.xyz	21 redirects www.salesalevia.com
14	ic.tynt.com	www.salesalevia.com inanamiyorumhalaburdasin.cloud
6	2.bp.blogspot.com	www.salesalevia.com
5	fonts.gstatic.com	fonts.googleapis.com
5	cdn.jsdelivr.net	www.salesalevia.com inanamiyorumhalaburdasin.cloud
5	s7.addthis.com	1 redirects www.salesalevia.com s7.addthis.com
4	t.dtscout.com	waust.at t.dtscout.com widgets.amung.us
4	www.blogger.com	www.salesalevia.com
4	www.salesalevia.com	www.salesalevia.com cdn.rawgit.com
3	api-public.addthis.com	s7.addthis.com
3	www.google-analytics.com	www.salesalevia.com www.google-analytics.com www.googletagmanager.com
3	4.bp.blogspot.com	www.salesalevia.com inanamiyorumhalaburdasin.cloud
2	de.tynt.com	cdn.tynt.com
2	cdn.tynt.com	waust.at widgets.amung.us
2	widgets.pinterest.com	www.salesalevia.com
2	whos.amung.us	waust.at widgets.amung.us
2	stackpath.bootstrapcdn.com	inanamiyorumhalaburdasin.cloud
2	maxcdn.bootstrapcdn.com	www.salesalevia.com maxcdn.bootstrapcdn.com
2	3.bp.blogspot.com	www.salesalevia.com
1	dtsedge.com	t.dtscout.com
1	widgets.amung.us	inanamiyorumhalaburdasin.cloud
1	www.googletagmanager.com	inanamiyorumhalaburdasin.cloud
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	jwpsrv.com	inanamiyorumhalaburdasin.cloud
1	z.moatads.com	s7.addthis.com
1	resources.blogblog.com	www.salesalevia.com
1	fonts.googleapis.com	www.salesalevia.com
1	cdn.rawgit.com	1 redirects
1	code.jquery.com	www.salesalevia.com
1	waust.at	www.salesalevia.com
1	upload.ink	www.salesalevia.com
1	ajax.googleapis.com	www.salesalevia.com
1	www.cialistrxonline.com	1 redirects
1	www.xlviagragen.com	1 redirects
1	mynewcbdoil.com	1 redirects
165	38

This site contains links to these domains. Also see Links.

Domain
bit.ly
whos.amung.us
bozguncuiptv1.com
bozguncubetting.com
www.blogger.com
www.google.com.tr

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
jwpsrv.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh

This page contains 54 frames:

Primary Page: http://www.salesalevia.com/
Frame ID: 5C0780710F0136672C751A37FCCFCBB5
Requests: 65 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html
Frame ID: 02607F56812CF1DE025D9A90ACFC76E2
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html
Frame ID: A2A4EF9A03F2E5E37BD3AA30C1240C63
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050restbet.html
Frame ID: 1AB82EE24DD0F0FE248BB7ABC666B231
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050liderbahis.html
Frame ID: 7CE65B463E06C9C18F49F7C072D5BDE4
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050supertotobet.html
Frame ID: C1558EF0A1D0B9B13833899A5337AE2C
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890liderbahis.html
Frame ID: CC79ADBCA214C23A871B90C643C7A007
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890restbet.html
Frame ID: 9FD629228B0E2E2865619BF5F2D09A86
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890supertotobet.html
Frame ID: 8CE83DF4249A7187EAB23ED83F6ECC4F
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html
Frame ID: 881C4DC9C6378546D019677769369AFE
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Frame ID: F7B50A31E8838FDC7551A5316E0A2418
Requests: 22 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html
Frame ID: CD64AF7FBCB515FBCF8DF4E2B6979242
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html
Frame ID: 4E421DD6BD84FF28249D2D7BA1AEDC12
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html
Frame ID: 6379DE9721E377D8CD64625DEBDB3D7B
Requests: 2 HTTP requests in this frame

Frame: http://git.player25.xyz/watch/bein1.html
Frame ID: 2A5DF252447E066A73BA2B5FD9CAA665
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: 7A6860C625F2DD75BD1F85208D0866FE
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: A3F301B2927F0B16A1980602EA5B1C4D
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: 138DAB7D9E301722B4BCEB7513760004
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: CAD9F0AA431DC00A8FDFDA6CDB12B6A4
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/watch/bein1.html
Frame ID: 75EAB57CEF1F3346EDBB80CC7D4878B3
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: F48ADDABAD9015C77799C5283776541B
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: 2E6B5C3F6F6443E0184941D5A00ED32E
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: D86E8E4AB5CB1FF01A0243DEDC51C63B
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: A83B8CC88B1A3A6EFB7C557253A82665
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/watch/bein1.html
Frame ID: EAEAA6235CEAD4BFD5F602E22E179BCE
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: EBF15AE4DE22DA8B038546625187CAD7
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: CCDC2C4C0AFC12507394B5DA700A2C88
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: E7D1FA3701BCB4C9A58403DFD8EB2277
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: 17BF916BB7C74D4D174AE7FF8E31BF63
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/watch/ch7.html
Frame ID: 699488A967E49F163B38B8BE8E6B61CB
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: BFC66EEFFC85C84165E1A8008549E10D
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: 79AF8E2884201BD3129DFCD68C4DFB0C
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: 012CD2F3D88D9933C528CBEDECD64918
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: 654A60236D97396E57D56A05491A1474
Requests: 1 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Frame ID: 680133659D827466F09543CA23A3A541
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: 94CD794D4BA2AA35A30DD7AC6E745675
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: 8C2B46C2A5849E86F8773EE4186C6650
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: D2255BDCDE29E58182FFD688DB7ED946
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: DB969B91BCE688A95830BB7AAF1DDA71
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/watch/yurop10.html
Frame ID: 16FCF1ED0478C8F4DD37F9A265A4A6F8
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: 58ADF28798A67E795501C503FDEE5763
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890tipo.html
Frame ID: 96A3DECB2116D4F1F43FC9F62F51619C
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: B280F4DF9E7E12A6E95D2479D11527C3
Requests: 1 HTTP requests in this frame

Frame: http://git.player25.xyz/kutular/72890celta.html
Frame ID: F65B353AA2C6DA79BA33ACA3E1C2D3A8
Requests: 1 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Frame ID: 8FED7DF7FE2FE1B7805D21898DFBD767
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Frame ID: 571D80999CC828D776855171F35A20CB
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html
Frame ID: 16D21CA200396285D30DCFC846469406
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html
Frame ID: 88CEB0E4ECCA1F057309F22DEA7CB085
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250onwin.html
Frame ID: 7988CCE076CA63585D43497D8E2E36A3
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betistcom.html
Frame ID: DF0F6321F47A3A1BB0C9D7EE3892CFE8
Requests: 2 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250tipobet.html
Frame ID: E970633FE3DA3B4BB5B259EFA8D06554
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E865628ACFA0853DBCCCEA6C36090E11
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 5AEFFB008E5BF93DAC2B983BC37C56DC
Requests: 1 HTTP requests in this frame

Frame: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html
Frame ID: 6F5F945DB335A3BCA787C7DCB5684931
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Justin tv izle, Maç Yayınları, Canlı Maç izleFacebookTwitterPrintEmailPinterestGmailAddThisFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

http://mynewcbdoil.com/ HTTP 302
http://www.xlviagragen.com/ HTTP 302
http://www.cialistrxonline.com/ HTTP 302
http://www.salesalevia.com/ Page URL

Page Statistics

165
Requests

57 %
HTTPS

67 %
IPv6

28
Domains

38
Subdomains

26
IPs

5
Countries

30037 kB
Transfer

31744 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/bozguncu-apk

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/ligtvmax1/
Title: 144

Search URL Search Domain Scan URL

URL: https://bozguncuiptv1.com/
Title: iPTV Satın Al

Search URL Search Domain Scan URL

URL: https://bozguncubetting.com/
Title: deneme bonusu

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.google.com.tr/
Title: Google

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mynewcbdoil.com/ HTTP 302
http://www.xlviagragen.com/ HTTP 302
http://www.cialistrxonline.com/ HTTP 302
http://www.salesalevia.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 15

https://cdn.rawgit.com/Arlina-Design/redvision/master/unlipage.js HTTP 301
https://cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/unlipage.js

Request Chain 21

http://git.player25.xyz/pop-supertotobet.js HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-supertotobet.js

Request Chain 23

http://git.player25.xyz/kutular/100050bahiscom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html

Request Chain 24

http://git.player25.xyz/kutular/72890bahiscom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html

Request Chain 25

http://git.player25.xyz/kutular/100050restbet.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050restbet.html

Request Chain 26

http://git.player25.xyz/kutular/100050liderbahis.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050liderbahis.html

Request Chain 27

http://git.player25.xyz/kutular/100050supertotobet.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050supertotobet.html

Request Chain 28

http://git.player25.xyz/kutular/72890liderbahis.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890liderbahis.html

Request Chain 29

http://git.player25.xyz/kutular/72890restbet.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890restbet.html

Request Chain 30

http://git.player25.xyz/kutular/72890supertotobet.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890supertotobet.html

Request Chain 37

http://git.player25.xyz/kutular/72890ultrajtvizle.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html

Request Chain 38

http://git.player25.xyz/watch/bein1.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Request Chain 39

http://git.player25.xyz/kutular/72890saha.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html

Request Chain 40

http://git.player25.xyz/kutular/72890ultrajtvizle.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html

Request Chain 41

http://git.player25.xyz/kutular/72890saha.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html

Request Chain 71

http://git.player25.xyz/watch/bein1.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Request Chain 95

http://cdn.jsdelivr.net/clappr/latest/clappr.min.js HTTP 307
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

Request Chain 96

http://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js HTTP 307
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js

Request Chain 102

http://git.player25.xyz/kutular/120600bahiscom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

Request Chain 103

http://git.player25.xyz/kutular/120600bahiscom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

Request Chain 107

http://git.player25.xyz/kutular/300250restbet.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html

Request Chain 108

http://git.player25.xyz/kutular/300250restbet.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html

Request Chain 109

http://git.player25.xyz/kutular/300250onwin.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250onwin.html

Request Chain 110

http://git.player25.xyz/kutular/300250betistcom.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betistcom.html

Request Chain 111

http://git.player25.xyz/kutular/300250tipobet.html HTTP 302
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250tipobet.html

Request Chain 139

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_knia0 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_knia0

Request Chain 140

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_ghn20 HTTP 307
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_ghn20

165 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.salesalevia.com/
Redirect Chain

http://mynewcbdoil.com/
http://www.xlviagragen.com/
http://www.cialistrxonline.com/
http://www.salesalevia.com/

152 KB
34 KB

268ms
195ms

Document
text/html

2606:4700:3034::ac43:cf02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.salesalevia.com/

Protocol

HTTP/1.1

Server

2606:4700:3034::ac43:cf02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91075b6d1bd3792249a3a38e9db4511752c9fe78115fe0268b2726303461516c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 21 Nov 2021 03:24:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Sun, 21 Nov 2021 03:24:41 GMT
cache-control: private, max-age=0
last-modified: Sun, 21 Nov 2021 00:26:03 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYcT8JlCKh49iWzAa6%2FDWzXV%2Bvvs0hPvA%2BBggEyvnRrltZfu%2BgXX0Yj%2BkxDJZpJp78zgcHsdXyBFDi7ZyNJl2NexvOGdvnXhrALa7r7E1V3b0PCgGrqt%2Fc%2B7%2FZkMMGEQTAHlijJ%2BomHUWHMmPsDDRIMn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6b16ce78be474357-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://www.salesalevia.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSxLkMk0ImQXJONCMgYw%2FEcDrwCKhHNn%2FOtlPh3DCcqIbtUn%2BcW0SqjvdKH6yGp%2BDlKyad%2FS383YQbRfiqBE2KnMqxWmKq%2FgDHUswQBRk0xGUMZ05q5dnjsQY4Z8YSQVSnZd8mOO%2Bu1ouiEJ%2FgWLcq%2F55xaC3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce77ec2616ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1324390690-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
31 KB 186ms
36ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1324390690-widget_css_bundle.css

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2936f2b458305ba76d2cc0bbea050640bcb68a0c7adf470d024e8da0c4f9130d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 01:55:39 GMT
x-content-type-options: nosniff
age: 350943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30708
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 00:55:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 17 Nov 2022 01:55:39 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
85 KB 109ms
38ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:10:37 GMT
x-content-type-options: nosniff
age: 285245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86351
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Nov 2022 20:10:37 GMT

GET
H2 200 kb.gif
1.bp.blogspot.com/-7Ap_bWqDOYE/YUZmJKZ8ilI/AAAAAAAAAv4/DIdT8bjzJIYtYkzNCMyWYTYQvgw5oxPYACLcBGAsYHQ/s400/ 36 KB
36 KB 150ms
39ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7Ap_bWqDOYE/YUZmJKZ8ilI/AAAAAAAAAv4/DIdT8bjzJIYtYkzNCMyWYTYQvgw5oxPYACLcBGAsYHQ/s400/kb.gif

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

98e5c1728a1d14e57222728540ed91e631fff42a0fb4ea5a8e006a4deb4d1ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:19:54 GMT
x-content-type-options: nosniff
age: 288
content-disposition: inline;filename="kb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36550
x-xss-protection: 0
server: fife
etag: "v2ff"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:08:51 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

108ms
33ms

Script
application/javascript

104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 21 Nov 2021 03:24:42 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK derbi.gif
upload.ink/images/2021/11/21/ 62 KB
63 KB 138ms
49ms Image
image/gif 2606:4700:3036::6815:4ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://upload.ink/images/2021/11/21/derbi.gif
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::6815:4ad0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b2f80cdd07d8b8ca1cd61bb834b08790f53765ae479a0605ff10d2081cadc69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4424
x-cache-status: STALE
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 63634
last-modified: Sat, 20 Nov 2021 22:09:46 GMT
Server: cloudflare
etag: "f892-5d13fa648620c"
vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BR%2FKabzRoIUaZ8t1Y1t8OcTJXhKwA1SmiH8dppMuQNg5dDp1a%2BD95lFKUof6cg0zFmRSAnbuhn28Kt6CLTdfuMe%2FqFnoRY9kMmMmGPw5czcaVaapxm5d%2FcRjOU95jGouGiVhAvM%2FLD6"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
cache-control: max-age=300, s-maxage=10
Accept-Ranges: bytes
CF-RAY: 6b16ce7dabed6916-FRA

GET
H2 200 Muhtes%25CC%25A7em%2BFirsatlari%2BI%25CC%2587le%2BBein%2BSports%2BTu%25CC%2588rkiye%2B.jpeg
2.bp.blogspot.com/-ieuYi7wRaIU/W2bPVP3URVI/AAAAAAAAEF4/9pD0QvQ7GwwxMeKf3i1Y77LA_jt9qB3bgCLcBGAs/s1600/ 12 KB
12 KB 181ms
38ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-ieuYi7wRaIU/W2bPVP3URVI/AAAAAAAAEF4/9pD0QvQ7GwwxMeKf3i1Y77LA_jt9qB3bgCLcBGAs/s1600/Muhtes%25CC%25A7em%2BFirsatlari%2BI%25CC%2587le%2BBein%2BSports%2BTu%25CC%2588rkiye%2B.jpeg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b3872c52b565efdbbc31ff2591d0db208aafd18f218e70cf89a539940895c2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 00:09:11 GMT
x-content-type-options: nosniff
age: 11731
content-disposition: inline;filename="Muhtes_em Firsatlari I_le Bein Sports Tu_rkiye .jpeg";filename*=UTF-8''Muhtes%CC%A7em%20Firsatlari%20I%CC%87le%20Bein%20Sports%20Tu%CC%88rkiye%20.jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12016
x-xss-protection: 0
server: fife
etag: "v105f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:28:38 GMT

GET
H2 200 KRAL%2B%25282%2529.gif
1.bp.blogspot.com/-AA_5zP4O4-M/YUtQVzrMAcI/AAAAAAAAAwE/NhKkiXIEbTQ1tOdAsDxv4nk8X4QOmbhAQCLcBGAsYHQ/w200-h169/ 47 KB
47 KB 202ms
92ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AA_5zP4O4-M/YUtQVzrMAcI/AAAAAAAAAwE/NhKkiXIEbTQ1tOdAsDxv4nk8X4QOmbhAQCLcBGAsYHQ/w200-h169/KRAL%2B%25282%2529.gif

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ce4be5193a50696699c89afa1a818ea2c1f8cb1bfb9748209b98b294c146554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:39:50 GMT
x-content-type-options: nosniff
age: 13492
content-disposition: inline;filename="KRAL (2).gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48035
x-xss-protection: 0
server: fife
etag: "v302"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 17:01:37 GMT

GET
H2 200 %25C5%259Eampiyonlar%2BLigi%2BFull%2BHD%2BKalitede%2BYayina%2BGeliyor.jpg
4.bp.blogspot.com/-ZDZ5uZrG1e0/WLqm5ud5AHI/AAAAAAAADbg/c9IjwRm0jFIH_-ukNeY4WaCWm5jskK8BACLcB/s320/ 31 KB
31 KB 149ms
39ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-ZDZ5uZrG1e0/WLqm5ud5AHI/AAAAAAAADbg/c9IjwRm0jFIH_-ukNeY4WaCWm5jskK8BACLcB/s320/%25C5%259Eampiyonlar%2BLigi%2BFull%2BHD%2BKalitede%2BYayina%2BGeliyor.jpg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9bc3f3d252e4aadba73d16c4e2419b136b22ff28a24b4b4242059043c86f2e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 01:04:16 GMT
x-content-type-options: nosniff
age: 8426
content-disposition: inline;filename="_ampiyonlar Ligi Full HD Kalitede Yayina Geliyor.jpg";filename*=UTF-8''%C5%9Eampiyonlar%20Ligi%20Full%20HD%20Kalitede%20Yayina%20Geliyor.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31391
x-xss-protection: 0
server: fife
etag: "vdba"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 08:00:55 GMT

GET
H2 200 Mac%25CC%25A7lar%2BBedava%2BOlsun%2BI%25CC%2587ster%2BMisiniz%253F.jpeg
1.bp.blogspot.com/-k5-WgReorEE/YUZAWf814xI/AAAAAAAAAvo/qnYATKIxn-4fQmg0cizi2Rft2rhHaNoKwCLcBGAsYHQ/w200-h133/ 9 KB
9 KB 223ms
114ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-k5-WgReorEE/YUZAWf814xI/AAAAAAAAAvo/qnYATKIxn-4fQmg0cizi2Rft2rhHaNoKwCLcBGAsYHQ/w200-h133/Mac%25CC%25A7lar%2BBedava%2BOlsun%2BI%25CC%2587ster%2BMisiniz%253F.jpeg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da163169dbf8c6ac7fe21e579fa8c0f029f090ffc269c6f0437c94f7ef91afe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:39:51 GMT
x-content-type-options: nosniff
age: 13491
content-disposition: inline;filename="Mac_lar Bedava Olsun I_ster Misiniz.jpg";filename*=UTF-8''Mac%CC%A7lar%20Bedava%20Olsun%20I%CC%87ster%20Misiniz.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8989
x-xss-protection: 0
server: fife
etag: "v2fb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:35:35 GMT

GET
H2 200 Sportboss%2B%25C4%25B0le%2BAyricalikli%2BBasketbol%2BKeyfi.jpg
2.bp.blogspot.com/-WhgOYhw5wEo/WK6y_QP0oJI/AAAAAAAADQw/HjzIUNJuCe8bw6D4uAjLYeTL2RDl0ZXnQCLcB/s320/ 28 KB
28 KB 193ms
50ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-WhgOYhw5wEo/WK6y_QP0oJI/AAAAAAAADQw/HjzIUNJuCe8bw6D4uAjLYeTL2RDl0ZXnQCLcB/s320/Sportboss%2B%25C4%25B0le%2BAyricalikli%2BBasketbol%2BKeyfi.jpg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b7f9b994c86ded0420d16df91e573b307fde94689f403aefca1228c4c9d281e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 01:04:16 GMT
x-content-type-options: nosniff
age: 8426
content-disposition: inline;filename="Sportboss _le Ayricalikli Basketbol Keyfi.jpg";filename*=UTF-8''Sportboss%20%C4%B0le%20Ayricalikli%20Basketbol%20Keyfi.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28231
x-xss-protection: 0
server: fife
etag: "vd0f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 17:04:59 GMT

GET
H2 200 Ma%25C3%25A7lari%2BCanli%2B%25C4%25B0zlemek%2B%25C4%25B0steyenler%2BBurada.jpg
3.bp.blogspot.com/-t_Z_knkvIks/WL0m_zpIADI/AAAAAAAADdk/P9cFFscwvZEQ7gxWSNQMK_KFXnd5DpeHACLcB/s320/ 21 KB
21 KB 132ms
38ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-t_Z_knkvIks/WL0m_zpIADI/AAAAAAAADdk/P9cFFscwvZEQ7gxWSNQMK_KFXnd5DpeHACLcB/s320/Ma%25C3%25A7lari%2BCanli%2B%25C4%25B0zlemek%2B%25C4%25B0steyenler%2BBurada.jpg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

586392b658f0bde1c5debe730b363c09e65f9381214a42c7b5815b277fd5c29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 01:12:57 GMT
x-content-type-options: nosniff
age: 7905
content-disposition: inline;filename="Ma_lari Canli _zlemek _steyenler Burada.jpg";filename*=UTF-8''Ma%C3%A7lari%20Canli%20%C4%B0zlemek%20%C4%B0steyenler%20Burada.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21259
x-xss-protection: 0
server: fife
etag: "vddd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:28:38 GMT

GET
H2 200 Justin%2BTv%2BT%25C3%25BCm%2BMa%25C3%25A7lari%2BBedava%2B%25C4%25B0zletiyor.jpg
2.bp.blogspot.com/-3IBAaiE4VFs/WLk17JWyGrI/AAAAAAAADas/DrHnLt65EdElYyb6VknqOuhZW8PrBgCwQCLcB/s320/ 38 KB
38 KB 81ms
81ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-3IBAaiE4VFs/WLk17JWyGrI/AAAAAAAADas/DrHnLt65EdElYyb6VknqOuhZW8PrBgCwQCLcB/s320/Justin%2BTv%2BT%25C3%25BCm%2BMa%25C3%25A7lari%2BBedava%2B%25C4%25B0zletiyor.jpg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

72d9e3d5d782d57d79c14904df8f40eebc208f38037118cd65b6e04211897e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 01:04:16 GMT
x-content-type-options: nosniff
age: 8426
content-disposition: inline;filename="Justin Tv T_m Ma_lari Bedava _zletiyor.jpg";filename*=UTF-8''Justin%20Tv%20T%C3%BCm%20Ma%C3%A7lari%20Bedava%20%C4%B0zletiyor.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38795
x-xss-protection: 0
server: fife
etag: "vdaf"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 04:13:35 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ 13 KB
8 KB 122ms
46ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 151
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 03 May 2021 17:48:53 GMT
Server: cloudflare
etag: W/"60903785-3444"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftsCaNFlvWNwn1uf4ceV0u7X9kSEYUC5vB%2FeN2EUSpj4y8OeCz1KET4kM5F1ad9DW0qFDHpB7Zy0tK6xXtrekztHBcriTBYIcA0S6eqpFDjzchIT19gV3RmxPv0vfck1gGYuESsx"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 6b16ce7eadd8692d-FRA
expires: Mon, 22 Nov 2021 03:22:11 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 134ms
40ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:42 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: W/"573f46fe-17b8b"
vary: Accept-Encoding
x-hw: 1637465082.dop218.fr8.t,1637465082.cds283.fr8.hn,1637465082.cds167.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H/1.1 200
OK email-decode.min.js Show response
www.salesalevia.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 50ms
50ms Script
application/javascript 2606:4700:3034::ac43:cf02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.salesalevia.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

HTTP/1.1

Server

2606:4700:3034::ac43:cf02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 19 Nov 2021 01:22:51 GMT
Server: cloudflare
ETag: W/"6196fc6b-4d7"
X-Frame-Options: DENY
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg6a4S%2BUIx4%2ByClaGSlNUWHrxiK78TOlD4pmR3pKqWfIG7tnvkWUVr7oxcm9BZxp3kuWngjUZvyaLNjH9Suy3TQJMoVGSDYWWh2JtC%2FiDET5jwYy5PcobwCR1F%2BVINltW7ljYHWiwzROx7IP8cJYSBY4"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800, public
CF-RAY: 6b16ce7d0b064357-FRA
Expires: Tue, 23 Nov 2021 03:24:42 GMT

GET
H2

200

unlipage.js Show response
cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/
Redirect Chain

https://cdn.rawgit.com/Arlina-Design/redvision/master/unlipage.js
https://cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/unlipage.js

4 KB
2 KB

136ms
45ms

Script
application/javascript

2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/unlipage.js

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93efc9f61620f152f69f2db294b4e3653f70935208e582f3921a910f33e42ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23332
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19179-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"1167-W/SS8JozHMByS3cMJQo6M6lV3Fw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b16ce7ff8610631-FRA

Redirect headers

date: Sun, 21 Nov 2021 03:24:42 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 756
age: 71036
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 11/21/2021 04:24:42
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 104
server: BunnyCDN-DE1-756
x-served-by: cache-fra19140-FRA, cache-pwk4967-PWK
access-control-allow-origin: *
cdn-proxyver: 1.0
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/Arlina-Design/redvision@master/unlipage.js
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: 16928a8d98f20c4cd8a628a4a2fca0f7
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 301
cdn-requestpullsuccess: True

GET
H/1.1 200
OK cookienotice.js Show response
www.salesalevia.com/js/ 6 KB
3 KB 45ms
44ms Script
text/javascript 2606:4700:3034::ac43:cf02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.salesalevia.com/js/cookienotice.js

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

HTTP/1.1

Server

2606:4700:3034::ac43:cf02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
Age: 19194
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 2026
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 20:51:20 GMT
Server: cloudflare
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
cache-control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 6b16ce7e4c864357-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 27 Nov 2021 22:04:48 GMT

GET
H2 200 2809169260-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
155 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2809169260-widgets.js

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20a41052830e544178c2064d309d07956759b0716daa85b4c83f7b49927c6757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 01:55:36 GMT
x-content-type-options: nosniff
age: 350946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158116
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 00:55:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 17 Nov 2022 01:55:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 150ms
49ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9d622b86d8469f47f57cc198a2a6e6b8a60196f9ad80fdece59a8a9b7e5d963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 02:51:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Nov 2021 03:24:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Nov 2021 03:24:42 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ 28 KB
7 KB 140ms
47ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 718
age: 20951538
cdn-cachedat: 2021-03-11 11:58:37
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 739ff5317e853965944fd246789e3b16
cf-ray: 6b16ce7dbdf64ea4-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 164ms
163ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4101539499947133680&zx=f6e41f40-ed80-4c8b-b077-7ab351e990d0

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 21 Nov 2021 03:24:42 GMT
server: GSE
date: Sun, 21 Nov 2021 03:24:42 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

pop-supertotobet.js Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/
Redirect Chain

http://git.player25.xyz/pop-supertotobet.js
http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-supertotobet.js

1 KB
2 KB

119ms
46ms

Script
application/javascript

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-supertotobet.js
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198ca1f70bee65ca04dba3845ebea8110ef3f06e7f907e5c5373b0f765c21d4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3698
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 21 Nov 2021 00:09:44 GMT
Server: cloudflare
etag: W/"61998e48-5db"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAql2kP6NezfNMyLcFIn%2B2I8%2FXL4KklI9ughrqxdEEYq47gZHRjlseKjMMQHIG%2BU1fJnAJOOL6%2FBzV93RlmOI1%2BhToKU9uMo9ECSSx%2Fj0YlL4GBS80pi6O7nv80DY5OhUo4eu5aV1DxStoRiKO3C2cSxhC77dzPwqYtnBMg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-RAY: 6b16ce7e682f7033-FRA

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Heq857Aw427FF58jz47alebpsLEGyCILp9biUX6MBxcmmG1MvwXJRcuROaVu%2F124MpK5wmlc8T8byIK6X5dk36NSrutP5TsYFt5RMge2jQ7lumIztSNMOkMWelR2B8seuNvc4r5Pwe7PA7rRD4%3D"}],"group":"cf-nel","max_age":604800}
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-supertotobet.js
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6b16ce7da83e1f55-FRA
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 126ms
126ms Stylesheet
text/css 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4101539499947133680&zx=f6e41f40-ed80-4c8b-b077-7ab351e990d0

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 21 Nov 2021 03:24:42 GMT
server: GSE
date: Sun, 21 Nov 2021 03:24:42 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

100050bahiscom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 0260
Redirect Chain

http://git.player25.xyz/kutular/100050bahiscom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html

350 B
1 KB

43ms
43ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5a3050f58ca2c052f38fa7bafa204b7285c0ad72cf897f1632784b5a0c41d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:47 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKmU7fCnsg%2BQ0XPjBlQDYIXR%2BqNJKtVtNROJVJ07qRdLqWjRgq9ZI3BsOEhHcPiAEd2r6IC2KS5xyP94%2B6wP1OV3oghejXfxUuian7iV%2Bhj%2BHHBm1oQSS5nqIXIH0FtWyGW12CBNhZMnPdML4rIDU4nmHcchge%2FMv5FamGQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7ef8cd7033-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqVm38wOURvajSuOJ%2F51a8fX501SjIe%2FDvfUniwroMIsbzHlLc%2BX0gYh%2BI2BFwN9tRPWdrY4SjmKmLKrn1v%2FxhGTZN6x%2BabmQBot8%2B2Czvfqfi8Ntg827DYJmO14P09JCwMzND3o5j3g0Ip2RLU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7eb8c71f55-FRA

GET
H/1.1

200
OK

72890bahiscom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame A2A4
Redirect Chain

http://git.player25.xyz/kutular/72890bahiscom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html

352 B
1 KB

56ms
38ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81624e91d2552c17ce5b56a62626870c11ef9b3906d1347ea8bce6bf78e0611a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:50 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmkMr8OOXmPCbjY3Tn6wDFHPONE3UJGJ2k8JeeNvCCk1mE7RrPySOAwaigpJtMImgnRo3HjOyz%2FeZJX5xtDkKi0bDUJF2fV6VnW%2FBgSEPZla63dZxvW%2F5ns3dKU7BG2IAwcKjD40yEzkpMdInFxiJFsJMpBo3kMqNcKf078%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f39227033-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G41NEHloIDu7Jsc2CI%2Fk2avQh7rR82NGeUxZVDp5krk%2FcAlG4JrTzh3bms%2F5DBaf1l31iSNsoDqaaIrw87VrDcMcnKcaLdHkWc6ncS1ky9QSmp8%2BrboWOKma6%2BXrLiuQfNtkdg206nuwDn%2B1%2BLo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7ed82e4dee-FRA

GET
H/1.1

200
OK

100050restbet.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 1AB8
Redirect Chain

http://git.player25.xyz/kutular/100050restbet.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050restbet.html

340 B
1 KB

76ms
49ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050restbet.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291d4a5613f03360fb3b8c02f67bb529f65118d1b4916ca2466901fe54a7abd9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:48 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3700
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MppLuyKto1BiCXWtdvsG6VNbOaKFSq3Hu5utw5DlOYn%2Fwj4kOW%2BYkbMHpJf0nU9npRKmKZI6hKSzeZt76SJXzgZmdxtw6hWKhS6zycEdLyNqLEunphCcd2ZfkcKaBWxL0FMOo%2BvComBmQuVwAEWRpS8CSnMUD3PcRpdKMA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f5cd24303-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050restbet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V81dvwmyGTUXaE1G6CcStl3rHK2PXElo7ZN8mTJGQjE2Zzh9dIVq25zgpyNgaS4XoEpNMctgTMdd8rOxulbjgK2VrtmTjImZAs%2Fh9LoWcl3sh1h9BemgMRqS0MGktM16lY0Ab8%2BStGa3DrPdCmQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7eebad4e61-FRA

GET
H/1.1

200
OK

100050liderbahis.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 7CE6
Redirect Chain

http://git.player25.xyz/kutular/100050liderbahis.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050liderbahis.html

349 B
1 KB

72ms
49ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050liderbahis.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3953670fc1df713d2df8c307ec2f5841f441bfa21858faf66ae6423d91a0c25d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:48 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3670
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCXRyOgO1X29v9RtNYvCmZGRjUz97QXEqZbTfUKNCiDKKjG9iJ9XdXHgRxYaIsbzs%2FYqUdRZeRldOZFE03G8O9q5hH5sjU7l6o2x0N8iMr4lyRIaCkLAj%2FDuh7zHueTVQXZ0fZ1gxczo2z8siN709pd%2Bc%2BMMkfwUwZAYgZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f4b5b42ee-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050liderbahis.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNRZ%2FGX96aOJIDpNTkmah5X0w6VQna%2FrdzbQ6aYbe%2FjK8Mbvyrq3EU%2BuuKHHLq1yByauv0jxbJVSDw4C5xSLDVaP6JN8Fmm%2BmIAeOewlEklriuQTNWN0t01Gog1UymKRNboTrVOhW2MQwnGkL7M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7eecd468f2-FRA

GET
H/1.1

200
OK

100050supertotobet.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame C155
Redirect Chain

http://git.player25.xyz/kutular/100050supertotobet.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050supertotobet.html

348 B
1 KB

69ms
52ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050supertotobet.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b176b4d57dc93668f0b6ba94c78b7b3136a5a8d1c63da996b1effce51abe90

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:48 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3700
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9ly4a%2FDpW2IQb%2BRAd7GV5jOmajgmCId6NHEz8%2F2QGc9S0%2B0JNzSOQG6OJDXonI4jBejqsFQ%2FRkp90vrC26dFLPorpyJj4EtF9zggaRO%2BSzRdNDK5LSKSTRdhegU%2BtJVLuXjk0viAYK%2FglasDNp9AxMBj%2FSKhHa5Lf%2FMGTc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f5c652c0d-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050supertotobet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcbzkrTYSAeWNk1vgvB7MGbF3xHPFEARoxOX0wGWbqUKhAUF7wWhI0ivKwA4ifOdQurL7UbA8bXou5clnGiPF3Q9aGicnbF8So00W%2BmPFjZRORXD%2BxrARwoSxy9kYAq2sdzq1kihauMljTgRNM4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7eea5f4315-FRA

GET
H/1.1

200
OK

72890liderbahis.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame CC79
Redirect Chain

http://git.player25.xyz/kutular/72890liderbahis.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890liderbahis.html

350 B
1 KB

108ms
85ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890liderbahis.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0588a70f16b48a0af2db9c2dd9e4ab24ceb9b93247f5e81f4d1d684557b29db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:51 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3700
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c4HjpR1AbZ4p2RbN3VrPzVCyqwRC3jHQrUS1rfF%2F17Oj1jB5Bce1Dsld0v1HXsMeiQWRCKd7iL1m4J5Iv4vtWV40I25FzFoXKuE7sVLuaV6QBkVmivX40cSVIGD43Q6gbavmHFGNRicy8Dpq2qQtZ2CeTY8llIhSQBtNHU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f5fe50631-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890liderbahis.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6OjHk0Mdg4rmpjApXlDP%2BPOUCXUlEelvOPPtEAOQKxI8gWXCSLIUAgI9DkznI6BvX9a%2FPmk%2BQIRDyJWzby90xIb7EzDlzv%2FGiZsMkeJKnUbon9DqLaOyE6Bh7GptykcTOrzmNmXRd%2BKWtrzVfg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7ee8756937-FRA

GET
H/1.1

200
OK

72890restbet.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 9FD6
Redirect Chain

http://git.player25.xyz/kutular/72890restbet.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890restbet.html

350 B
1 KB

73ms
50ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890restbet.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08a02dcd9ffae68ebb65b4a3735759aee3a370b0daffbed715699a971de7bdb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:52 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3700
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz7UMmIDf6E3b0biHWM96mMRlzMRRFewbK2zOrsIyfT41sIi6fQIX0%2F%2F1Cj5J03wI1JaMy3epAQV5m5eF2d0pHa1WJoEkKVwp86%2BgwGn6yt4bQKGm0%2BIFM89EBXJNi1CYb9gdpBePRTkxEsh7%2B6kgGWaIs0faYph7BLWsKQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f5b6e5c08-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890restbet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7ezrqx3WYW%2FitR5pDG87%2BXe2S9I56s7Rs13uqDicItoMXBoJDsk78kcLncOp4GYnnV0ME3rzpBP7zSBtTzR51%2FT3jQwowhS0TmTlDiaPCUhhHRPCYEnZZAAl4Erq4bGINzYfEvuK%2Br%2BRC5MG%2BA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7ef8e21f55-FRA

GET
H/1.1

200
OK

72890supertotobet.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 8CE8
Redirect Chain

http://git.player25.xyz/kutular/72890supertotobet.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890supertotobet.html

349 B
1 KB

77ms
54ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890supertotobet.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b49c5537630559661551610408ec0d7d011ea8921ab03a26b6e01babfe39ff70

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:52 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3700
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XWuaYIGFG9go8nQqI9hkTWXM7VTcTZKpoNsrebA6g74LvmCBItoxMkj5Xb2IRv5mvyPmlogw%2Bx4jLALFCXOOtSF%2B4E9UdL9aojI3zy6eWHRG6%2B9B5khZ%2Bk4%2FbDAtJDrl%2FvD%2Fm8aOuHaUkAHHsDsCKTuxoHJAMIlOfOxKDQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f795d7033-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890supertotobet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQBGBAzB164ESNdVU3dHG20d3bwZUdngk991l2cGcic5QrmuKu27obO2KtEWjffgf89gratW%2BrEmFk1fBIfVTDM1BaUO4YS6pFiYTo1ANmV2591%2FHP8jk7Rpxw%2FDozNrzuPs9xPVQJrlfD4xdco%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f185d4dee-FRA

GET
H2 200 tabs_gradient_light.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ 182 B
319 B 30ms
28ms Image
image/png 2a00:1450:4001:810::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:02:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 18:53:53 GMT
server: sffe
age: 300111
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 182
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 24 Nov 2021 16:02:51 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/ 69 KB
70 KB 73ms
40ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/fontawesome-webfont.woff2?v=4.6.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Origin: http://www.salesalevia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722
age: 19288
cdn-proxyver: 1.0
cdn-cachedat: 11/02/2021 23:29:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70700
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 65bb5bd2219e302adfeb63551a041206
accept-ranges: bytes
cf-ray: 6b16ce7efa522c52-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 101ms
28ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.salesalevia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:45:42 GMT
x-content-type-options: nosniff
age: 301140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 15:45:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 130ms
58ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.salesalevia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 371807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 129ms
69ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.salesalevia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:39:34 GMT
x-content-type-options: nosniff
age: 337508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 05:39:34 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 121ms
44ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:42 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48740
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1

200
OK

72890ultrajtvizle.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 881C
Redirect Chain

http://git.player25.xyz/kutular/72890ultrajtvizle.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html

373 B
1 KB

81ms
57ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2a419ec60923321c94d3123aa6d559ad266f638962ec9cbefaa685ffa100ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:52 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zh3K1%2Fcv2Vyr3Xe35cGIOWU36lb8yUWm9l84CmrlVcozlRVZiTgfBEXT0KCV2TJKk0qVH3MIvqPJkwT512YtxmxJXzxkQZ3Ecokj0pdFtOeVpKnxNtM4HWkN2%2BZtullDfQIlmuUOBrFHm4mRClumP%2FaQqFsYrG3xgkTOGpo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f9bb542ee-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UBnU3takzw4eBVBc1FfemrouocODCo3CNc575RozFr1aTti4PHltphqn1mfY3RU3OL4OoWi5W2tE8eOfjbTZY7TNYYJwaoqjyPdqkjziQfGYEOivdHt4ETMvggZ9L0DeusZG%2FNm0vgwksyW%2BCQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f390f1f55-FRA

GET
H/1.1

200
OK

bein1.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/watch/ Frame F7B5
Redirect Chain

http://git.player25.xyz/watch/bein1.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

13 KB
5 KB

78ms
52ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d489db5a5673d5c2fc4b1bfc1c363611a121603f4fc0a565423296e4ece226f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:10:12 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHaM2ZBJbQJnYzF9LryZLwBGR%2F4wo4ZliHdCVt9FI82scrpe8tWfiyyarsZSJBrJxzQMkJjkvZnrVkbceQn9MeXSS4FiXHlq0lQQvh7tjZLiVI2JDFkyRWBLndVeNkz6LIpDPs1DyVDEhApM0jU8fptR9oM7pOn3uBCsPx0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7fad1b4303-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQCliJ6uQLXRrxzZr1CrcTenBQ%2B5k1GCkKpQqF%2F14f3BBzkPtqNDwDboWxWAW5zRPB3ygte%2BVsJa29TPzglSunBGxLY0qkdWVeMCoeidswp1MzEmmgMS6LKi4jKOk%2FvdvoSnvPvGexFKBdi6Cgo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f38d76937-FRA

GET
H/1.1

200
OK

72890saha.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame CD64
Redirect Chain

http://git.player25.xyz/kutular/72890saha.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html

354 B
1 KB

80ms
49ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3903a229aed5808e86a52d52b97eec5019022d43f659f06cfb275ba572d6dca5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:52 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6faJTeFZ%2FNts49nds1t0Dw7s82V6%2FmF6tQvPByeiLJ021pUUupS1drGrrEKHDgxfqX3HRGdojS0yXy5dWk83Pz6cMesWdxlg9hhv6EDzHr4KAvvQntRi7i14QBD8VWs0%2BbVwdFnU4zPeDziJPt4NhvyJ3hYamCElrEPAcSc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7fbc8c2c0d-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9QzQQ0fVIg%2BoKxw3nB9gE3pVmq6PTDEEWbnTuxy8smarGrDHLvzaUlMFFE1z8c0XPpxa9yZsI0pb5D8I1jr2AHOifrFCNRfgydSSOzi6kNdeTiZYYfykvEBnCj81ZrzZJlZJ5hCfKNwjpyX%2Foc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f3abf4315-FRA

GET
H/1.1

200
OK

72890ultrajtvizle.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 4E42
Redirect Chain

http://git.player25.xyz/kutular/72890ultrajtvizle.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html

373 B
1 KB

86ms
59ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2a419ec60923321c94d3123aa6d559ad266f638962ec9cbefaa685ffa100ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:52 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfCE7KGclFs2dVvwv6Ah47iPuGmMpNxr94Ex4BhGKLHLmU2vPAjsQpt0yRk%2Bfk4rx2emYmYUmBKhxMXIHktxlL1A5%2F2or0MvWWeabNM8Zt0oWz4vZfKNiI1%2FcuPmnZRikudB0cMTyBQ5TjlPIYnJxHEsoRh31PlVSABG8a0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7fabac5c08-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UDcXCVmkmC3YZn04XbSw6%2B%2FQpaKf6OBVSDJz3oSDjzvWYsAMkR51L%2FiHf8eJUL7NM23onvwXFtMdi01oYEegziO6KEqeeWjt%2Fv5b4OG1%2BI%2FMeW0r7Z315BhxMUMAM02GfDMh%2Fiau7ZyhOn7J8c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f4bf64e61-FRA

GET
H/1.1

200
OK

72890saha.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 6379
Redirect Chain

http://git.player25.xyz/kutular/72890saha.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html

354 B
1 KB

96ms
45ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3903a229aed5808e86a52d52b97eec5019022d43f659f06cfb275ba572d6dca5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:52 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AE2xp%2BRYLxuUfMFWZVUyYdW4RD0voJOpno5wPlHhud1rKwzg023DMAM5WBV4k2t31E1v9suSbfVfdonSfss3o9Dduz6vx64oN1dEjazIUhU7miRq34hak%2F6lZcNLD5fNDHBPxfQKvcK6lg9uyAim%2F5bxeS4CHT9XMXFeDVI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7fd9c17033-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUc4hW16v4X22TERhL4mVk%2FWvHN7EBHd4RciXJvt96cADUaYTvRMJuICNIsAVvudhAmNpTb4SGCto8juzEBcH03RoVV%2Fd6qW1DBlm33EwWBYDWA3iKhpHFi5ywpNYv3%2BieEoGDgtwat9r1Su7Yc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce7f4d2d68f2-FRA

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 71ms
70ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.salesalevia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:39:33 GMT
x-content-type-options: nosniff
age: 283509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 20:39:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 91ms
91ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.salesalevia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 11:23:17 GMT
x-content-type-options: nosniff
age: 403285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 11:23:17 GMT

GET
H3 200 Muhtes%25CC%25A7em%2BFirsatlari%2BI%25CC%2587le%2BBein%2BSports%2BTu%25CC%2588rkiye%2B.jpeg
2.bp.blogspot.com/-ieuYi7wRaIU/W2bPVP3URVI/AAAAAAAAEF4/9pD0QvQ7GwwxMeKf3i1Y77LA_jt9qB3bgCLcBGAs/w200-h150-c/ 16 KB
16 KB 96ms
42ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-ieuYi7wRaIU/W2bPVP3URVI/AAAAAAAAEF4/9pD0QvQ7GwwxMeKf3i1Y77LA_jt9qB3bgCLcBGAs/w200-h150-c/Muhtes%25CC%25A7em%2BFirsatlari%2BI%25CC%2587le%2BBein%2BSports%2BTu%25CC%2588rkiye%2B.jpeg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

382892e335e915d4b7c1ff433c26289e17292b873ea613b5821d6710920a067e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 00:11:13 GMT
x-content-type-options: nosniff
age: 11609
content-disposition: inline;filename="Muhtes_em Firsatlari I_le Bein Sports Tu_rkiye .jpeg";filename*=UTF-8''Muhtes%CC%A7em%20Firsatlari%20I%CC%87le%20Bein%20Sports%20Tu%CC%88rkiye%20.jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16475
x-xss-protection: 0
server: fife
etag: "v105f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 18:28:44 GMT

GET bein1.html
git.player25.xyz/watch/ Frame 2A5D 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame 7A68 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame A3F3 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame 138D 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame CAD9 0
0

GET
H3 200 KRAL%2B%25282%2529.gif
1.bp.blogspot.com/-AA_5zP4O4-M/YUtQVzrMAcI/AAAAAAAAAwE/NhKkiXIEbTQ1tOdAsDxv4nk8X4QOmbhAQCLcBGAsYHQ/s72-w200-c-h169/ 20 KB
20 KB 99ms
41ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AA_5zP4O4-M/YUtQVzrMAcI/AAAAAAAAAwE/NhKkiXIEbTQ1tOdAsDxv4nk8X4QOmbhAQCLcBGAsYHQ/s72-w200-c-h169/KRAL%2B%25282%2529.gif

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e8c53c446b9bc6b8e75da22cb9b3d10dce850ba83cb5a92be5359fb0e16becef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 01:04:16 GMT
x-content-type-options: nosniff
age: 8426
content-disposition: inline;filename="KRAL (2).gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20532
x-xss-protection: 0
server: fife
etag: "v302"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:41:50 GMT

GET bein1.html
git.player25.xyz/watch/ Frame 75EA 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame F48A 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame 2E6B 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame D86E 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame A83B 0
0

GET
H3 200 1000elli-min.gif
1.bp.blogspot.com/-95oh5_SkCJE/YT3-mA9TavI/AAAAAAAAH3Q/GG3b53uTmak53vSXq22MTWnXgyPymhRhgCLcBGAsYHQ/s0/ Frame 0260 504 KB
504 KB 113ms
67ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-95oh5_SkCJE/YT3-mA9TavI/AAAAAAAAH3Q/GG3b53uTmak53vSXq22MTWnXgyPymhRhgCLcBGAsYHQ/s0/1000elli-min.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050bahiscom.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a33a72bb693a439fd43c49560204b82692ac53260c87bd037aad2199d2725cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 02:00:49 GMT
x-content-type-options: nosniff
age: 5033
content-disposition: inline;filename="1000elli-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516161
x-xss-protection: 0
server: fife
etag: "v1f77"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 18:15:56 GMT

GET
H3 200 %25C5%259Eampiyonlar%2BLigi%2BFull%2BHD%2BKalitede%2BYayina%2BGeliyor.jpg
4.bp.blogspot.com/-ZDZ5uZrG1e0/WLqm5ud5AHI/AAAAAAAADbg/c9IjwRm0jFIH_-ukNeY4WaCWm5jskK8BACLcB/w200-h150-c/ 19 KB
19 KB 126ms
67ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-ZDZ5uZrG1e0/WLqm5ud5AHI/AAAAAAAADbg/c9IjwRm0jFIH_-ukNeY4WaCWm5jskK8BACLcB/w200-h150-c/%25C5%259Eampiyonlar%2BLigi%2BFull%2BHD%2BKalitede%2BYayina%2BGeliyor.jpg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c10e1020969aed48852d8382434fe329233d09317e4e2ac7047492b85387f8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 01:04:16 GMT
x-content-type-options: nosniff
age: 8426
content-disposition: inline;filename="_ampiyonlar Ligi Full HD Kalitede Yayina Geliyor.jpg";filename*=UTF-8''%C5%9Eampiyonlar%20Ligi%20Full%20HD%20Kalitede%20Yayina%20Geliyor.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19260
x-xss-protection: 0
server: fife
etag: "vdba"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 04:48:11 GMT

GET bein1.html
git.player25.xyz/watch/ Frame EAEA 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame EBF1 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame CCDC 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame E7D1 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame 17BF 0
0

GET
H3 200 Mac%25CC%25A7lar%2BBedava%2BOlsun%2BI%25CC%2587ster%2BMisiniz%253F.jpeg
1.bp.blogspot.com/-k5-WgReorEE/YUZAWf814xI/AAAAAAAAAvo/qnYATKIxn-4fQmg0cizi2Rft2rhHaNoKwCLcBGAsYHQ/s72-w200-c-h133/ 3 KB
3 KB 53ms
39ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-k5-WgReorEE/YUZAWf814xI/AAAAAAAAAvo/qnYATKIxn-4fQmg0cizi2Rft2rhHaNoKwCLcBGAsYHQ/s72-w200-c-h133/Mac%25CC%25A7lar%2BBedava%2BOlsun%2BI%25CC%2587ster%2BMisiniz%253F.jpeg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56bfbc4ecfacabd772d44178eb1d18ac31cbd544bb9cffcb6b40e6655579d6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:39:51 GMT
x-content-type-options: nosniff
age: 13491
content-disposition: inline;filename="Mac_lar Bedava Olsun I_ster Misiniz.jpg";filename*=UTF-8''Mac%CC%A7lar%20Bedava%20Olsun%20I%CC%87ster%20Misiniz.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3087
x-xss-protection: 0
server: fife
etag: "v2fb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 04:48:11 GMT

GET ch7.html
git.player25.xyz/watch/ Frame 6994 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame BFC6 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame 79AF 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame 012C 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame 654A 0
0

GET
H3 200 728doksan-min.gif
1.bp.blogspot.com/-tmdkKg1QdAg/YT3-mW1a86I/AAAAAAAAH3Y/1bR8V41yZy4rRQDe5tfCj8IQdvAvl6MDgCLcBGAsYHQ/s0/ Frame A2A4 700 KB
700 KB 55ms
52ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tmdkKg1QdAg/YT3-mW1a86I/AAAAAAAAH3Y/1bR8V41yZy4rRQDe5tfCj8IQdvAvl6MDgCLcBGAsYHQ/s0/728doksan-min.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890bahiscom.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

461bfca3168213eb5c5606abc0b3da8b9d3cbd6b911881ba53ae7fc156cf13c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 02:00:49 GMT
x-content-type-options: nosniff
age: 5033
content-disposition: inline;filename="728doksan-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 716810
x-xss-protection: 0
server: fife
etag: "v1f79"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:27:09 GMT

GET
H3 200 Sportboss%2B%25C4%25B0le%2BAyricalikli%2BBasketbol%2BKeyfi.jpg
2.bp.blogspot.com/-WhgOYhw5wEo/WK6y_QP0oJI/AAAAAAAADQw/HjzIUNJuCe8bw6D4uAjLYeTL2RDl0ZXnQCLcB/w200-h150-c/ 16 KB
16 KB 75ms
74ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-WhgOYhw5wEo/WK6y_QP0oJI/AAAAAAAADQw/HjzIUNJuCe8bw6D4uAjLYeTL2RDl0ZXnQCLcB/w200-h150-c/Sportboss%2B%25C4%25B0le%2BAyricalikli%2BBasketbol%2BKeyfi.jpg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e4b9cc800225db12571ad82bc0976e528fe7adef9c30f0c5b97ad7f397fbe945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 00:11:13 GMT
x-content-type-options: nosniff
age: 11609
content-disposition: inline;filename="Sportboss _le Ayricalikli Basketbol Keyfi.jpg";filename*=UTF-8''Sportboss%20%C4%B0le%20Ayricalikli%20Basketbol%20Keyfi.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16636
x-xss-protection: 0
server: fife
etag: "vd0f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 18:24:47 GMT

GET

bein1.html
inanamiyorumhalaburdasin.cloud/futbolcafe/watch/ Frame 6801
Redirect Chain

http://git.player25.xyz/watch/bein1.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame 94CD 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame 8C2B 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame D225 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame DB96 0
0

GET
H3 200 binellilider.gif
1.bp.blogspot.com/-5xhez1r0GyU/YRkoeMHUFTI/AAAAAAAAL28/F06zd1kJYlknQ9HEDIiLbe69GjxcXxo_gCLcBGAsYHQ/s0/ Frame 7CE6 2 MB
2 MB 81ms
81ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5xhez1r0GyU/YRkoeMHUFTI/AAAAAAAAL28/F06zd1kJYlknQ9HEDIiLbe69GjxcXxo_gCLcBGAsYHQ/s0/binellilider.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050liderbahis.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

87beaad6dece395dc3d1de4b99d898da291343101b41b713f1e3228c4ff1ffab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:48:19 GMT
x-content-type-options: nosniff
age: 12983
content-disposition: inline;filename="binellilider.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1678754
x-xss-protection: 0
server: fife
etag: "v2f70"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:53:43 GMT

GET
H3 200 bineli.gif
1.bp.blogspot.com/-A53BJqo20ic/YPbUsGC0f-I/AAAAAAAAHyo/eD2b3DNmoT8Xjr2flSgHaHih95T4eUMIACLcBGAsYHQ/s0/ Frame 1AB8 233 KB
233 KB 90ms
90ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-A53BJqo20ic/YPbUsGC0f-I/AAAAAAAAHyo/eD2b3DNmoT8Xjr2flSgHaHih95T4eUMIACLcBGAsYHQ/s0/bineli.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050restbet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f48b59a1640f4aca9db88b921426d81b03eee4621c977fce76f5e075ba2f1ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:19:51 GMT
x-content-type-options: nosniff
age: 291
content-disposition: inline;filename="bineli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238767
x-xss-protection: 0
server: fife
etag: "v1f33"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:35:36 GMT

GET
H3 200 yedisekizdoksan.gif
1.bp.blogspot.com/-cxYdQE-WiYQ/YPbUtPR-TXI/AAAAAAAAHyw/H8aHv56-9rkiL6CZqbjv37Aol-rbCyc4ACLcBGAsYHQ/s0/ Frame 9FD6 239 KB
239 KB 93ms
93ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-cxYdQE-WiYQ/YPbUtPR-TXI/AAAAAAAAHyw/H8aHv56-9rkiL6CZqbjv37Aol-rbCyc4ACLcBGAsYHQ/s0/yedisekizdoksan.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890restbet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fe3e09f52041e4c00c3ce2d531d4bbd78a3a13047013f63692b80dbe97939905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:19:51 GMT
x-content-type-options: nosniff
age: 291
content-disposition: inline;filename="yedisekizdoksan.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244529
x-xss-protection: 0
server: fife
etag: "v1f36"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:58:34 GMT

GET
H3 200 Ma%25C3%25A7lari%2BCanli%2B%25C4%25B0zlemek%2B%25C4%25B0steyenler%2BBurada.jpg
3.bp.blogspot.com/-t_Z_knkvIks/WL0m_zpIADI/AAAAAAAADdk/P9cFFscwvZEQ7gxWSNQMK_KFXnd5DpeHACLcB/w200-h150-c/ 11 KB
11 KB 79ms
79ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-t_Z_knkvIks/WL0m_zpIADI/AAAAAAAADdk/P9cFFscwvZEQ7gxWSNQMK_KFXnd5DpeHACLcB/w200-h150-c/Ma%25C3%25A7lari%2BCanli%2B%25C4%25B0zlemek%2B%25C4%25B0steyenler%2BBurada.jpg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e85f34c37f945a47e28a7fd7adda49abeddb9b82b02f38cc6cb88dfe5cc6e543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 02:45:58 GMT
x-content-type-options: nosniff
age: 2324
content-disposition: inline;filename="Ma_lari Canli _zlemek _steyenler Burada.jpg";filename*=UTF-8''Ma%C3%A7lari%20Canli%20%C4%B0zlemek%20%C4%B0steyenler%20Burada.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11465
x-xss-protection: 0
server: fife
etag: "vddd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 08:00:56 GMT

GET yurop10.html
git.player25.xyz/watch/ Frame 16FC 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame 58AD 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame 96A3 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame B280 0
0

GET 72890celta.html
git.player25.xyz/kutular/ Frame F65B 0
0

GET
H3 200 binelli.gif
1.bp.blogspot.com/-0VZAPozsHaA/YVjrDUCYhyI/AAAAAAAABtY/nHXW_VETiK4sEKIioMhBYIKjmRQkgzkEACLcBGAsYHQ/s0/ Frame C155 582 KB
582 KB 76ms
76ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-0VZAPozsHaA/YVjrDUCYhyI/AAAAAAAABtY/nHXW_VETiK4sEKIioMhBYIKjmRQkgzkEACLcBGAsYHQ/s0/binelli.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/100050supertotobet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fc449362296a58b006b499ab3a3eb8330a6afc2318c9549641c30260a509f86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 02:57:34 GMT
x-content-type-options: nosniff
age: 1628
content-disposition: inline;filename="binelli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 595918
x-xss-protection: 0
server: fife
etag: "v6da"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 12:33:02 GMT

GET
H3 200 yediyuz.gif
1.bp.blogspot.com/-HeephFR9II8/YVjrEKVl3qI/AAAAAAAABtg/rimwKdvjPOkT9jZgk6306JhYGK1AqMlVgCLcBGAsYHQ/s0/ Frame 8CE8 802 KB
802 KB 100ms
99ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HeephFR9II8/YVjrEKVl3qI/AAAAAAAABtg/rimwKdvjPOkT9jZgk6306JhYGK1AqMlVgCLcBGAsYHQ/s0/yediyuz.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890supertotobet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c891f4ef6d0aaff2d742f0f06365e862d2fd200730b73e66888fe978c656fe0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:29:50 GMT
x-content-type-options: nosniff
age: 14092
content-disposition: inline;filename="yediyuz.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 821080
x-xss-protection: 0
server: fife
etag: "v6da"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:51:23 GMT

GET
H3 200 728doksan-LB.gif
1.bp.blogspot.com/-3L7c_gQZA4E/YRMLpdw08lI/AAAAAAAAAs4/y_91SS1tiGg2HPlytcwjVsaih17_LCuiwCLcBGAsYHQ/s0/ Frame CC79 725 KB
726 KB 94ms
93ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-3L7c_gQZA4E/YRMLpdw08lI/AAAAAAAAAs4/y_91SS1tiGg2HPlytcwjVsaih17_LCuiwCLcBGAsYHQ/s0/728doksan-LB.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890liderbahis.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3e9280f67ebd600d854464a00a40615185785f16a4555a5897c1f7c03ad9d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:19:51 GMT
x-content-type-options: nosniff
age: 291
content-disposition: inline;filename="728doksan-LB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 742867
x-xss-protection: 0
server: fife
etag: "v2db"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 03:41:03 GMT

GET
H3 200 Justin%2BTv%2BT%25C3%25BCm%2BMa%25C3%25A7lari%2BBedava%2B%25C4%25B0zletiyor.jpg
2.bp.blogspot.com/-3IBAaiE4VFs/WLk17JWyGrI/AAAAAAAADas/DrHnLt65EdElYyb6VknqOuhZW8PrBgCwQCLcB/w200-h150-c/ 20 KB
20 KB 99ms
98ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-3IBAaiE4VFs/WLk17JWyGrI/AAAAAAAADas/DrHnLt65EdElYyb6VknqOuhZW8PrBgCwQCLcB/w200-h150-c/Justin%2BTv%2BT%25C3%25BCm%2BMa%25C3%25A7lari%2BBedava%2B%25C4%25B0zletiyor.jpg

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b88b796487e1c934163f390d8e9e6d25e418627c86f49093c6a9a988c555965f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 00:11:13 GMT
x-content-type-options: nosniff
age: 11609
content-disposition: inline;filename="Justin Tv T_m Ma_lari Bedava _zletiyor.jpg";filename*=UTF-8''Justin%20Tv%20T%C3%BCm%20Ma%C3%A7lari%20Bedava%20%C4%B0zletiyor.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20403
x-xss-protection: 0
server: fife
etag: "vdaf"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Oct 2021 18:05:24 GMT

GET
H3 200 close.gif
4.bp.blogspot.com/-gqmCHgeS4yI/WJAeuIucjdI/AAAAAAAAEmU/xdFdp6UkMGkP5YQKfPIA6FVkr8rhjh0KQCLcB/s1600/ Frame F7B5 2 KB
2 KB 104ms
104ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-gqmCHgeS4yI/WJAeuIucjdI/AAAAAAAAEmU/xdFdp6UkMGkP5YQKfPIA6FVkr8rhjh0KQCLcB/s1600/close.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

95cd38d20b81bfd7c70c30aaff5b268cdac4b9b800dc5408d547b9845815cc42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:19:55 GMT
x-content-type-options: nosniff
age: 287
content-disposition: inline;filename="close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2495
x-xss-protection: 0
server: fife
etag: "v1266"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 17:23:12 GMT

GET
H3 200 kutuucyuz.gif
1.bp.blogspot.com/-UuJ3ZCxxODg/YVjrDRtCWdI/AAAAAAAABtc/jKVNXEUTwsUjvg4b2UV7vDBjpTj11RjIQCLcBGAsYHQ/s0/ Frame F7B5 526 KB
526 KB 104ms
104ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UuJ3ZCxxODg/YVjrDRtCWdI/AAAAAAAABtc/jKVNXEUTwsUjvg4b2UV7vDBjpTj11RjIQCLcBGAsYHQ/s0/kutuucyuz.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1ae2437441801f6bcebc0ded46f6a031eb8acef8cc898f35c36f0536747d05b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:29:51 GMT
x-content-type-options: nosniff
age: 14091
content-disposition: inline;filename="kutuucyuz.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 538322
x-xss-protection: 0
server: fife
etag: "v6d9"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 08:52:08 GMT

GET
H/1.1 200
OK SakQCEfSEeOHhRIxOQfUww.js Show response
jwpsrv.com/library/ Frame F7B5 126 KB
41 KB 238ms
69ms Script
text/javascript 18.66.138.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jwpsrv.com/library/SakQCEfSEeOHhRIxOQfUww.js
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 6a33a36bee32f2c493ac85f0d43e51548e9059b69990a0d4098039c31a3efd5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:34 GMT
Content-Encoding: gzip
Connection: keep-alive
Server: openresty
Age: 9
X-Cache: Hit from cloudfront
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=150, max-stale=180
X-Amz-Cf-Pop: FRA60-P4
Content-Length: 41127
Via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: U7MgTrDAa_WMX0jiNpXXc1-rgOd0bIYi9gyuHq3QZNaBFOtgHmDL4w==
Expires: Sun, 21 Nov 2021 03:25:53 GMT

GET
H/1.1 200
OK pop-kralbet.js Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/ Frame F7B5 1 KB
2 KB 58ms
56ms Script
application/javascript 2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/pop-kralbet.js
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb0e13d9c01d5e20173fd5bd580f33102a5aa448ddef63486841d145e719841d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3714
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 21 Nov 2021 00:09:41 GMT
Server: cloudflare
etag: W/"61998e45-5d7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mz3fqOdk6birXbxf488%2BWH%2BXZNJnaDxX9i0kZDVXwBQiZZHIoV7sh7nFGepM9b3vqYojFUfAKnAeJoS4j59mPOeWKZ%2BOfJJDM2Zj0tLzj0GcpDB6qx7qibwOs8WXwP%2BFUa%2BdlesYdAQhN85XoiQH9vabNRyi2Avl0L59A2Y%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-RAY: 6b16ce80ad335c08-FRA

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame F7B5 30 KB
7 KB 184ms
129ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 21018530
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6fc1a75116c932681ed09108db37b84c
cf-ray: 6b16ce8108d34ea4-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame F7B5 152 KB
24 KB 124ms
69ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617, 617, 718
age: 21017958
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 36625b6181d7cc595cfbeb084ba09421
cf-ray: 6b16ce8108d24ea4-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3

200

clappr.min.js Show response
cdn.jsdelivr.net/clappr/latest/ Frame F7B5
Redirect Chain

http://cdn.jsdelivr.net/clappr/latest/clappr.min.js
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

517 KB
126 KB

218ms
218ms

Script
application/javascript

2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2270270
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19143-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b16ce80fbf94e9d-FRA

Redirect headers

Location: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Non-Authoritative-Reason: HSTS

GET
H3

200

level-selector.min.js Show response
cdn.jsdelivr.net/clappr.level-selector/latest/ Frame F7B5
Redirect Chain

http://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js

9 KB
3 KB

128ms
128ms

Script
application/javascript

2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2270270
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19181-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b16ce80fbfa4e9d-FRA

Redirect headers

Location: https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ezhel.css
inanamiyorumhalaburdasin.cloud/oldstreaming/ch/ Frame F7B5 666 B
977 B 54ms
52ms Stylesheet
text/css 2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/oldstreaming/ch/ezhel.css
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9da643d9b2d6e55eee6061d809218d9c9b7fe07f8a2ce1d2f6ae9aa7a3eadc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3714
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 21 Feb 2021 16:32:54 GMT
Server: cloudflare
etag: W/"60328b36-29a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DW9gbGG52ZTmptUjOLRrsA9UeTQlGNF4ckZIR%2BSTwYMoSwXCwxfdXOhyboW1OwaJbKXOWiS9NyVywD8JEkRWekxErMEeL08qIhi6pGrupFIzDNrFXxHtWixnsbhc6ViNOj0BmoFCQxn1jnxXlwOcYCvQDcAf00QuzskQHoE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-RAY: 6b16ce80ad1f2c0d-FRA

GET
H3 200 dash-shaka-playback.js Show response
cdn.jsdelivr.net/gh/clappr/dash-shaka-playback@latest/dist/ Frame F7B5 302 KB
93 KB 159ms
111ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/dash-shaka-playback@latest/dist/dash-shaka-playback.js

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff598484d32ac8e952b42fc96f5cc18f64b328d24ba3796fa4d5dff86a3f2341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22727
x-jsd-version: 2.3.6
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19146-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4b77a-Yz713NHRTz/M2BkguJquVQSBCVM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b16ce80fbf14e9d-FRA

GET
H3 200 clappr-chromecast-plugin.js Show response
cdn.jsdelivr.net/clappr.chromecast-plugin/latest/ Frame F7B5 67 KB
13 KB 113ms
65ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr.chromecast-plugin/latest/clappr-chromecast-plugin.js

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37b98c3868451a3523a6f2a2ff240159431ce81bc8a1ab3ae3099ae7f4024b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2270243
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19132-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"10d03-RHmlaMw21gVFkX7fZK8TTUNDrd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b16ce80fbf34e9d-FRA

GET
H3 200 yedidoksan.gif
1.bp.blogspot.com/-SgVt46jfREI/YMSS8HbrntI/AAAAAAAAAng/Sh351QTg2G4cyd3jtYx9gfmacI2gqi5wQCLcBGAsYHQ/s0/ Frame 881C 837 KB
837 KB 109ms
109ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SgVt46jfREI/YMSS8HbrntI/AAAAAAAAAng/Sh351QTg2G4cyd3jtYx9gfmacI2gqi5wQCLcBGAsYHQ/s0/yedidoksan.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32f52e9a2e9d531909edbf07d33bf175a6ec34cdce894e665c06b276536d352e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:18:41 GMT
x-content-type-options: nosniff
age: 361
content-disposition: inline;filename="yedidoksan.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 856865
x-xss-protection: 0
server: fife
etag: "v27a"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:10:22 GMT

GET
H3 200 728doksan-saha.gif
1.bp.blogspot.com/-7rDjpgI6Jy8/YP2U8ziFncI/AAAAAAAABmA/UFIS8fv1AdYJZ_3F9fxDETXNjyj5CgWfACLcBGAsYHQ/s0/ Frame CD64 3 MB
3 MB 120ms
120ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7rDjpgI6Jy8/YP2U8ziFncI/AAAAAAAABmA/UFIS8fv1AdYJZ_3F9fxDETXNjyj5CgWfACLcBGAsYHQ/s0/728doksan-saha.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

759480b2f227addad5e9d11082e2195349947f836edb05064c2b7c977f58b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 00:47:58 GMT
x-content-type-options: nosniff
age: 9404
content-disposition: inline;filename="728doksan-saha.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2863648
x-xss-protection: 0
server: fife
etag: "v667"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 04:36:12 GMT

GET
H/1.1

200
OK

120600bahiscom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 8FED
Redirect Chain

http://git.player25.xyz/kutular/120600bahiscom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

354 B
1 KB

69ms
69ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d8a6a37b6d395ef7370ed88a55ddf9431098b66f0c4e084e44576f78467e26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:49 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3715
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHMvOBXLiz7g4wG2fPu%2BJFW9sm%2B%2B%2BhL0SrNRAON%2BG%2Bcyd6Jjw%2BWVrkdP%2BcMB8m%2Bnosyc5Mu7yBVUNhLtEZrDKTEaRpe25qIOUdMIFqGg5ql4kOpjG1ozbGbudiucwD5Fa64axUPtgJ0T4VJb9%2Baf7fiuxmFOa97%2B4AewTUQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce811dc05c08-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SmEe388m%2F4pLr812pwQLehF7HDaRE8TrckZUALRHPcwpxp9J%2FoS%2FdwTflz%2Bb5ZbohZ1UMQm9%2Bu3xeCooEqJCzm8JIJr1Q88Bm0xU2mQWddMt7fX5SkFz2R28%2FvSUi6pDJMvvdYO89fKzojLoP4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce80cbb74abc-FRA

GET
H/1.1

200
OK

120600bahiscom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 571D
Redirect Chain

http://git.player25.xyz/kutular/120600bahiscom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

354 B
1 KB

68ms
67ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d8a6a37b6d395ef7370ed88a55ddf9431098b66f0c4e084e44576f78467e26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:49 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3715
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TD7IH8tUSufTdvkqxQKDUUg%2Fw4o3smu2FZT0eEiHqfccQsEr1yq9SEvVJ1pu6CdXORz5voaA8SVoYKVMB5lSAtCDOS9hXuP3Bf83Tk00Z%2Bt6nSVOMsOVczoMUAkzpfexRsnl8RaXklRdbw7JWT6ekx9xb3zmDqzV48lAxCM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce811dae2c0d-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL0S7I2jenNeJn0rxvbsgqbK0Shpf%2FJ2QTosyy0N63MYCw7GG%2BdlHJ1Dzd2raCiLv3XWWs4Gdm101eZ8xQ29ipZc0iPeoPi0pbT4S4KOEwmcc2Zv9M%2Fni0VUUM2hto74HvasfjAoX2Wka85JgjM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce80cf062c01-FRA

GET
H3 200 yedidoksan.gif
1.bp.blogspot.com/-SgVt46jfREI/YMSS8HbrntI/AAAAAAAAAng/Sh351QTg2G4cyd3jtYx9gfmacI2gqi5wQCLcBGAsYHQ/s0/ Frame 4E42 837 KB
837 KB 133ms
133ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SgVt46jfREI/YMSS8HbrntI/AAAAAAAAAng/Sh351QTg2G4cyd3jtYx9gfmacI2gqi5wQCLcBGAsYHQ/s0/yedidoksan.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890ultrajtvizle.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32f52e9a2e9d531909edbf07d33bf175a6ec34cdce894e665c06b276536d352e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:18:41 GMT
x-content-type-options: nosniff
age: 361
content-disposition: inline;filename="yedidoksan.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 856865
x-xss-protection: 0
server: fife
etag: "v27a"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:10:22 GMT

GET
H3 200 728doksan-saha.gif
1.bp.blogspot.com/-7rDjpgI6Jy8/YP2U8ziFncI/AAAAAAAABmA/UFIS8fv1AdYJZ_3F9fxDETXNjyj5CgWfACLcBGAsYHQ/s0/ Frame 6379 3 MB
3 MB 153ms
153ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7rDjpgI6Jy8/YP2U8ziFncI/AAAAAAAABmA/UFIS8fv1AdYJZ_3F9fxDETXNjyj5CgWfACLcBGAsYHQ/s0/728doksan-saha.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/72890saha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

759480b2f227addad5e9d11082e2195349947f836edb05064c2b7c977f58b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 00:47:58 GMT
x-content-type-options: nosniff
age: 9405
content-disposition: inline;filename="728doksan-saha.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2863648
x-xss-protection: 0
server: fife
etag: "v667"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 04:36:12 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 493ms
150ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.salesalevia.com%2F&j=
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
X-T: 0.81
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sun, 21 Nov 2021 03:24:42 GMT

GET
H/1.1

200
OK

300250restbet.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 16D2
Redirect Chain

http://git.player25.xyz/kutular/300250restbet.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html

356 B
1 KB

68ms
67ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce597d4fd3e43de0a57cc934f7b0ba5fed0c0dbbf2beb944b5e2cf0cccb4b2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:50 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3715
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTHxVPzhDZXklg%2B9yuimZ4I%2FOk%2BNFTX3wWsSkte7kv6plsv7uY2GCRb85bq1IkABVFTz%2B18lOQDAZSoRDSccq8HV0u0TP4e%2BmJbwxMb5GbodfQ4cZspmqBkJ%2Fp41NuI6JTBINr%2FMfcj3KbOtOvgdt1FyZ9akH96eCgLPiHY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce812d5142ee-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYC%2B2j7hOlbsnJ2X99KQ0c%2B6N%2FFN9mBcm5NXaL4EOaPF%2Fp41x5tfoLAP%2BHSysdXD6kw9%2F445e5VhC7xF4hk8llfxka%2Fb9torUfNYQpm7yvN6aiklESCnmzH9adK1XKbeBTGv%2BI7tmNhjhmpzaIA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce80d8f86909-FRA

GET
H/1.1

200
OK

300250restbet.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 88CE
Redirect Chain

http://git.player25.xyz/kutular/300250restbet.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html

356 B
1 KB

67ms
67ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce597d4fd3e43de0a57cc934f7b0ba5fed0c0dbbf2beb944b5e2cf0cccb4b2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:50 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3715
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JI1lHXtegLw1eAZ47C%2FU1g8VtD1XQWAgJlnDdUXGtHw3oEHOxbPIufyRLOYrgqmafzN4VAl4TiSh5WNBrhwsmSGPyjzPQd5ogGRJ3y3wLYQbfuSkdgjm9nFVcbyOOOMwKgNL6GcHbwz0%2FR1R%2F8Qm73%2FZgZIFIFC2FrZVdEU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce813f004303-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeJE6%2BhjiXu%2BJ6WtGGwfW8pXZbBO8CdBWEdldUnDr6m6AgJCCej5b5bdpV2hAzXjrNxjEUdLO79vVPdiPSXTi4zD4yX5%2BQwNkZpCA7eBq33bNpht0TorSRwcy582GypF%2BRt8RaSRyLdY2Mig56s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce80de791766-FRA

GET
H/1.1

200
OK

300250onwin.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame 7988
Redirect Chain

http://git.player25.xyz/kutular/300250onwin.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250onwin.html

374 B
1 KB

70ms
70ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250onwin.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e8f98796b8a2acc807ca3fc300487b06af0ea5bfdf81139e1bc0ff0f6f9fda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:49 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3715
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLDFLEz3Lu1x%2BnnLhZJpd3S8sBxWY4SifQDCVsxlv3P7WDB6Npd7H9GvwN82gLI%2BTZ5FWPc7fVIHHb4vPkQgCBBFiaxgB3b3%2BQ8m%2B0noHFYtJog3rEb2z7%2FFs%2BHTaNo%2FKRgqnDBxcB8r72LC3B0FcFhsht5wUjr27snFVFE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce81595e0631-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250onwin.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpganiXG052uZ2NjMaUThNb1qVdOdzuz0dIWAHU%2FdllzOFWPrmLckdgsoGo5TXQ25gZhnza3lewD1X%2BiFEOWtzJTtYCVdg1hv2AOneUfN%2FWobsxzzk%2BWi%2FmZtTH9uHtkj5CL%2B3o52Sf9uaZTYE0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce80e87c4e80-FRA

GET
H/1.1

200
OK

300250betistcom.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame DF0F
Redirect Chain

http://git.player25.xyz/kutular/300250betistcom.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betistcom.html

269 B
1 KB

88ms
58ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betistcom.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f97d2efd173703c604161b16d5c7d933ae98fcbe03242c47395c2c22573a9155

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:49 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3715
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDZ2uTfPk8oGD63mtEFB2NGYQcaiAvp6h9Su%2B55bFb9B08C%2BOMtGJWzEb4193bu4dIxx0aIv66plsEQN8cDvTEj61FciQwUmw2x7zo%2BFgb6HbC78D7Sx0XKKgAsABFTJI3GsdGNtlg8XJpGwS5vzGf16CXh2tLX7iB5kp4o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce818e072c0d-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betistcom.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jD0iVIkCkCY1uaRGp1emL3NnweVzeUTQNUM%2FKNPGwBrNjQ92jTDRPzg6roTqrlrXWGt8y9MsoLM73QjkRBAs0QIyXC4pAJlXTU70RJ5hhhpmDz31poHeRoShEoU43rnpBS64iSPlI%2FJPHtnxV5A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce80fed03233-FRA

GET
H/1.1

200
OK

300250tipobet.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/ Frame E970
Redirect Chain

http://git.player25.xyz/kutular/300250tipobet.html
http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250tipobet.html

358 B
1 KB

62ms
57ms

Document
text/html

2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250tipobet.html
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87e4ecf19580bd39b34b63f23a14bb506feddbc824d6648b238bf746cd8a874

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:50 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3715
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBUX%2FBUvJen5iOEu6vMW2DNEzSJb3NseWwplsO26dKQJoyQxV4Y67knB1ZP4%2FEkqEbDQKg3MZa470gMpLgp9gXoPUaDmYbpfl0b79NCwGiewIHhzIoFNXp8C6U7QER026BAVtUvlOZKIcPhrffYRO9Vk7kxju6z2efvqtWk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce818e455c08-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250tipobet.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxR2NLykTiisW7qd8DK4gfXuAkul2oQ0ylMfIc3ZaERiH45MCBZ70faDRyZlFUHJSFSItYz3QDKTVNxhlgMi0m%2BXAGhyA6yDKzjRsZ%2BFMHncQVuZ0FvsIx77b7PlUkswLkk53fBZyVIDgtNKv7s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce811c0c4abc-FRA

GET
H/1.1 200
OK summary Show response
www.salesalevia.com/feeds/posts/ 7 KB
3 KB 165ms
165ms Script
text/javascript 2606:4700:3034::ac43:cf02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.salesalevia.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata

Requested by

Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/Arlina-Design/redvision/master/unlipage.js

Protocol

HTTP/1.1

Server

2606:4700:3034::ac43:cf02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c893e5b2e44d7f5addf320e63bc5dceb4707feadaf63ece90457354e1e20534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 1924
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 00:26:03 GMT
Server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7bdf426bb64ae4b8031f53da1f284b58c1e5aa33f16b90377e1eb8b3fd64445a"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeLGL8JLUdO%2FViauhYlglRxT4fRhMbUexv7SURcLfCV9%2FiNfDT3vhMV6mJtQ%2FwjldoCAAOiLm9kwbQdRcyDS54sgacgic8KqnzqNILz4il3z%2FNJD2xpS54%2FhnLo1bQgy9GRDRQTe0nFu47kGV88IS%2FuJ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
CF-RAY: 6b16ce80ff6d4357-FRA
expires: Sun, 21 Nov 2021 03:24:44 GMT

GET
H3 200 bahiscom160-min.gif
1.bp.blogspot.com/-Jx-63CeYEdc/YTkMc5at8EI/AAAAAAAAL5I/iJa3nJyCjj4GnPpDeQsSJjvGdeE3vPtSQCLcBGAsYHQ/s0/ Frame 571D 1 MB
1 MB 120ms
119ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Jx-63CeYEdc/YTkMc5at8EI/AAAAAAAAL5I/iJa3nJyCjj4GnPpDeQsSJjvGdeE3vPtSQCLcBGAsYHQ/s0/bahiscom160-min.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

48daed2d590f7df15cf306fcdb22d7ad42198248d8e655a5797dc96676cd95c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 02:44:40 GMT
x-content-type-options: nosniff
age: 2403
content-disposition: inline;filename="bahiscom160-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137518
x-xss-protection: 0
server: fife
etag: "v2f94"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:13:46 GMT

GET
H3 200 bahiscom160-min.gif
1.bp.blogspot.com/-Jx-63CeYEdc/YTkMc5at8EI/AAAAAAAAL5I/iJa3nJyCjj4GnPpDeQsSJjvGdeE3vPtSQCLcBGAsYHQ/s0/ Frame 8FED 1 MB
1 MB 134ms
133ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Jx-63CeYEdc/YTkMc5at8EI/AAAAAAAAL5I/iJa3nJyCjj4GnPpDeQsSJjvGdeE3vPtSQCLcBGAsYHQ/s0/bahiscom160-min.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/120600bahiscom.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

48daed2d590f7df15cf306fcdb22d7ad42198248d8e655a5797dc96676cd95c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 02:44:40 GMT
x-content-type-options: nosniff
age: 2403
content-disposition: inline;filename="bahiscom160-min.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137518
x-xss-protection: 0
server: fife
etag: "v2f94"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:13:46 GMT

GET
H3 200 ucikieli.gif
1.bp.blogspot.com/-xxun7khs3Vw/YPbUsAolbnI/AAAAAAAAHyk/aS4HQEKC7AgHTKuTR6MoBTNw6NioOJNnQCLcBGAsYHQ/s0/ Frame 16D2 303 KB
304 KB 124ms
124ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xxun7khs3Vw/YPbUsAolbnI/AAAAAAAAHyk/aS4HQEKC7AgHTKuTR6MoBTNw6NioOJNnQCLcBGAsYHQ/s0/ucikieli.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17ec67c9a9588cc34a95dd7e8a775c6a1c800b31736db27c25620711972a0782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:29:51 GMT
x-content-type-options: nosniff
age: 14092
content-disposition: inline;filename="ucikieli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 310777
x-xss-protection: 0
server: fife
etag: "v1f33"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 09:46:29 GMT

GET
H3 200 ucikieli.gif
1.bp.blogspot.com/-xxun7khs3Vw/YPbUsAolbnI/AAAAAAAAHyk/aS4HQEKC7AgHTKuTR6MoBTNw6NioOJNnQCLcBGAsYHQ/s0/ Frame 88CE 303 KB
304 KB 127ms
127ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xxun7khs3Vw/YPbUsAolbnI/AAAAAAAAHyk/aS4HQEKC7AgHTKuTR6MoBTNw6NioOJNnQCLcBGAsYHQ/s0/ucikieli.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250restbet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17ec67c9a9588cc34a95dd7e8a775c6a1c800b31736db27c25620711972a0782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:29:51 GMT
x-content-type-options: nosniff
age: 14092
content-disposition: inline;filename="ucikieli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 310777
x-xss-protection: 0
server: fife
etag: "v1f33"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 09:46:29 GMT

GET
H3 200 300ikielli.gif
1.bp.blogspot.com/-agpkeUkfq4I/YTx0O011szI/AAAAAAAAL6U/eZmlHCUNMXM2p47Ire8THLtSWb9zHuRqgCLcBGAsYHQ/s0/ Frame 7988 2 MB
2 MB 140ms
138ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-agpkeUkfq4I/YTx0O011szI/AAAAAAAAL6U/eZmlHCUNMXM2p47Ire8THLtSWb9zHuRqgCLcBGAsYHQ/s0/300ikielli.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250onwin.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

df40dbf7831bf73832151d295ad75602dfa2ae5303d0441266bd9553a325374b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:45:32 GMT
x-content-type-options: nosniff
age: 13151
content-disposition: inline;filename="300ikielli.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1829393
x-xss-protection: 0
server: fife
etag: "v2fa9"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 14:51:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 255ms
117ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1416
date: Sun, 21 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 21 Nov 2021 05:01:07 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5fb048e5f90b71d1/ 3 KB
989 B 97ms
94ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5fb048e5f90b71d1/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04f891b7d98464c28abdd92238f06f02d6cb2ef4e31b5507d1a919da0a1a85cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: gzip
etag: 110857623--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=23, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 814

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 189ms
185ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6199bbfa91e2ba19&bkl=0&bl=1&pdt=798&sid=6199bbfa91e2ba19&pub=ra-5fb048e5f90b71d1&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.salesalevia.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Justin%20tv%20izle%2CCanl%C4%B1%20Ma%C3%A7%20izle%2CMa%C3%A7%20Yay%C4%B1nlar%C4%B1%2CTaraftarium24%20izle%2CMa%C3%A7%20izle%20Bedava%2CJustintv%20Ma%C3%A7%20izle%2Ctaraftarium%2Cnetspor%2Cwebspor&colc=1637465083275&jsl=1&uvs=6199bbfa7616e29b000&skipb=1&callback=addthis.cbs.jsonp__434918523522793030
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe1e40d498bdbda0d52582ce4dccf3c456d2b423acce70b5941d300f8a263617

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 03:24:43 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame E865 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 5AEF 71 KB
26 KB 77ms
76ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 21 Nov 2021 03:24:43 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 29 B
213 B 376ms
256ms Script
text/javascript 67.202.114.214
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=ligtvmax1&t=Justin%20tv%20izle%2C%20Ma%C3%A7%20Yay%C4%B1nlar%C4%B1%2C%20Canl%C4%B1%20Ma%C3%A7%20izle&c=d&x=http%3A%2F%2Fwww.salesalevia.com%2F&y=&a=0&v=27&r=6251
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.114.214 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e7f73085c61256a54d3a15af8c6e0dda1b825e4adc550a1b40af13269e5fb02b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK arlinadesign.gif
1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/ 43 B
504 B 123ms
67ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/arlinadesign.gif

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

133e13c382aab95cbd5c7c1ec3c13ffebf59fa7f616ffa4e8714013d224e6178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 20 Nov 2021 23:46:50 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 13073
ETag: "va12"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="arlinadesign.gif"
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 13 Nov 2021 13:38:07 GMT

GET
H3 200 300reklam.gif
1.bp.blogspot.com/-bzd5r60pxh8/YRmOaROIUCI/AAAAAAAABpk/QgO-IE3Hu1o5hzczMTSIWCkweBKkk55twCLcBGAsYHQ/s0/ Frame E970 9 MB
9 MB 140ms
138ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-bzd5r60pxh8/YRmOaROIUCI/AAAAAAAABpk/QgO-IE3Hu1o5hzczMTSIWCkweBKkk55twCLcBGAsYHQ/s0/300reklam.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250tipobet.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

279545998a5f2a1479b734ce3ea654f9f5838ec3ca1bf9902bc926e496d8474a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 23:48:19 GMT
x-content-type-options: nosniff
age: 12984
content-disposition: inline;filename="300reklam.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9118070
x-xss-protection: 0
server: fife
etag: "v69a"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 09:55:49 GMT

GET
H/1.1 200
OK uciki50.gif
inanamiyorumhalaburdasin.cloud/futbolcafe/ Frame DF0F 1 MB
1 MB 73ms
72ms Image
image/gif 2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/uciki50.gif
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betistcom.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e5dfe814f68522cfb149b158a14a9198cda710e06e83b694ba000706bd77ded

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/kutular/300250betistcom.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3697
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 1361662
last-modified: Sun, 21 Nov 2021 00:09:47 GMT
Server: cloudflare
etag: "61998e4b-14c6fe"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vdGbcaWi7b8u5Urcdh8U1q4gxU6ijpVcuLVNVGerV0AkDsIaQ6yB5akDi0KaswwNyVmlqRnMsA9RM3o5a0qiRpkzXsazOjHRfnhA23aS4n4%2FrznBwRbt0yFg5x71860%2B4wqd1nH%2F4OAQNjD202BkJKRegJoccC79JMyOvU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
access-control-allow-origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6b16ce82aec92c0d-FRA

GET
H3 200 onlinemac.gif
1.bp.blogspot.com/-8-JxQ9RfwfA/YVI6IBfZnUI/AAAAAAAAAwM/8MXd1RyAWA0eK2YNjS6vnWMzsW4UiLvAACLcBGAsYHQ/s0/ Frame F7B5 396 KB
396 KB 168ms
168ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-8-JxQ9RfwfA/YVI6IBfZnUI/AAAAAAAAAwM/8MXd1RyAWA0eK2YNjS6vnWMzsW4UiLvAACLcBGAsYHQ/s0/onlinemac.gif

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eae06c600d14fd7377458ef747543e9309197128b9b9cae9548e08598383b1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 00:30:40 GMT
x-content-type-options: nosniff
age: 10443
content-disposition: inline;filename="onlinemac.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 405065
x-xss-protection: 0
server: fife
etag: "v304"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 16:46:13 GMT

GET
H3 200 katil%2B%25281%2529.png
1.bp.blogspot.com/--tZ4xQROe8c/X8IpMA2I64I/AAAAAAAAAw4/HSy-HEmx_gkjx-PfBuAdWai_OLDtL2FdgCLcBGAsYHQ/s0/ Frame F7B5 4 KB
4 KB 167ms
167ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--tZ4xQROe8c/X8IpMA2I64I/AAAAAAAAAw4/HSy-HEmx_gkjx-PfBuAdWai_OLDtL2FdgCLcBGAsYHQ/s0/katil%2B%25281%2529.png

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

832f92edfa65c94575b1ee0f4228acc37dbbd2b0979afb6f1501f25729f1ce94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:19:53 GMT
x-content-type-options: nosniff
age: 290
content-disposition: inline;filename="katil (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4289
x-xss-protection: 0
server: fife
etag: "v30f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:31:39 GMT

GET
H/1.1 200
OK sayac.html Show response
inanamiyorumhalaburdasin.cloud/futbolcafe/ Frame 6F5F 759 B
1 KB 65ms
65ms Document
text/html 2606:4700:3033::ac43:befc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:befc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c649e281c6fac1b22f773bbbaaec51fae3f89c4f0654fc4545c4ed5d362f896

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sun, 21 Nov 2021 00:09:45 GMT
access-control-allow-origin: *
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3740
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWtzZkzhOyYAjo87XP%2BkGTQX7PIXFzTVIg0fOC20EPZGfINvsPuei0T%2FXMGbfBIMdDg0L8uW8bj%2BucU9VXbmAFqpsFciVUGfHy2qeA52gcImkSxPLDmVIngziL6DwGpMtBdTPtMH%2F7jh9fhA7K6LbAdnrQRRwuaDUgipDc0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b16ce8368005c08-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 40ms
39ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 21 Nov 2021 03:24:43 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 453ms
150ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=salesalevia.com&_ss=1ehi527wft&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=sxkc&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fwww.salesalevia.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0e551b8a74350d69660f801c30d9e262da2107ed6c2b5819d11ab322f562382f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:43 GMT
X-T: 0.278
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 21 Nov 2021 03:24:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6F5F 90 KB
36 KB 205ms
71ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-74068698-18

Requested by

Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ec92f019a7b82f09471a1a379d7e084b7ba92a10a484d022165468dee28e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36136
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Nov 2021 03:24:43 GMT

GET
H2 200 classic.js Show response
widgets.amung.us/ Frame 6F5F 12 KB
7 KB 274ms
69ms Script
application/x-javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/classic.js
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/sayac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 03 May 2021 17:48:32 GMT
server: cloudflare
age: 2701
etag: W/"60903770-2f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6b16ce8599dd431b-FRA
expires: Mon, 22 Nov 2021 02:39:41 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 150ms
75ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=61165826&t=pageview&_s=1&dl=http%3A%2F%2Fwww.salesalevia.com%2F&ul=en-us&de=UTF-8&dt=Justin%20tv%20izle%2C%20Ma%C3%A7%20Yay%C4%B1nlar%C4%B1%2C%20Canl%C4%B1%20Ma%C3%A7%20izle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1094533074&gjid=232098462&cid=672855660.1637465084&tid=UA-74068698-17&_gid=726406420.1637465084&_r=1&_slc=1&z=1467967834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.salesalevia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Nov 2021 03:24:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.salesalevia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
285 B 400ms
331ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.salesalevia.com%2F&callback=_ate.cbs.rcb_2mh20

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

5aa4b241dccb5ba65e9389e42d5563df983c7aeb3b6925845f969db930d08405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.salesalevia.com/
last-modified: Sun, 21 Nov 2021 03:24:43 GMT
server: nginx/1.15.8
date: Sun, 21 Nov 2021 03:24:43 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
260 B 166ms
98ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.salesalevia.com%2F

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://www.salesalevia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.salesalevia.com/
last-modified: Sun, 21 Nov 2021 02:00:00 GMT
server: nginx/1.15.8
date: Sun, 21 Nov 2021 03:24:43 GMT
content-type: application/json
access-control-allow-origin: http://www.salesalevia.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
285 B 399ms
331ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.salesalevia.com%2F&callback=_ate.cbs.rcb_jrt90

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1c38f3f1f31d97b2df22ca64d8b6b9ceb472a1c679212e1953c60a738d340b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.salesalevia.com/
last-modified: Sun, 21 Nov 2021 03:24:43 GMT
server: nginx/1.15.8
date: Sun, 21 Nov 2021 03:24:43 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 14.2dfb61b890959f78272d.js Show response
s7.addthis.com/static/ 397 B
544 B 65ms
65ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/14.2dfb61b890959f78272d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-18d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 21 Nov 2021 03:24:43 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 304

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_knia0
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_knia0

74 B
301 B

467ms
211ms

Script
application/javascript

151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_knia0

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d948e974d411d4184fd8f4e987e8e3b5c8e39c1732b65caae3091f36122954d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 1831612851956674
expires: Sun, 21 Nov 2021 03:39:44 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_knia0
Non-Authoritative-Reason: HSTS

GET
H2

200

count.json Show response
widgets.pinterest.com/v1/urls/
Redirect Chain

http://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_ghn20
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_ghn20

75 B
139 B

467ms
212ms

Script
application/javascript

151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_ghn20

Requested by

Host: www.salesalevia.com
URL: http://www.salesalevia.com/

Protocol

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e5a9739ea25bc97f07ed81cb8e681319ac7868f5cd718c064b8374c52dd1261

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 2518721525667394
expires: Sun, 21 Nov 2021 03:39:44 GMT

Redirect headers

Location: https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.salesalevia.com%2F&callback=window._ate.cbs.rcb_ghn20
Non-Authoritative-Reason: HSTS

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 334ms
83ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 180273
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b16ce86eeab5c9e-FRA
expires: Wed, 24 Nov 2021 03:24:44 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ Frame 6F5F 2 KB
3 KB 1456ms
164ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fwatch%2Fbein1.html
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 55e2de957a26582c04a8e80d690fa81660ef18c68333bf9bb2df5b9ea0c26935

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:45 GMT
X-T: 0.929
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sun, 21 Nov 2021 03:24:44 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ Frame 6F5F 28 B
212 B 159ms
159ms Script
text/javascript 67.202.114.214
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=ligtvmax&t=&c=c&x=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&y=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fwatch%2Fbein1.html&a=0&d=0.174&v=27&r=5753
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Server: 67.202.114.214 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: eccc4573e3eeca3faac388dcc74f62af0bb5968afafaaad650d0d9238479d6bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:43 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 tc.js Show response
cdn.tynt.com/ Frame 6F5F 17 KB
6 KB 106ms
106ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 180273
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b16ce87af7d5c9e-FRA
expires: Wed, 24 Nov 2021 03:24:44 GMT

GET
DATA 200
OK truncated
/ Frame 6F5F 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 500ms
153ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637465084212&dn=TC&iso=0&t=Justin%20tv%20izle%2C%20Ma%C3%A7%20Yay%C4%B1nlar%C4%B1%2C%20Canl%C4%B1%20Ma%C3%A7%20izle&cu=http%3A%2F%2Fwww.salesalevia.com%2F
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame F7B5 0
227 B 499ms
154ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637465084214&dn=TC&iso=1&r=http%3A%2F%2Fwww.salesalevia.com%2F&t=inanamiyorumhalaburdasin.cloud
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6F5F 49 KB
20 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74068698-18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1417
date: Sun, 21 Nov 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 21 Nov 2021 05:01:07 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 702ms
221ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 22 Nov 2021 03:24:45 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame F7B5 4 B
202 B 702ms
221ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=http%3A%2F%2Fwww.salesalevia.com%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 22 Nov 2021 03:24:45 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 152ms
152ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637465084212&dn=TC&iso=0&t=Justin%20tv%20izle%2C%20Ma%C3%A7%20Yay%C4%B1nlar%C4%B1%2C%20Canl%C4%B1%20Ma%C3%A7%20izle&cu=http%3A%2F%2Fwww.salesalevia.com%2F
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame F7B5 0
227 B 152ms
152ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637465084214&dn=TC&iso=1&r=http%3A%2F%2Fwww.salesalevia.com%2F&t=inanamiyorumhalaburdasin.cloud
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 159ms
158ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637465084212&dn=TC&iso=0&t=Justin%20tv%20izle%2C%20Ma%C3%A7%20Yay%C4%B1nlar%C4%B1%2C%20Canl%C4%B1%20Ma%C3%A7%20izle
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame F7B5 0
227 B 160ms
159ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637465084214&dn=TC&iso=1&r=http%3A%2F%2Fwww.salesalevia.com%2F&t=inanamiyorumhalaburdasin.cloud
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:44 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 148ms
147ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637465084212&dn=TC&iso=0
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame F7B5 0
227 B 148ms
148ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637465084214&dn=TC&iso=1&r=http%3A%2F%2Fwww.salesalevia.com%2F
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 140ms
140ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637465084212&dn=TC&iso=0
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame F7B5 0
227 B 140ms
140ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637465084214&dn=TC&iso=1
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 125ms
125ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637465084212&dn=TC&iso=0
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame F7B5 0
227 B 125ms
124ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637465084214&dn=TC&iso=1
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ Frame 6F5F 50 B
318 B 397ms
143ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=inanamiyorumhalaburdasin.cloud&_ss=3dmo43ls83&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=6ga3&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fwatch%2Fbein1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f0f761b429cae9f2fc3b13a959e973a48f5acd4b8606a3ab02468fd2a0760300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 03:24:45 GMT
X-T: 0.155
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 21 Nov 2021 03:24:44 GMT

GET
H2 200 / Show response
dtsedge.com/ping/ Frame 6F5F 0
582 B 250ms
140ms Script
application/javascript 2606:4700:3033::ac43:bd2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=0&d=inanamiyorumhalaburdasin.cloud
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fsayac.html&j=http%3A%2F%2Finanamiyorumhalaburdasin.cloud%2Ffutbolcafe%2Fwatch%2Fbein1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bd2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
x-t: 0.5
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b16ce906c70dfcf-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTCZ3CQPnJr%2F%2B9E%2Bt1EKxsZBWWsW1UQo7kxRznUDr1N21BUrckY8cMCW4oi%2F6ukHQPXPTRXq3shTLZVBUakiA4f4MsIJeCN2ALIXW20JZKivGs3yxoWLtFhcIEHsTB%2F2EpG%2BTfOzKrhr6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 133ms
133ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1637465084212&dn=TC&iso=0
Requested by: Host: www.salesalevia.com
URL: http://www.salesalevia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.salesalevia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ Frame F7B5 0
227 B 135ms
135ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1637465084214&dn=TC&iso=1
Requested by: Host: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:24:45 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: git.player25.xyz
URL: http://git.player25.xyz/watch/bein1.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/watch/bein1.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/watch/bein1.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/watch/ch7.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: inanamiyorumhalaburdasin.cloud
URL: http://inanamiyorumhalaburdasin.cloud/futbolcafe/watch/bein1.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/watch/yurop10.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: git.player25.xyz
URL: http://git.player25.xyz/kutular/72890celta.html

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.salesalevia.com/	1970-01-20 08:19:53	Name: __atuvc Value: 1%7C47
www.salesalevia.com/	1970-01-19 22:51:06	Name: __atuvs Value: 6199bbfa7616e29b000
.dtscout.com/	1970-01-20 01:15:05	Name: df Value: 1637465083
.addthis.com/	1970-01-20 08:19:53	Name: uvc Value: 1%7C47
.salesalevia.com/	1970-01-20 16:22:17	Name: _ga Value: GA1.2.672855660.1637465084
.salesalevia.com/	1970-01-19 22:52:31	Name: _gid Value: GA1.2.726406420.1637465084
.salesalevia.com/	1970-01-19 22:51:05	Name: _gat_blogger Value: 1
.addthis.com/	1970-01-20 08:19:53	Name: loc Value: MDAwMDBFVURFQlkyMjkxMTkwODAwNTAwMDBDSA==
.dtscout.com/	1970-01-19 22:51:10	Name: m Value: 2
.dtscout.com/	1970-01-19 22:51:23	Name: b Value: 2
.dtscout.com/	1970-01-19 22:51:19	Name: oa Value: 2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.salesalevia.com/(Line 794) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://git.player25.xyz/pop-supertotobet.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.salesalevia.com/(Line 794) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://git.player25.xyz/pop-supertotobet.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ajax.googleapis.com
api-public.addthis.com
cdn.jsdelivr.net
cdn.rawgit.com
cdn.tynt.com
code.jquery.com
de.tynt.com
dtsedge.com
fonts.googleapis.com
fonts.gstatic.com
git.player25.xyz
ic.tynt.com
inanamiyorumhalaburdasin.cloud
jwpsrv.com
m.addthis.com
maxcdn.bootstrapcdn.com
mynewcbdoil.com
resources.blogblog.com
s7.addthis.com
stackpath.bootstrapcdn.com
t.dtscout.com
upload.ink
v1.addthisedge.com
waust.at
whos.amung.us
widgets.amung.us
widgets.pinterest.com
www.blogger.com
www.cialistrxonline.com
www.google-analytics.com
www.googletagmanager.com
www.salesalevia.com
www.xlviagragen.com
z.moatads.com
git.player25.xyz
inanamiyorumhalaburdasin.cloud
s7.addthis.com
104.18.28.199
104.75.88.126
151.101.0.84
158.69.139.225
18.66.138.160
2.18.235.40
2001:4de0:ac18::1:a:2b
2606:4700:10::ac43:88d
2606:4700:20::ac43:4670
2606:4700:20::ac43:4739
2606:4700:3031::ac43:dfb4
2606:4700:3033::ac43:bd2c
2606:4700:3033::ac43:befc
2606:4700:3033::ac43:c38c
2606:4700:3034::ac43:b778
2606:4700:3034::ac43:cf02
2606:4700:3036::6815:4ad0
2606:4700::6810:5814
2606:4700::6812:bcf
2a00:1450:4001:810::2009
2a00:1450:4001:811::200a
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
67.202.105.31
67.202.105.33
67.202.114.214
89.187.169.47
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04f891b7d98464c28abdd92238f06f02d6cb2ef4e31b5507d1a919da0a1a85cb
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0c649e281c6fac1b22f773bbbaaec51fae3f89c4f0654fc4545c4ed5d362f896
0e551b8a74350d69660f801c30d9e262da2107ed6c2b5819d11ab322f562382f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
133e13c382aab95cbd5c7c1ec3c13ffebf59fa7f616ffa4e8714013d224e6178
17ec67c9a9588cc34a95dd7e8a775c6a1c800b31736db27c25620711972a0782
198ca1f70bee65ca04dba3845ebea8110ef3f06e7f907e5c5373b0f765c21d4a
1ae2437441801f6bcebc0ded46f6a031eb8acef8cc898f35c36f0536747d05b8
1c38f3f1f31d97b2df22ca64d8b6b9ceb472a1c679212e1953c60a738d340b0b
1c893e5b2e44d7f5addf320e63bc5dceb4707feadaf63ece90457354e1e20534
1e5a9739ea25bc97f07ed81cb8e681319ac7868f5cd718c064b8374c52dd1261
20a41052830e544178c2064d309d07956759b0716daa85b4c83f7b49927c6757
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
279545998a5f2a1479b734ce3ea654f9f5838ec3ca1bf9902bc926e496d8474a
291d4a5613f03360fb3b8c02f67bb529f65118d1b4916ca2466901fe54a7abd9
2936f2b458305ba76d2cc0bbea050640bcb68a0c7adf470d024e8da0c4f9130d
2ce597d4fd3e43de0a57cc934f7b0ba5fed0c0dbbf2beb944b5e2cf0cccb4b2b
2e5dfe814f68522cfb149b158a14a9198cda710e06e83b694ba000706bd77ded
32f52e9a2e9d531909edbf07d33bf175a6ec34cdce894e665c06b276536d352e
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
37b98c3868451a3523a6f2a2ff240159431ce81bc8a1ab3ae3099ae7f4024b97
382892e335e915d4b7c1ff433c26289e17292b873ea613b5821d6710920a067e
3903a229aed5808e86a52d52b97eec5019022d43f659f06cfb275ba572d6dca5
3953670fc1df713d2df8c307ec2f5841f441bfa21858faf66ae6423d91a0c25d
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
461bfca3168213eb5c5606abc0b3da8b9d3cbd6b911881ba53ae7fc156cf13c5
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
48daed2d590f7df15cf306fcdb22d7ad42198248d8e655a5797dc96676cd95c3
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
55e2de957a26582c04a8e80d690fa81660ef18c68333bf9bb2df5b9ea0c26935
56bfbc4ecfacabd772d44178eb1d18ac31cbd544bb9cffcb6b40e6655579d6ab
586392b658f0bde1c5debe730b363c09e65f9381214a42c7b5815b277fd5c29f
5aa4b241dccb5ba65e9389e42d5563df983c7aeb3b6925845f969db930d08405
5b2f80cdd07d8b8ca1cd61bb834b08790f53765ae479a0605ff10d2081cadc69
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
62e8f98796b8a2acc807ca3fc300487b06af0ea5bfdf81139e1bc0ff0f6f9fda
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a33a36bee32f2c493ac85f0d43e51548e9059b69990a0d4098039c31a3efd5e
6ec92f019a7b82f09471a1a379d7e084b7ba92a10a484d022165468dee28e68f
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
72d9e3d5d782d57d79c14904df8f40eebc208f38037118cd65b6e04211897e22
759480b2f227addad5e9d11082e2195349947f836edb05064c2b7c977f58b54f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
81624e91d2552c17ce5b56a62626870c11ef9b3906d1347ea8bce6bf78e0611a
832f92edfa65c94575b1ee0f4228acc37dbbd2b0979afb6f1501f25729f1ce94
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
87beaad6dece395dc3d1de4b99d898da291343101b41b713f1e3228c4ff1ffab
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
8b9da643d9b2d6e55eee6061d809218d9c9b7fe07f8a2ce1d2f6ae9aa7a3eadc
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
91075b6d1bd3792249a3a38e9db4511752c9fe78115fe0268b2726303461516c
95cd38d20b81bfd7c70c30aaff5b268cdac4b9b800dc5408d547b9845815cc42
98b176b4d57dc93668f0b6ba94c78b7b3136a5a8d1c63da996b1effce51abe90
98e5c1728a1d14e57222728540ed91e631fff42a0fb4ea5a8e006a4deb4d1ffd
9a2a419ec60923321c94d3123aa6d559ad266f638962ec9cbefaa685ffa100ee
9b7f9b994c86ded0420d16df91e573b307fde94689f403aefca1228c4c9d281e
9bc3f3d252e4aadba73d16c4e2419b136b22ff28a24b4b4242059043c86f2e50
9ce4be5193a50696699c89afa1a818ea2c1f8cb1bfb9748209b98b294c146554
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a08a02dcd9ffae68ebb65b4a3735759aee3a370b0daffbed715699a971de7bdb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33a72bb693a439fd43c49560204b82692ac53260c87bd037aad2199d2725cf1
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b3872c52b565efdbbc31ff2591d0db208aafd18f218e70cf89a539940895c2b4
b49c5537630559661551610408ec0d7d011ea8921ab03a26b6e01babfe39ff70
b88b796487e1c934163f390d8e9e6d25e418627c86f49093c6a9a988c555965f
c10e1020969aed48852d8382434fe329233d09317e4e2ac7047492b85387f8bd
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
c87e4ecf19580bd39b34b63f23a14bb506feddbc824d6648b238bf746cd8a874
c891f4ef6d0aaff2d742f0f06365e862d2fd200730b73e66888fe978c656fe0b
c93efc9f61620f152f69f2db294b4e3653f70935208e582f3921a910f33e42ef
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0588a70f16b48a0af2db9c2dd9e4ab24ceb9b93247f5e81f4d1d684557b29db
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d489db5a5673d5c2fc4b1bfc1c363611a121603f4fc0a565423296e4ece226f4
d948e974d411d4184fd8f4e987e8e3b5c8e39c1732b65caae3091f36122954d7
d9d622b86d8469f47f57cc198a2a6e6b8a60196f9ad80fdece59a8a9b7e5d963
da163169dbf8c6ac7fe21e579fa8c0f029f090ffc269c6f0437c94f7ef91afe0
dd5a3050f58ca2c052f38fa7bafa204b7285c0ad72cf897f1632784b5a0c41d6
df40dbf7831bf73832151d295ad75602dfa2ae5303d0441266bd9553a325374b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e9280f67ebd600d854464a00a40615185785f16a4555a5897c1f7c03ad9d9c
e4b9cc800225db12571ad82bc0976e528fe7adef9c30f0c5b97ad7f397fbe945
e7f73085c61256a54d3a15af8c6e0dda1b825e4adc550a1b40af13269e5fb02b
e85f34c37f945a47e28a7fd7adda49abeddb9b82b02f38cc6cb88dfe5cc6e543
e8c53c446b9bc6b8e75da22cb9b3d10dce850ba83cb5a92be5359fb0e16becef
e8d8a6a37b6d395ef7370ed88a55ddf9431098b66f0c4e084e44576f78467e26
eae06c600d14fd7377458ef747543e9309197128b9b9cae9548e08598383b1e7
eb0e13d9c01d5e20173fd5bd580f33102a5aa448ddef63486841d145e719841d
eccc4573e3eeca3faac388dcc74f62af0bb5968afafaaad650d0d9238479d6bc
f0f761b429cae9f2fc3b13a959e973a48f5acd4b8606a3ab02468fd2a0760300
f48b59a1640f4aca9db88b921426d81b03eee4621c977fce76f5e075ba2f1ce2
f97d2efd173703c604161b16d5c7d933ae98fcbe03242c47395c2c22573a9155
fc449362296a58b006b499ab3a3eb8330a6afc2318c9549641c30260a509f86f
fe1e40d498bdbda0d52582ce4dccf3c456d2b423acce70b5941d300f8a263617
fe3e09f52041e4c00c3ce2d531d4bbd78a3a13047013f63692b80dbe97939905
ff598484d32ac8e952b42fc96f5cc18f64b328d24ba3796fa4d5dff86a3f2341

www.salesalevia.com Open in urlscan Pro 2606:4700:3034::ac43:cf02 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

165 Requests

57 %HTTPS

67 %IPv6

28 Domains

38 Subdomains

26 IPs

5 Countries

30037 kBTransfer

31744 kBSize

11 Cookies

6 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

www.salesalevia.com Open in urlscan Pro
2606:4700:3034::ac43:cf02 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

57 %
HTTPS

67 %
IPv6

28
Domains

38
Subdomains

26
IPs

5
Countries

30037 kB
Transfer

31744 kB
Size

11
Cookies

165 HTTP transactions
2 data transactions