www.bedavats3.com Open in urlscan Pro
164.132.216.252 Public Scan

URL:
http://www.bedavats3.com/
Submission: On May 19 via manual (May 19th 2017, 6:34:06 pm UTC) from TR

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 37 HTTP transactions. The main IP is 164.132.216.252, located in France and belongs to OVH, FR. The main domain is www.bedavats3.com.

This is the only time www.bedavats3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	164.132.216.252 164.132.216.252	16276 (OVH) (OVH)
9	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2400:cb00:204... 2400:cb00:2048:1::6818:1746	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	2a00:1450:401... 2a00:1450:401b:801::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2400:cb00:204... 2400:cb00:2048:1::6813:c266	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
2	198.232.124.196 198.232.124.196	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2400:cb00:204... 2400:cb00:2048:1::6818:1646	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
37	12

6 164.132.216.252 (France)

ASN16276 (OVH, FR)
PTR: h38cp1.hostazordns.com

www.bedavats3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6818:1746 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

formden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:801::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6813:c266 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.232.124.196 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, DE)
PTR: 196-124-232-198.static.unitasglobal.net

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6818:1646 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

formden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com	118 KB
6	bedavats3.com www.bedavats3.com	435 KB
3	formden.com formden.com	90 KB
2	google-analytics.com www.google-analytics.com	12 KB
2	fontawesome.com use.fontawesome.com	8 KB
2	cloudflare.com cdnjs.cloudflare.com	8 KB
1	facebook.com www.facebook.com staticxx.facebook.com Failed	66 B
1	facebook.net connect.facebook.net	62 KB
1	gstatic.com www.gstatic.com	71 KB
1	google.com www.google.com	412 B
0	doubleclick.net Failed googleads.g.doubleclick.net Failed
37	11

	Domain	Requested by
9	pagead2.googlesyndication.com	www.bedavats3.com pagead2.googlesyndication.com
6	www.bedavats3.com	www.bedavats3.com
3	formden.com	www.bedavats3.com
2	www.google-analytics.com	www.bedavats3.com
2	use.fontawesome.com	www.bedavats3.com
2	cdnjs.cloudflare.com	www.bedavats3.com
1	www.facebook.com	www.bedavats3.com
1	connect.facebook.net	www.bedavats3.com
1	www.gstatic.com	www.google.com
1	www.google.com	www.bedavats3.com www.gstatic.com
0	staticxx.facebook.com Failed	connect.facebook.net
0	googleads.g.doubleclick.net Failed	pagead2.googlesyndication.com
37	12

This site contains no links.

Subject Issuer	Validity	Valid
ssl379707.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-05-13` - `2017-11-19`	6 months	crt.sh
www.google.com Google Internet Authority G2	`2017-05-16` - `2017-08-08`	3 months	crt.sh
fontawesome.com DigiCert SHA2 Secure Server CA	`2016-04-11` - `2017-06-15`	a year	crt.sh
*.google.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.googleusercontent.com Google Internet Authority G2	`2017-05-16` - `2017-08-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh

This page contains 15 frames:

Primary Page: http://www.bedavats3.com/
Frame ID: 21391.1
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170517/r20170110/zrt_lookup.html
Frame ID: 21391.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js
Frame ID: 21391.2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?k=6LekyR0TAAAAABl0DqkUuy8Oo1y4sOHawywuSrju&co=aHR0cDovL3d3dy5iZWRhdmF0czMuY29tOjgw&hl=en&v=r20170515161201&size=normal&cb=17uthwfl0ad7
Frame ID: 21391.8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4446597163846337&format=370x280&output=html&h=280&slotname=6319663209&adk=3739050835&adf=2289084161&w=370&afmt=auto&lmt=1495218808&rafmt=1&flash=25.0.0&url=http%3A%2F%2Fwww.bedavats3.com%2F&resp_fmts=3&wgl=1&dt=1495218808082&bpp=10&bdt=210&fdt=14&idt=147&shv=r20170517&cbv=r20170110&saldr=aa&correlator=4443263523956&frm=20&ga_vid=2773798.1495218808&ga_sid=1495218808&ga_hid=75980089&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&adx=15&ady=218&biw=1598&bih=1132&abxe=1&eid=10593695%2C575144605%2C25070001&oid=3&rx=0&eae=0&fc=784&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=1&xpc=mMgLwFgccz&p=http%3A//www.bedavats3.com&dtd=170
Frame ID: 21391.9
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js
Frame ID: 21391.4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4446597163846337&format=707x60&output=html&h=60&slotname=6319663209&adk=1964496722&adf=3096550679&w=707&afmt=auto&lmt=1495218808&rafmt=1&flash=25.0.0&url=http%3A%2F%2Fwww.bedavats3.com%2F&resp_fmts=3&wgl=1&dt=1495218808096&bpp=10&bdt=224&fdt=191&idt=211&shv=r20170517&cbv=r20170110&saldr=aa&prev_fmts=370x280&correlator=4443263523956&frm=20&ga_vid=2773798.1495218808&ga_sid=1495218808&ga_hid=75980089&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&adx=446&ady=703&biw=1598&bih=1132&abxe=1&eid=10593695%2C575144605%2C25070001&oid=3&rx=0&eae=0&fc=784&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=2&xpc=ItJiLCzKmo&p=http%3A//www.bedavats3.com&dtd=227
Frame ID: 21391.10
Requests: 1 HTTP requests in this frame

Frame: http://staticxx.facebook.com/connect/xd_arbiter/r/0F7S7QWJ0Ac.js?version=42
Frame ID: 21391.11
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/0F7S7QWJ0Ac.js?version=42
Frame ID: 21391.12
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js
Frame ID: 21391.5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4446597163846337&format=370x280&output=html&h=280&slotname=6319663209&adk=3739050835&adf=2725240395&w=370&afmt=auto&lmt=1495218808&rafmt=1&flash=25.0.0&url=http%3A%2F%2Fwww.bedavats3.com%2F&resp_fmts=3&wgl=1&dt=1495218808106&bpp=5&bdt=234&fdt=234&idt=236&shv=r20170517&cbv=r20170110&saldr=aa&prev_fmts=370x280%2C707x60&correlator=4443263523956&frm=20&ga_vid=2773798.1495218808&ga_sid=1495218808&ga_hid=75980089&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&adx=1214&ady=198&biw=1598&bih=1132&abxe=1&eid=10593695%2C575144605%2C25070001&oid=3&rx=0&eae=0&fc=784&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&xpc=1LGFGs8QgR&p=http%3A//www.bedavats3.com&dtd=245
Frame ID: 21391.13
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js
Frame ID: 21391.6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4446597163846337&format=1200x90&output=html&h=90&slotname=6319663209&adk=1641478385&adf=2653041513&w=1200&afmt=auto&lmt=1495218808&rafmt=1&flash=25.0.0&url=http%3A%2F%2Fwww.bedavats3.com%2F&resp_fmts=3&wgl=1&dt=1495218808111&bpp=4&bdt=239&fdt=259&idt=263&shv=r20170517&cbv=r20170110&saldr=aa&prev_fmts=370x280%2C707x60%2C370x280&correlator=4443263523956&frm=20&ga_vid=2773798.1495218808&ga_sid=1495218808&ga_hid=75980089&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&adx=199&ady=927&biw=1598&bih=1132&abxe=1&eid=10593695%2C575144605%2C25070001&oid=3&rx=0&eae=0&fc=784&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=4&xpc=jAziywWG35&p=http%3A//www.bedavats3.com&dtd=269
Frame ID: 21391.14
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js
Frame ID: 21391.7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=r20170515161201&k=6LekyR0TAAAAABl0DqkUuy8Oo1y4sOHawywuSrju
Frame ID: 21391.15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

37
Requests

35 %
HTTPS

82 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

803 kB
Transfer

2283 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.bedavats3.com/ 16 KB
6 KB 1315ms
402ms Document
text/html 164.132.216.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bedavats3.com/
Protocol: HTTP/1.1
Server: 164.132.216.252 , France, ASN16276 (OVH, FR),
Reverse DNS: h38cp1.hostazordns.com
Software: / PHP/5.6.30
Resource Hash: 065a77d0420a178815151a06f1673756f8991cb085175068f9a868bd8fbf1d5e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.bedavats3.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2017 18:33:27 GMT
Content-Encoding: gzip
X-Powered-By: PHP/5.6.30
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9qteb4ivpuccupqvro04mdhej7; path=/
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Accept-Ranges: bytes
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap.min.css
www.bedavats3.com/css/ 121 KB
121 KB 36ms
17ms Stylesheet
text/css 164.132.216.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bedavats3.com/css/bootstrap.min.css
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: HTTP/1.1
Server: 164.132.216.252 , France, ASN16276 (OVH, FR),
Reverse DNS: h38cp1.hostazordns.com
Software: /
Resource Hash: f9c07945d147d270f9d51d7f82f436b7c47c30bb575facd3c6f79dcb2d4fb26f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.bedavats3.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.bedavats3.com/
Cookie: PHPSESSID=9qteb4ivpuccupqvro04mdhej7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 18:33:27 GMT
Last-Modified: Tue, 31 Jan 2017 18:19:40 GMT
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 123475
Expires: Fri, 26 May 2017 18:33:27 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.bedavats3.com/js/ 85 KB
85 KB 36ms
18ms Script
text/javascript 164.132.216.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bedavats3.com/js/jquery.min.js
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: HTTP/1.1
Server: 164.132.216.252 , France, ASN16276 (OVH, FR),
Reverse DNS: h38cp1.hostazordns.com
Software: /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.bedavats3.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Cookie: PHPSESSID=9qteb4ivpuccupqvro04mdhej7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 18:33:27 GMT
Last-Modified: Sun, 15 Jan 2017 17:16:22 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 86709
Content-Type: text/javascript

GET
H/1.1 200
OK bootstrap.min.js Show response
www.bedavats3.com/js/ 36 KB
36 KB 36ms
18ms Script
text/javascript 164.132.216.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bedavats3.com/js/bootstrap.min.js
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: HTTP/1.1
Server: 164.132.216.252 , France, ASN16276 (OVH, FR),
Reverse DNS: h38cp1.hostazordns.com
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.bedavats3.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Cookie: PHPSESSID=9qteb4ivpuccupqvro04mdhej7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 18:33:27 GMT
Last-Modified: Sun, 15 Jan 2017 17:16:41 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 37045
Content-Type: text/javascript

GET
H/1.1 200
OK 113608e34e.js Show response
www.bedavats3.com/js/ 9 KB
9 KB 36ms
18ms Script
text/javascript 164.132.216.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bedavats3.com/js/113608e34e.js
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: HTTP/1.1
Server: 164.132.216.252 , France, ASN16276 (OVH, FR),
Reverse DNS: h38cp1.hostazordns.com
Software: /
Resource Hash: dd3b3197441d133ca9743495cd2989bb34f1b003669f3db7b8237b9ead9a93e0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.bedavats3.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Cookie: PHPSESSID=9qteb4ivpuccupqvro04mdhej7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 18:33:27 GMT
Last-Modified: Sun, 15 Jan 2017 17:17:05 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 9538
Content-Type: text/javascript

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 54 KB
20 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bedavats3.com
URL: http://www.bedavats3.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

4b140980af81813135e39e3a659a3de62a38f37aa4f9407aadd6c929781cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 17:49:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2620
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 18103929667667790240
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 20671
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2017 18:49:48 GMT

GET
H/1.1 200
OK 19mayis.png
www.bedavats3.com/img/ 178 KB
178 KB 17ms
16ms Image
image/png 164.132.216.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bedavats3.com/img/19mayis.png
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: HTTP/1.1
Server: 164.132.216.252 , France, ASN16276 (OVH, FR),
Reverse DNS: h38cp1.hostazordns.com
Software: /
Resource Hash: 0b48e87714387aeb1fce1318f99e678b526e2448f5ea67dacb7e359ae2144748

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.bedavats3.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.bedavats3.com/
Cookie: PHPSESSID=9qteb4ivpuccupqvro04mdhej7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 18:33:27 GMT
Last-Modified: Thu, 18 May 2017 23:45:55 GMT
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 182278
Expires: Fri, 26 May 2017 18:33:27 GMT

GET
H2 200 bootstrap-iso.css
formden.com/static/cdn/ 173 KB
21 KB 95ms
17ms Stylesheet
text/css 2400:cb00:2048:1::6818:1746
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://formden.com/static/cdn/bootstrap-iso.css
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:1746 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: c09913c2b63b4c10d331d40d9f4a6902a1ab65abdb59006858795f5bc1fed69e

Request headers

:path: /static/cdn/bootstrap-iso.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: formden.com
referer: http://www.bedavats3.com/
:scheme: https
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Fri, 19 May 2017 18:33:27 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
content-length: 21895
last-modified: Fri, 25 Sep 2015 15:49:42 GMT
server: cloudflare-nginx
etag: "2b599-520944bcf8ae7-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
set-cookie: __cfduid=da0c48fec6bf93731688401b2e57685cb1495218807; expires=Sat, 19-May-18 18:33:27 GMT; path=/; domain=.formden.com; HttpOnly
accept-ranges: bytes
cf-ray: 3619250db8ae64f3-FRA
expires: Fri, 19 May 2017 22:33:27 GMT

GET
H2 200 font-awesome.min.css
formden.com/static/cdn/font-awesome/4.4.0/css/ 26 KB
6 KB 89ms
12ms Stylesheet
text/css 2400:cb00:2048:1::6818:1746
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://formden.com/static/cdn/font-awesome/4.4.0/css/font-awesome.min.css
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:1746 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

:path: /static/cdn/font-awesome/4.4.0/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: formden.com
referer: http://www.bedavats3.com/
:scheme: https
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Fri, 19 May 2017 18:33:27 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
content-length: 6081
last-modified: Fri, 25 Sep 2015 15:49:42 GMT
server: cloudflare-nginx
etag: "6857-520944bcfaa27-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
set-cookie: __cfduid=da0c48fec6bf93731688401b2e57685cb1495218807; expires=Sat, 19-May-18 18:33:27 GMT; path=/; domain=.formden.com; HttpOnly
accept-ranges: bytes
cf-ray: 3619250db8af64f3-FRA
expires: Fri, 19 May 2017 22:33:27 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 697 B
412 B 88ms
47ms Script
text/javascript 2a00:1450:401b:801::2004
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.bedavats3.com
URL: http://www.bedavats3.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:801::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

GSE /

Resource Hash

51f38b8a759d6b5297fc00cdc4d9ce442caa2734ec765b59010320ba6aa59587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /recaptcha/api.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google.com
referer: http://www.bedavats3.com/
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Fri, 19 May 2017 18:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 403
x-xss-protection: 1; mode=block
expires: Fri, 19 May 2017 18:33:28 GMT

GET
H/1.1 200
OK cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 14ms
7ms Stylesheet
text/css 2400:cb00:2048:1::6813:c266
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cdnjs.cloudflare.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 18:33:27 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 21 Nov 2016 19:02:34 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 3619250d406e6511-FRA
Expires: Wed, 09 May 2018 18:33:27 GMT

GET
H/1.1 200
OK cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 7ms
7ms Script
application/javascript 2400:cb00:2048:1::6813:c266
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cdnjs.cloudflare.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 18:33:28 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 21 Nov 2016 19:02:34 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 3619250e311d6511-FRA
Expires: Wed, 09 May 2018 18:33:28 GMT

GET
H2 200 113608e34e.css
use.fontawesome.com/ 1 KB
389 B 22ms
5ms Stylesheet
text/css 198.232.124.196
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/113608e34e.css
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/js/113608e34e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.232.124.196 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: 196-124-232-198.static.unitasglobal.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8428cb358ab2732e8e44ca79947cf3738454897eb8132ad9b3b291c0077794a8

Request headers

:path: /113608e34e.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: use.fontawesome.com
referer: http://www.bedavats3.com/
:scheme: https
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Fri, 19 May 2017 18:33:28 GMT
content-encoding: gzip
last-modified: Sun, 01 Jan 2017 19:23:41 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 199333BD21DDF707
etag: W/"d2afbb60b11b008c9e04ebcb961cfb7d"
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: 0ThocwJUKXIyqrmCCNfQ7S0WhP06W4oCjN0DUkSVAuh+AvJTk7m9p2WAc7fhs+624lC3EjJn+LE=

GET
H2 200 fontawesome-webfont.woff2
formden.com/static/cdn/font-awesome/4.4.0/fonts/ 63 KB
63 KB 38ms
19ms Font
application/octet-stream 2400:cb00:2048:1::6818:1646
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://formden.com/static/cdn/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:1646 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

:path: /static/cdn/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
pragma: no-cache
origin: http://www.bedavats3.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: formden.com
referer: https://formden.com/static/cdn/font-awesome/4.4.0/css/font-awesome.min.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://formden.com/static/cdn/font-awesome/4.4.0/css/font-awesome.min.css
Origin: http://www.bedavats3.com

Response headers

date: Fri, 19 May 2017 18:33:28 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Sep 2015 15:49:42 GMT
server: cloudflare-nginx
status: 200
etag: "fbd0-520944bcfe8a7"
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=14400
set-cookie: __cfduid=d0175ea6c28b20934be9a3a7697c356c41495218808; expires=Sat, 19-May-18 18:33:28 GMT; path=/; domain=.formden.com; HttpOnly
accept-ranges: bytes
cf-ray: 3619250e4f0126f6-FRA
content-length: 64464
expires: Fri, 19 May 2017 22:33:28 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
8 KB 7ms
7ms Stylesheet
text/css 198.232.124.196
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: www.bedavats3.com
URL: http://www.bedavats3.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.232.124.196 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS: 196-124-232-198.static.unitasglobal.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

:path: /releases/v4.7.0/css/font-awesome-css.min.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: use.fontawesome.com
referer: http://www.bedavats3.com/
:scheme: https
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Fri, 19 May 2017 18:33:28 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2016 17:21:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/r20170515161201/ 223 KB
71 KB 20ms
5ms Script
text/javascript 2a00:1450:4001:819::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/r20170515161201/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

d702f502abaf7f12973d8c3d91aa7fef8fbec38afdb60978f596380969955a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /recaptcha/api2/r20170515161201/recaptcha__en.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gstatic.com
referer: http://www.bedavats3.com/
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 17 May 2017 23:19:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 May 2017 23:45:00 GMT
server: sffe
age: 155667
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 72400
x-xss-protection: 1; mode=block
expires: Thu, 17 May 2018 23:19:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 29 KB
12 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:819::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bedavats3.com
URL: http://www.bedavats3.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: http://www.bedavats3.com/
:scheme: https
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2017 01:31:56 GMT
server: Golfe2
age: 4935
date: Fri, 19 May 2017 17:11:13 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 12267
expires: Fri, 19 May 2017 19:11:13 GMT

GET
H/1.1 200
OK sdk.js Show response
connect.facebook.net/tr_TR/ 200 KB
62 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

http://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: www.bedavats3.com
URL: http://www.bedavats3.com/

Protocol

HTTP/1.1

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4efd06d3ed05f139ad6413ceb33fff24da365c32d7941961ef14ddcd5519ae58

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self' .m-freeway.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com: .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: connect.facebook.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; preload; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-MD5: uaF4gJC1xPlfQ/daarDL8g==
Connection: keep-alive
Content-Length: 63031
X-XSS-Protection: 0
X-FB-Debug: n+okqW5nitNayxcN1/Lnia+ql2HkBTqBqQsu8ecSpCa0288wh3s7Z45Y1xiAlZDGwk0TDN+BlGK7Su50/UhxAw==
x-fb-content-md5: 768414cb86b7aefd421b5edf3a1f63aa
X-Frame-Options: DENY
Date: Fri, 19 May 2017 18:33:28 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Expose-Headers: X-FB-Content-MD5
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
ETag: "520c8dd318ecd4ebe2df7a7de69fa45c"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
Expires: Fri, 19 May 2017 18:48:03 GMT

GET
H2 200 ca-pub-4446597163846337.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
134 B 29ms
16ms Script
text/javascript 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-4446597163846337.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pub-config/r20160913/ca-pub-4446597163846337.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pagead2.googlesyndication.com
referer: http://www.bedavats3.com/
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Fri, 19 May 2017 18:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 May 2017 02:21:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sat, 20 May 2017 06:33:28 GMT

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170517/r20170110/ Frame 2139 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/ Frame 2139 188 KB
69 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

eaaaba7ae3fc74c78beec6df447aa22e8db56fa4b24626c17f186c3fd0e926a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 19 May 2017 18:33:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 12854953683552507108
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70939
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2017 18:33:28 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
44 B 15ms
14ms Image
image/gif 2a00:1450:4001:819::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j54&a=75980089&t=pageview&_s=1&dl=http%3A%2F%2Fwww.bedavats3.com%2F&ul=en-us&de=UTF-8&dt=Free%20Teamspeak%203%20Server%20%7C%20Bedava%20Teamspeak%203%20Server%20%3E%20Free%20Teamspeak%203%20Server&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=25.0%20r0&_u=IEBAAMABI~&jid=1182561228&gjid=466265198&cid=2773798.1495218808&tid=UA-76634523-1&_gid=1611306981.1495218808&_r=1&z=223541566

Requested by

Host: www.bedavats3.com
URL: http://www.bedavats3.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /r/collect?v=1&_v=j54&a=75980089&t=pageview&_s=1&dl=http%3A%2F%2Fwww.bedavats3.com%2F&ul=en-us&de=UTF-8&dt=Free%20Teamspeak%203%20Server%20%7C%20Bedava%20Teamspeak%203%20Server%20%3E%20Free%20Teamspeak%203%20Server&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=25.0%20r0&_u=IEBAAMABI~&jid=1182561228&gjid=466265198&cid=2773798.1495218808&tid=UA-76634523-1&_gid=1611306981.1495218808&_r=1&z=223541566
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: http://www.bedavats3.com/
:scheme: https
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2017 18:33:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET anchor
www.google.com/recaptcha/api2/ Frame 2139 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 2139 0
0

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2139 76 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

364399e83befa933080fd974b47985360858423e850ff0e8723fb05afb4c5591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/osd.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pagead2.googlesyndication.com
referer: http://www.bedavats3.com/
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Fri, 19 May 2017 17:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 29178
x-xss-protection: 1; mode=block
server: cafe
etag: 5417440459889212114
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 19 May 2017 18:48:21 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/ Frame 2139 188 KB
0 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

eaaaba7ae3fc74c78beec6df447aa22e8db56fa4b24626c17f186c3fd0e926a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Fri, 19 May 2017 18:33:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 12854953683552507108
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70939
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2017 18:33:28 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 2139 0
0

GET
H2 200 /
www.facebook.com/impression.php/f3c92abe0a20bc/ 43 B
66 B 206ms
191ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/impression.php/f3c92abe0a20bc/?api_key=281505671949161&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D

Requested by

Host: www.bedavats3.com
URL: http://www.bedavats3.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self' .m-freeway.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com: .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /impression.php/f3c92abe0a20bc/?api_key=281505671949161&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: http://www.bedavats3.com/
:scheme: https
:method: GET
Referer: http://www.bedavats3.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
x-xss-protection: 0
pragma: no-cache
x-fb-debug: U1aq4veqnuoxNK6IfBWxUzF6HwdVhOtJ+hepnhfDVtSZP3R2BhwYDMJPhdikb8usXEMDvTROwfx75nAkfrlv1Q==
date: Fri, 19 May 2017 18:33:28 GMT
strict-transport-security: max-age=15552000; preload
public-key-pins-report-only: max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/"
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET 0F7S7QWJ0Ac.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 2139 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/ Frame 2139 188 KB
0 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

eaaaba7ae3fc74c78beec6df447aa22e8db56fa4b24626c17f186c3fd0e926a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Fri, 19 May 2017 18:33:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 12854953683552507108
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70939
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2017 18:33:28 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 2139 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/ Frame 2139 188 KB
0 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

eaaaba7ae3fc74c78beec6df447aa22e8db56fa4b24626c17f186c3fd0e926a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Fri, 19 May 2017 18:33:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 12854953683552507108
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70939
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2017 18:33:28 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 2139 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/ Frame 2139 188 KB
0 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

eaaaba7ae3fc74c78beec6df447aa22e8db56fa4b24626c17f186c3fd0e926a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: pagead2.googlesyndication.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.bedavats3.com/
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Fri, 19 May 2017 18:33:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 12854953683552507108
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70939
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2017 18:33:28 GMT

GET
H2 200 pla Show response
pagead2.googlesyndication.com/getconfig/ Frame 2139 19 B
48 B 33ms
15ms XHR
application/json 2a00:1450:4001:81d::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/pla?client=ca-pub-4446597163846337&plah=www.bedavats3.com&plat=1%3A36872%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C25%3A32768%2C26%3A32768&plas=4&prev_fmts=370x280%2C707x60%2C370x280%2C1200x90

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170517/r20170110/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

665860e38c2170e3cdd30e75eb01f935a34137a5273d308ebcc83888c7f940ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /getconfig/pla?client=ca-pub-4446597163846337&plah=www.bedavats3.com&plat=1%3A36872%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C25%3A32768%2C26%3A32768&plas=4&prev_fmts=370x280%2C707x60%2C370x280%2C1200x90
pragma: no-cache
origin: http://www.bedavats3.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: pagead2.googlesyndication.com
referer: http://www.bedavats3.com/
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: http://www.bedavats3.com/
Origin: http://www.bedavats3.com

Response headers

timing-allow-origin: *
date: Fri, 19 May 2017 18:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 39
x-xss-protection: 1; mode=block

GET bframe
www.google.com/recaptcha/api2/ Frame 2139 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20170517/r20170110/zrt_lookup.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?k=6LekyR0TAAAAABl0DqkUuy8Oo1y4sOHawywuSrju&co=aHR0cDovL3d3dy5iZWRhdmF0czMuY29tOjgw&hl=en&v=r20170515161201&size=normal&cb=17uthwfl0ad7

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4446597163846337&format=370x280&output=html&h=280&slotname=6319663209&adk=3739050835&adf=2289084161&w=370&afmt=auto&lmt=1495218808&rafmt=1&flash=25.0.0&url=http%3A%2F%2Fwww.bedavats3.com%2F&resp_fmts=3&wgl=1&dt=1495218808082&bpp=10&bdt=210&fdt=14&idt=147&shv=r20170517&cbv=r20170110&saldr=aa&correlator=4443263523956&frm=20&ga_vid=2773798.1495218808&ga_sid=1495218808&ga_hid=75980089&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&adx=15&ady=218&biw=1598&bih=1132&abxe=1&eid=10593695%2C575144605%2C25070001&oid=3&rx=0&eae=0&fc=784&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=1&xpc=mMgLwFgccz&p=http%3A//www.bedavats3.com&dtd=170

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4446597163846337&format=707x60&output=html&h=60&slotname=6319663209&adk=1964496722&adf=3096550679&w=707&afmt=auto&lmt=1495218808&rafmt=1&flash=25.0.0&url=http%3A%2F%2Fwww.bedavats3.com%2F&resp_fmts=3&wgl=1&dt=1495218808096&bpp=10&bdt=224&fdt=191&idt=211&shv=r20170517&cbv=r20170110&saldr=aa&prev_fmts=370x280&correlator=4443263523956&frm=20&ga_vid=2773798.1495218808&ga_sid=1495218808&ga_hid=75980089&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&adx=446&ady=703&biw=1598&bih=1132&abxe=1&eid=10593695%2C575144605%2C25070001&oid=3&rx=0&eae=0&fc=784&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=2&xpc=ItJiLCzKmo&p=http%3A//www.bedavats3.com&dtd=227

Domain: staticxx.facebook.com
URL: http://staticxx.facebook.com/connect/xd_arbiter/r/0F7S7QWJ0Ac.js?version=42

Domain: staticxx.facebook.com
URL: https://staticxx.facebook.com/connect/xd_arbiter/r/0F7S7QWJ0Ac.js?version=42

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4446597163846337&format=370x280&output=html&h=280&slotname=6319663209&adk=3739050835&adf=2725240395&w=370&afmt=auto&lmt=1495218808&rafmt=1&flash=25.0.0&url=http%3A%2F%2Fwww.bedavats3.com%2F&resp_fmts=3&wgl=1&dt=1495218808106&bpp=5&bdt=234&fdt=234&idt=236&shv=r20170517&cbv=r20170110&saldr=aa&prev_fmts=370x280%2C707x60&correlator=4443263523956&frm=20&ga_vid=2773798.1495218808&ga_sid=1495218808&ga_hid=75980089&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&adx=1214&ady=198&biw=1598&bih=1132&abxe=1&eid=10593695%2C575144605%2C25070001&oid=3&rx=0&eae=0&fc=784&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&xpc=1LGFGs8QgR&p=http%3A//www.bedavats3.com&dtd=245

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4446597163846337&format=1200x90&output=html&h=90&slotname=6319663209&adk=1641478385&adf=2653041513&w=1200&afmt=auto&lmt=1495218808&rafmt=1&flash=25.0.0&url=http%3A%2F%2Fwww.bedavats3.com%2F&resp_fmts=3&wgl=1&dt=1495218808111&bpp=4&bdt=239&fdt=259&idt=263&shv=r20170517&cbv=r20170110&saldr=aa&prev_fmts=370x280%2C707x60%2C370x280&correlator=4443263523956&frm=20&ga_vid=2773798.1495218808&ga_sid=1495218808&ga_hid=75980089&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&adx=199&ady=927&biw=1598&bih=1132&abxe=1&eid=10593695%2C575144605%2C25070001&oid=3&rx=0&eae=0&fc=784&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=4&xpc=jAziywWG35&p=http%3A//www.bedavats3.com&dtd=269

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=r20170515161201&k=6LekyR0TAAAAABl0DqkUuy8Oo1y4sOHawywuSrju

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: http://www.bedavats3.com/js/jquery.min.js(Line 2) Message: jQuery.Deferred exception: $.throttle is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
formden.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
staticxx.facebook.com
use.fontawesome.com
www.bedavats3.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
googleads.g.doubleclick.net
staticxx.facebook.com
www.google.com
164.132.216.252
198.232.124.196
2400:cb00:2048:1::6813:c266
2400:cb00:2048:1::6818:1646
2400:cb00:2048:1::6818:1746
2a00:1450:4001:819::2003
2a00:1450:4001:819::200e
2a00:1450:4001:81d::2002
2a00:1450:401b:801::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
065a77d0420a178815151a06f1673756f8991cb085175068f9a868bd8fbf1d5e
0b48e87714387aeb1fce1318f99e678b526e2448f5ea67dacb7e359ae2144748
364399e83befa933080fd974b47985360858423e850ff0e8723fb05afb4c5591
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4b140980af81813135e39e3a659a3de62a38f37aa4f9407aadd6c929781cd038
4efd06d3ed05f139ad6413ceb33fff24da365c32d7941961ef14ddcd5519ae58
51f38b8a759d6b5297fc00cdc4d9ce442caa2734ec765b59010320ba6aa59587
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
665860e38c2170e3cdd30e75eb01f935a34137a5273d308ebcc83888c7f940ec
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8428cb358ab2732e8e44ca79947cf3738454897eb8132ad9b3b291c0077794a8
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
c09913c2b63b4c10d331d40d9f4a6902a1ab65abdb59006858795f5bc1fed69e
d702f502abaf7f12973d8c3d91aa7fef8fbec38afdb60978f596380969955a8e
dd3b3197441d133ca9743495cd2989bb34f1b003669f3db7b8237b9ead9a93e0
e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9
eaaaba7ae3fc74c78beec6df447aa22e8db56fa4b24626c17f186c3fd0e926a3
f9c07945d147d270f9d51d7f82f436b7c47c30bb575facd3c6f79dcb2d4fb26f

www.bedavats3.com Open in urlscan Pro 164.132.216.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

37 Requests

35 %HTTPS

82 %IPv6

11 Domains

12 Subdomains

12 IPs

3 Countries

803 kBTransfer

2283 kBSize

0 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

www.bedavats3.com Open in urlscan Pro
164.132.216.252 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

35 %
HTTPS

82 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

803 kB
Transfer

2283 kB
Size

0
Cookies

37 HTTP transactions
0 data transactions