www.maledm.com Open in urlscan Pro
104.21.57.198 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.maledm.com/
Submission Tags: krdprod
Submission: On October 02 via api (October 2nd 2021, 7:55:04 am UTC) from JP — Scanned from DE

Summary HTTP 121 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 49 domains to perform 121 HTTP transactions. The main IP is 104.21.57.198, located in and belongs to CLOUDFLARENET, US. The main domain is www.maledm.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 1st 2021. Valid for: a year.

This is the only time www.maledm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.21.57.198 104.21.57.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.137 142.250.185.137	15169 (GOOGLE) (GOOGLE)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
15	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
7	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.26.4.7 104.26.4.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.42 69.16.175.42	33438 (HIGHWINDS2) (HIGHWINDS2)
1	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.255.62.195 172.255.62.195	36483 (GOSSAMERT...) (GOSSAMERTHREADS)
5	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	158.69.139.226 158.69.139.226	16276 (OVH) (OVH)
2	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST)
1	13.225.87.103 13.225.87.103	16509 (AMAZON-02) (AMAZON-02)
1	3.121.175.251 3.121.175.251	16509 (AMAZON-02) (AMAZON-02)
1	13.225.87.78 13.225.87.78	16509 (AMAZON-02) (AMAZON-02)
2	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	13.225.87.46 13.225.87.46	16509 (AMAZON-02) (AMAZON-02)
1	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.225.87.87 13.225.87.87	16509 (AMAZON-02) (AMAZON-02)
1	45.55.96.63 45.55.96.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 4	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
7	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	208.100.17.185 208.100.17.185	32748 (STEADFAST) (STEADFAST)
2 15	34.253.111.115 34.253.111.115	16509 (AMAZON-02) (AMAZON-02)
1	172.67.220.51 172.67.220.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	54.36.109.22 54.36.109.22	16276 (OVH) (OVH)
2 2	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
2 2	18.203.8.109 18.203.8.109	16509 (AMAZON-02) (AMAZON-02)
1	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
1	34.250.222.102 34.250.222.102	16509 (AMAZON-02) (AMAZON-02)
1 1	64.58.232.176 64.58.232.176	13649 (ASN-VINS) (ASN-VINS)
1	69.169.85.7 69.169.85.7	29838 (AMC) (AMC)
1 1	18.169.90.17 18.169.90.17	16509 (AMAZON-02) (AMAZON-02)
1	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.191.146 52.215.191.146	16509 (AMAZON-02) (AMAZON-02)
1 1	199.127.207.188 199.127.207.188	26120 (RHYTHMONE) (RHYTHMONE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	52.34.139.214 52.34.139.214	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
121	39

3 104.21.57.198 (None, )

ASN13335 (CLOUDFLARENET, US)

www.maledm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.137 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.7 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.255.62.195 (London, United Kingdom)

ASN36483 (GOSSAMERTHREADS, CA)

betnetmed.advertserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 158.69.139.226 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip226.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-103.fra2.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.175.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-78.fra2.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-46.fra2.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-87.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.96.63 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.63 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.185 (United States)

ASN32748 (STEADFAST, US)
PTR: ip185.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.253.111.115 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.220.51 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.109.22 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.8.109 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-8-109.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.222.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-222-102.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.7 (Cranford, United States)

ASN29838 (AMC, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.90.17 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-90-17.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.191.146 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-191-146.eu-west-1.compute.amazonaws.com

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.188 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt-secure.videohub.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.34.139.214 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-139-214.us-west-2.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	crwdcntrl.net 2 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	23 KB
15	blogspot.com 4.bp.blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com 3.bp.blogspot.com	142 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	8 KB
6	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com Failed	217 KB
5	gstatic.com fonts.gstatic.com	72 KB
4	id5-sync.com 4 redirects id5-sync.com	6 KB
4	bluekai.com 1 redirects tags.bluekai.com	1 KB
4	blogger.com www.blogger.com	185 KB
3	doubleclick.net 1 redirects cm.g.doubleclick.net	1 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	12 KB
3	dtscout.com t.dtscout.com	10 KB
3	maledm.com www.maledm.com	38 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	615 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	941 B
2	tidaltv.com 2 redirects sync.tidaltv.com	685 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 2 redirects pixel.tapad.com	913 B
2	turn.com 2 redirects d.turn.com	855 B
2	onaudience.com 2 redirects pixel.onaudience.com	716 B
2	pinterest.com widgets.pinterest.com	401 B
2	sharethis.com pd.sharethis.com sync.sharethis.com	255 B
2	google-analytics.com www.google-analytics.com	20 KB
2	advertserve.com betnetmed.advertserve.com	8 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	77 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	86 KB
1	mathtag.com 1 redirects sync.mathtag.com	615 B
1	videohub.tv 1 redirects dt-secure.videohub.tv	547 B
1	ml314.com ml314.com	422 B
1	agkn.com 1 redirects aa.agkn.com	333 B
1	mookie1.com ib.mookie1.com	990 B
1	ib-ibi.com 1 redirects global.ib-ibi.com	513 B
1	krxd.net beacon.krxd.net	337 B
1	taboola.com trc.taboola.com	238 B
1	adsrvr.org match.adsrvr.org	265 B
1	pubmatic.com image6.pubmatic.com	166 B
1	dtssrv.com a.dtssrv.com	556 B
1	dtscdn.com t.dtscdn.com	407 B
1	amung.us whos.amung.us	145 B
1	addthisedge.com v1.addthisedge.com	889 B
1	moatads.com z.moatads.com	1 KB
1	rawgit.com cdn.rawgit.com	2 KB
1	jquery.com code.jquery.com	33 KB
1	waust.at waust.at	7 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
0	hostiyi.cc Failed netsportv50.com.hostiyi.cc Failed
0	player25.xyz Failed git.player25.xyz Failed
121	49

	Domain	Requested by
9	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
7	ic.tynt.com	www.maledm.com
7	1.bp.blogspot.com	www.maledm.com
6	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net
5	fonts.gstatic.com	fonts.googleapis.com
4	id5-sync.com	4 redirects
4	tags.bluekai.com	1 redirects www.maledm.com bcp.crwdcntrl.net
4	4.bp.blogspot.com	www.maledm.com
4	www.blogger.com	www.maledm.com
3	cm.g.doubleclick.net	1 redirects bcp.crwdcntrl.net
3	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
3	t.dtscout.com	waust.at t.dtscout.com
3	s7.addthis.com	www.maledm.com s7.addthis.com
3	www.maledm.com	www.maledm.com cdn.rawgit.com
2	secure.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pm.w55c.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	dpm.demdex.net	2 redirects
2	loadm.exelator.com	1 redirects bcp.crwdcntrl.net
2	pixel.tapad.com	2 redirects
2	d.turn.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	widgets.pinterest.com	s7.addthis.com
2	api-public.addthis.com	s7.addthis.com
2	www.google-analytics.com	www.maledm.com www.google-analytics.com
2	betnetmed.advertserve.com	www.maledm.com betnetmed.advertserve.com
2	maxcdn.bootstrapcdn.com	www.maledm.com maxcdn.bootstrapcdn.com
2	3.bp.blogspot.com	www.maledm.com
2	2.bp.blogspot.com	www.maledm.com
1	sync.mathtag.com	1 redirects
1	dt-secure.videohub.tv	1 redirects
1	ml314.com	bcp.crwdcntrl.net
1	aa.agkn.com	1 redirects
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	trc.taboola.com	bcp.crwdcntrl.net
1	match.adsrvr.org	bcp.crwdcntrl.net
1	image6.pubmatic.com	bcp.crwdcntrl.net
1	a.dtssrv.com	t.dtscout.com
1	de.tynt.com	cdn.tynt.com
1	t.dtscdn.com	t.dtscout.com
1	cdn.tynt.com	waust.at
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	pd.sharethis.com	t.dtscout.com
1	get.s-onetag.com	t.dtscout.com
1	whos.amung.us	waust.at
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	fonts.googleapis.com	www.maledm.com
1	cdn.rawgit.com	www.maledm.com
1	code.jquery.com	www.maledm.com
1	waust.at	www.maledm.com
1	ajax.googleapis.com	www.maledm.com
0	px.surveywall-api.survata.com Failed	bcp.crwdcntrl.net
0	netsportv50.com.hostiyi.cc Failed	www.maledm.com
0	git.player25.xyz Failed	www.maledm.com
121	62

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
bozguncuiptv.com
www.blogger.com
www.hjyyzs.com
www.google.com.tr

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-01` - `2022-09-30`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
cdn.rawgit.com R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.advertserve.com Go Daddy Secure Certificate Authority - G2	`2021-03-02` - `2022-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
ib.mookie1.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-11-12`	2 years	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.maledm.com/
Frame ID: B107524D89FEE9AC90FD5AA91076FC36
Requests: 74 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/100050bahiscom.html
Frame ID: A84486DF0432DDCF8BCBA01485A397E0
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/72890bahiscom.html
Frame ID: D6DA54DC7C22941C6FCC8984888C8F96
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/100050ultraselcuk.html
Frame ID: 83071EF1FE29AF120F4C0342EFD5D4C8
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/100050tipobet.html
Frame ID: C3D6284061ADD3A618E6831498ACD3D9
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/100050setraselcuk.html
Frame ID: 87AEA1AC1D4F34E55AC8D0CA3A3D9145
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/72890ultraselcuk.html
Frame ID: D1A7AB2ABB931AACC92D5C404B75C2F2
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/72890tipo.html
Frame ID: 31C4FE0F3A59C183264446241BCBCE85
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/72890setraselcuk.html
Frame ID: 5A7D64E37470BBC835F2F5FAB8944CF4
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/seyret/bein1.html
Frame ID: 971A364636D6B7F856C59D9184C74A42
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/72890betkolikselcuk.html
Frame ID: 3BA57B0A03FD1C791CDD5CAD98867F51
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/izle/ch7.html
Frame ID: BA59BB3A5385726714C2EA7B7F0B866A
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/izle/yurop10.html
Frame ID: E1FE7FCC71D681DD0F878AA8B9AF1E6C
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/izle/bein3hd.html
Frame ID: E2450B969A1025838F9B93FF2E3C5DA4
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/120600bahiscom.html
Frame ID: BB1A6900092E5FA08A51CF9605979D29
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/120600bahiscom.html
Frame ID: 830DDAA931BCA094D562079CE934DB13
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/tablo7.html
Frame ID: A6531B0D2A3A901935C954B7FC9AF08B
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/300250restbet.html
Frame ID: 40D934DE3F297732B69DDD4224AB3FB7
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/300250saha.html
Frame ID: 458B6282BAF1AAAFA22B6910C42555E1
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/300250kolik.html
Frame ID: 069C4324440D2EA00112258E80DC1D86
Requests: 1 HTTP requests in this frame

Frame: https://git.player25.xyz/kutular/300250kolik.html
Frame ID: 4BC87064DCD150642938F7CCC89F5BE4
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2DFB585B14C15DBE85144589DFF807A1
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F814B834CBE8EFFF048AB210EDF21915
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001633161300EFEC23AD3632EC940C
Frame ID: B021159A768EAD55F802FBB93100EA0E
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 6E7B4F28B7C40D188219D29FC39A62F8
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 5976D36C27DA4E433E020AC7876ACCDA
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Selçuksports, Selçuk sports izle, selcuksportshd, selcuk sportFacebookTwitterPrintEmailPinterestAddThisFacebookTwitterPrintEmailAddThis

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AddThis (Widgets) Expand

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

121
Requests

79 %
HTTPS

0 %
IPv6

49
Domains

62
Subdomains

39
IPs

8
Countries

949 kB
Transfer

1846 kB
Size

62
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/ligtvmax1/
Title: 403

Search URL Search Domain Scan URL

URL: https://bozguncuiptv.com/
Title: iPTV Satın Al

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: http://www.hjyyzs.com/
Title: bein sports izle

Search URL Search Domain Scan URL

URL: https://www.google.com.tr/
Title: Google

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://git.player25.xyz/pop-tipobet.js HTTP 0
http://netsportv50.com.hostiyi.cc/futbolcafe/pop-tipobet.js

Request Chain 84

https://pixel.onaudience.com/?partner=137085098&mapped=6D001633161300EFEC23AD3632EC940C HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=1d40012c3f8e1136

Request Chain 99

https://id5-sync.com/s/19/9.gif?puid=2602f4332eaef9320dd0387147d26007&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=2602f4332eaef9320dd0387147d26007&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=c2e8b746771108d75a30dbe11656d231&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOyRsj4BQWh5Ffsmkl0xEj4ZEp5O6YuTiPoxnhIQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/7/3.gif?puid=8913705983582622197&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOyRsj4BQWh5Ffsmkl0xEj4ZEp5O6YuTiPoxnhIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjYwMmY0MzMyZWFlZjkzMjBkZDAzODcxNDdkMjYwMDc&google_redir={xENCODEDURL}&id5id=ID5-ZHMOyRsj4BQWh5Ffsmkl0xEj4ZEp5O6YuTiPoxnhIQ

Request Chain 102

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=2602f4332eaef9320dd0387147d26007&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=2602f4332eaef9320dd0387147d26007&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=907abe3c-1620-44b0-8881-ced55682f126

Request Chain 103

https://loadm.exelator.com/load/?p=204&g=260&buid=2602f4332eaef9320dd0387147d26007&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=260&buid=2602f4332eaef9320dd0387147d26007&j=0&xl8blockcheck=1

Request Chain 105

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=2602f4332eaef9320dd0387147d26007&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=2602f4332eaef9320dd0387147d26007&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=67093335059029225410562034516081828911

Request Chain 108

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=2602f4332eaef9320dd0387147d26007 HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=2602f4332eaef9320dd0387147d26007

Request Chain 109

https://aa.agkn.com/adscores/g.pixel?sid=9202276048 HTTP 302
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164861203927000070241

Request Chain 111

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=921e11fb-c7e0-4886-9ec4-4419feb54f3d?gdpr=1&gdpr_consent=

Request Chain 112

https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-54a1d90926312f6ffac05e2203d27464

Request Chain 113

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=c1376158-1056-4900-9561-60d8b29d32eb

Request Chain 114

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b54fadf9-36f7-4c24-9165-9930347633b7-61581056-5553

Request Chain 115

https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=j0yNGr9Q1MwzRl5

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YVgQVgAF96LhKgA6 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVgQVgAF96LhKgA6&_test=YVgQVgAF96LhKgA6

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

Request Chain 119

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/2602f4332eaef9320dd0387147d26007/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2572637708244963829

Request Chain 120

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=927381277%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D927381277%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=927381277/tpid=1522799204497746710/tp=ANXS

121 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.maledm.com/ 263 KB
34 KB 212ms
184ms Document
text/html 104.21.57.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.57.198 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7b118d3049b2b6d6a631419d5ed567ed368c2f0801a3d4a2a726f4d9ab2b58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.maledm.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 02 Oct 2021 07:54:59 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 02 Oct 2021 07:54:59 GMT
cache-control: private, max-age=0
last-modified: Fri, 01 Oct 2021 23:37:57 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rodn1jhzmJfoghIgyniYLTO%2F%2BYx2DTsCiTGOsU6IE%2FkExsokJ1%2BAKu8Mb9EvF26zE8PUrhfqC75UXosFKxM%2FsIpsIideb3BwsgFFah66oozkcSzIiqw3OSTgQt20eOJt%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697c5da93b286904-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1394523530-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
31 KB 54ms
9ms Stylesheet
text/css 142.250.185.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1394523530-widget_css_bundle.css

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f9.1e100.net

Software

sffe /

Resource Hash

71d3b53f5fc2d9ff983184f539a0c8b9991c31af89b3448ab7475c1ef94e6124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:43:25 GMT
x-content-type-options: nosniff
age: 144694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30801
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 15:50:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 30 Sep 2022 15:43:25 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
85 KB 35ms
11ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 10:52:13 GMT
x-content-type-options: nosniff
age: 594166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86351
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Sep 2022 10:52:13 GMT

GET pop-tipobet.js
git.player25.xyz/ 0
0

GET
H2 200 Screenshot%2B2020-06-27%2Bat%2B6.45.57%2BPM.png
4.bp.blogspot.com/-OIuT1adXAqg/Xvd4FW2vFDI/AAAAAAAADcg/4mG7DP0PCp0p8Ce7DdGvXb1lShwVfIwpQCLcBGAsYHQ/s1600/ 32 KB
32 KB 37ms
7ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-OIuT1adXAqg/Xvd4FW2vFDI/AAAAAAAADcg/4mG7DP0PCp0p8Ce7DdGvXb1lShwVfIwpQCLcBGAsYHQ/s1600/Screenshot%2B2020-06-27%2Bat%2B6.45.57%2BPM.png

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

94c8bee3297944a661cb284b40fc327bba42d8fe96c2a3fcafe77bba6cfb056b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:03:27 GMT
x-content-type-options: nosniff
age: 3092
content-disposition: inline;filename="Screenshot 2020-06-27 at 6.45.57 PM.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32565
x-xss-protection: 0
server: fife
etag: "vdc9"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 08:23:51 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 82ms
16ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 02 Oct 2021 07:54:59 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 boks.png
1.bp.blogspot.com/-Avwfz7fd85M/YI3iivnDp7I/AAAAAAAAHkQ/ifYtrHphYpkAQ4TPUlprvF3oHK72GeeQQCLcBGAsYHQ/s0/ 863 B
982 B 38ms
9ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Avwfz7fd85M/YI3iivnDp7I/AAAAAAAAHkQ/ifYtrHphYpkAQ4TPUlprvF3oHK72GeeQQCLcBGAsYHQ/s0/boks.png

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

bb606f4398b4913e5cf8c50c02e848fbe0ac648901acbe56f7e5ed2854c6fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 05:39:46 GMT
x-content-type-options: nosniff
age: 8113
content-disposition: inline;filename="boks.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
server: fife
etag: "v1e4b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 17:05:00 GMT

GET
H2 200 arrow-right-white.png
1.bp.blogspot.com/-gdpiGehbb7w/YI3ghKcOCUI/AAAAAAAAHkE/ARqVol2A46oA_imAbNyAVVgwt7bz7vlGACLcBGAsYHQ/s0/ 244 B
367 B 38ms
9ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-gdpiGehbb7w/YI3ghKcOCUI/AAAAAAAAHkE/ARqVol2A46oA_imAbNyAVVgwt7bz7vlGACLcBGAsYHQ/s0/arrow-right-white.png

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

ddfba7510cc3596b0c7d380a780e89cbf52e59681d2ec04ab9f49d6fb620a9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 05:39:46 GMT
x-content-type-options: nosniff
age: 8113
content-disposition: inline;filename="arrow-right-white.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
server: fife
etag: "v1e42"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 29 Aug 2021 12:40:52 GMT

GET
H2 200 futbol.png
1.bp.blogspot.com/-eAa-sepyNPs/YI3ijRJcQ9I/AAAAAAAAHkY/hLHkbeMtGeQrwxMN3QNM7KZYAN1EiRx9ACLcBGAsYHQ/s0/ 813 B
927 B 38ms
10ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-eAa-sepyNPs/YI3ijRJcQ9I/AAAAAAAAHkY/hLHkbeMtGeQrwxMN3QNM7KZYAN1EiRx9ACLcBGAsYHQ/s0/futbol.png

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

853627ca7115a7f573a25e1869a27a22cb1ed22f0cf5c84910a5d080c3ad63d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 04:54:10 GMT
x-content-type-options: nosniff
age: 10849
content-disposition: inline;filename="futbol.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 813
x-xss-protection: 0
server: fife
etag: "v1e4e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Sep 2021 07:27:05 GMT

GET
H2 200 basketbol.png
1.bp.blogspot.com/-h4TXXkyQp4Q/YI3iim3Wn9I/AAAAAAAAHkM/oS3ip8OnxyU32TaI5j_Xt7i8PJHJs4ngQCLcBGAsYHQ/s0/ 694 B
1 KB 37ms
9ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-h4TXXkyQp4Q/YI3iim3Wn9I/AAAAAAAAHkM/oS3ip8OnxyU32TaI5j_Xt7i8PJHJs4ngQCLcBGAsYHQ/s0/basketbol.png

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

042a78c15f12b148098c4f7dd5c9dbba0c1bed62d373480a747de7173c1c8fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 06:04:45 GMT
x-content-type-options: nosniff
age: 6614
content-disposition: inline;filename="basketbol.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 694
x-xss-protection: 0
server: fife
etag: "v1e4e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 01:51:44 GMT

GET
H2 200 Selcuk%20Sport%2BKalitesi%2BI%25CC%2587le%2BTanis%25CC%25A7manin%2BTam%2BZamani.jpeg
2.bp.blogspot.com/-YxKvtIeNmAI/WsOA2X87kSI/AAAAAAAACkA/3KS6L7vSgjMkaCJGqWon6-V0LbkZLFCBQCLcBGAs/s320/ 25 KB
26 KB 65ms
18ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-YxKvtIeNmAI/WsOA2X87kSI/AAAAAAAACkA/3KS6L7vSgjMkaCJGqWon6-V0LbkZLFCBQCLcBGAs/s320/Selcuk%20Sport%2BKalitesi%2BI%25CC%2587le%2BTanis%25CC%25A7manin%2BTam%2BZamani.jpeg

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

859bc0c9116da19b33d539bd2348ad1636385d7a25744f839004a43ab2ea5391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:53:47 GMT
x-content-type-options: nosniff
age: 72
content-disposition: inline;filename="Smartspor Kalitesi I_le Tanis_manin Tam Zamani.jpeg";filename*=UTF-8''Smartspor%20Kalitesi%20I%CC%87le%20Tanis%CC%A7manin%20Tam%20Zamani.jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25810
x-xss-protection: 0
server: fife
etag: "va42"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 08:23:51 GMT

GET
H2 200 S%25CC%25A7ampiyonluk%2BYaris%25CC%25A7ini%2BSelcuksportshd%2Bile%2BTakip%2BEdin.jpg
3.bp.blogspot.com/-UpwUA7QTpJY/WoFqatrCEnI/AAAAAAAAB-Q/WOW4d3OVO80zIdlIOOQmEWx-3D56r5dEwCLcBGAs/s320/ 20 KB
21 KB 36ms
8ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-UpwUA7QTpJY/WoFqatrCEnI/AAAAAAAAB-Q/WOW4d3OVO80zIdlIOOQmEWx-3D56r5dEwCLcBGAs/s320/S%25CC%25A7ampiyonluk%2BYaris%25CC%25A7ini%2BSelcuksportshd%2Bile%2BTakip%2BEdin.jpg

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

9a0ad23dd55f080b3fd01c4d95601e92cb2faac2c6527a95a0427cdfb62a51b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:53:47 GMT
x-content-type-options: nosniff
age: 72
content-disposition: inline;filename="S_ampiyonluk Yaris_ini Tivibuspor ile Takip Edin.jpg";filename*=UTF-8''S%CC%A7ampiyonluk%20Yaris%CC%A7ini%20Tivibuspor%20ile%20Takip%20Edin.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20758
x-xss-protection: 0
server: fife
etag: "v7e6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 26 Aug 2021 22:38:19 GMT

GET
H2 200 Galatasaray%2B-%2BHatayspor.jpeg
1.bp.blogspot.com/-qe_vQ81zRq8/X1AlXEmCfLI/AAAAAAAAAQA/9nNDKZaeNT4UrYrNpPuSD1tAwgJVCUmsgCLcBGAsYHQ/s320/ 18 KB
18 KB 15ms
10ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-qe_vQ81zRq8/X1AlXEmCfLI/AAAAAAAAAQA/9nNDKZaeNT4UrYrNpPuSD1tAwgJVCUmsgCLcBGAsYHQ/s320/Galatasaray%2B-%2BHatayspor.jpeg

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

84d26577a24a160877b0846cdc660de9fea04a02ef6b27ca803af76a99c43d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:53:47 GMT
x-content-type-options: nosniff
age: 72
content-disposition: inline;filename="Galatasaray - Hatayspor.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18598
x-xss-protection: 0
server: fife
etag: "v101"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Sep 2021 13:03:25 GMT

GET
H2 200 d.js Show response
waust.at/ 13 KB
7 KB 63ms
20ms Script
application/x-javascript 104.26.4.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:54:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3495
last-modified: Mon, 03 May 2021 17:48:32 GMT
server: cloudflare
etag: W/"60903770-3444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKG23mDwwXjmhKogMcNkVOQAmsGeT6wOt3xMt46rvY6L7Njs9O86fibAdopFghLIEl5svBbnrenO%2F7n0WdI35u6sm96Xv0J6sEhonlXVaQjl0GfM111wtQ83"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 697c5dac1facf9de-PRG
expires: Sun, 03 Oct 2021 06:56:44 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 31ms
10ms Script
application/javascript 69.16.175.42
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:54:59 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: W/"573f46fe-17b8b"
vary: Accept-Encoding
x-hw: 1633161299.dop238.fr8.t,1633161299.cds267.fr8.hn,1633161299.cds167.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 unlipage.js Show response
cdn.rawgit.com/Arlina-Design/redvision/master/ 4 KB
2 KB 87ms
51ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/Arlina-Design/redvision/master/unlipage.js

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

c93efc9f61620f152f69f2db294b4e3653f70935208e582f3921a910f33e42ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 09/10/2021 06:53:57
cdn-pullzone: 201235
server: BunnyCDN-DE1-756
rawgit-cache-status: MISS
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-robots-tag: none
vary: Accept-Encoding
sunset: Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: d0a651da8f47ad0fe0767a7de44214ed
content-type: application/javascript; charset=utf-8
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cookienotice.js Show response
www.maledm.com/js/ 6 KB
2 KB 16ms
14ms Script
text/javascript 104.21.57.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maledm.com/js/cookienotice.js

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.57.198 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.maledm.com
referer: https://www.maledm.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 51920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 16:51:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 697c5daba9226904-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Oct 2021 17:29:39 GMT

GET
H2 200 852648224-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 10ms
6ms Script
text/javascript 142.250.185.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/852648224-widgets.js

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f9.1e100.net

Software

sffe /

Resource Hash

cb6097215dfc8d9cdda76b92549683c85f836f06d7e7602d649a0aec59fa150d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 02:01:19 GMT
x-content-type-options: nosniff
age: 194020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157224
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 08:50:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 30 Sep 2022 02:01:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 41ms
16ms Stylesheet
text/css 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f10.1e100.net

Software

ESF /

Resource Hash

d9d622b86d8469f47f57cc198a2a6e6b8a60196f9ad80fdece59a8a9b7e5d963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 07:17:34 GMT
server: ESF
date: Sat, 02 Oct 2021 07:54:59 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 07:54:59 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ 28 KB
7 KB 41ms
15ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 718
age: 16647755
cdn-cachedat: 2021-03-11 11:58:37
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 739ff5317e853965944fd246789e3b16
cf-ray: 697c5dabdc1c699f-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK libcode3.js Show response
betnetmed.advertserve.com/js/ 25 KB
8 KB 93ms
19ms Script
text/javascript 172.255.62.195
GOSSAMERTHREADS

General

Check archive.org

Show headers Download Go to

Full URL: https://betnetmed.advertserve.com/js/libcode3.js
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.195 London, United Kingdom, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software: nginx /
Resource Hash: ccca0dba2f0d3225f8c05ff7e36c3897965d5a37f1d41318d99075c92f368383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:54:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2021 17:05:10 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Oct 2021 07:54:59 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 563ms
561ms Stylesheet
text/css 142.250.185.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6445711025509997513&zx=1d0da4f5-e3d1-40a7-9fc3-721218ac723d

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 02 Oct 2021 07:55:00 GMT
server: GSE
date: Sat, 02 Oct 2021 07:55:00 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

pop-tipobet.js
netsportv50.com.hostiyi.cc/futbolcafe/
Redirect Chain

https://git.player25.xyz/pop-tipobet.js
http://netsportv50.com.hostiyi.cc/futbolcafe/pop-tipobet.js

0
0

GET 100050bahiscom.html
git.player25.xyz/kutular/ Frame A844 0
0

GET 72890bahiscom.html
git.player25.xyz/kutular/ Frame D6DA 0
0

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/ 69 KB
70 KB 25ms
15ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/fontawesome-webfont.woff2?v=4.6.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Origin: https://www.maledm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:54:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 50630
cdn-cachedat: 2021-07-24 10:04:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70700
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2390f8cb13da6d9c127eb077c62dc57f
accept-ranges: bytes
cf-ray: 697c5dac290f4de2-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 36ms
8ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.maledm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 397642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Sep 2022 17:27:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 39ms
16ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.maledm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 228199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:31:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 34ms
13ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.maledm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:33:20 GMT
x-content-type-options: nosniff
age: 228099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:33:20 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 39ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:54:59 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=46441
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET 100050ultraselcuk.html
git.player25.xyz/kutular/ Frame 8307 0
0

GET 100050tipobet.html
git.player25.xyz/kutular/ Frame C3D6 0
0

GET 100050setraselcuk.html
git.player25.xyz/kutular/ Frame 87AE 0
0

GET 72890ultraselcuk.html
git.player25.xyz/kutular/ Frame D1A7 0
0

GET 72890tipo.html
git.player25.xyz/kutular/ Frame 31C4 0
0

GET 72890setraselcuk.html
git.player25.xyz/kutular/ Frame 5A7D 0
0

GET bein1.html
git.player25.xyz/seyret/ Frame 971A 0
0

GET 72890betkolikselcuk.html
git.player25.xyz/kutular/ Frame 3BA5 0
0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 21ms
7ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.maledm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:33:20 GMT
x-content-type-options: nosniff
age: 228099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:33:20 GMT

GET
H3 200 Selcuk%20Sport%2BKalitesi%2BI%25CC%2587le%2BTanis%25CC%25A7manin%2BTam%2BZamani.jpeg
2.bp.blogspot.com/-YxKvtIeNmAI/WsOA2X87kSI/AAAAAAAACkA/3KS6L7vSgjMkaCJGqWon6-V0LbkZLFCBQCLcBGAs/w200-h150-c/ 14 KB
14 KB 21ms
7ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-YxKvtIeNmAI/WsOA2X87kSI/AAAAAAAACkA/3KS6L7vSgjMkaCJGqWon6-V0LbkZLFCBQCLcBGAs/w200-h150-c/Selcuk%20Sport%2BKalitesi%2BI%25CC%2587le%2BTanis%25CC%25A7manin%2BTam%2BZamani.jpeg

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

78e5961dcbc54da9dcc6ac5ebc8706b623ccddb3569ed0bfa700da5f3a5bc305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:53:47 GMT
x-content-type-options: nosniff
age: 72
content-disposition: inline;filename="Smartspor Kalitesi I_le Tanis_manin Tam Zamani.jpeg";filename*=UTF-8''Smartspor%20Kalitesi%20I%CC%87le%20Tanis%CC%A7manin%20Tam%20Zamani.jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14687
x-xss-protection: 0
server: fife
etag: "va42"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Sep 2021 12:29:28 GMT

GET ch7.html
git.player25.xyz/izle/ Frame BA59 0
0

GET
H3 200 S%25CC%25A7ampiyonluk%2BYaris%25CC%25A7ini%2BSelcuksportshd%2Bile%2BTakip%2BEdin.jpg
3.bp.blogspot.com/-UpwUA7QTpJY/WoFqatrCEnI/AAAAAAAAB-Q/WOW4d3OVO80zIdlIOOQmEWx-3D56r5dEwCLcBGAs/w200-h150-c/ 13 KB
13 KB 8ms
7ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-UpwUA7QTpJY/WoFqatrCEnI/AAAAAAAAB-Q/WOW4d3OVO80zIdlIOOQmEWx-3D56r5dEwCLcBGAs/w200-h150-c/S%25CC%25A7ampiyonluk%2BYaris%25CC%25A7ini%2BSelcuksportshd%2Bile%2BTakip%2BEdin.jpg

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

95311ebb5de58163475e772c7fc9899fe5e84087a9ab61b5035eb366e52afa08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:53:47 GMT
x-content-type-options: nosniff
age: 72
content-disposition: inline;filename="S_ampiyonluk Yaris_ini Tivibuspor ile Takip Edin.jpg";filename*=UTF-8''S%CC%A7ampiyonluk%20Yaris%CC%A7ini%20Tivibuspor%20ile%20Takip%20Edin.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13229
x-xss-protection: 0
server: fife
etag: "v7e6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Sep 2021 04:59:58 GMT

GET yurop10.html
git.player25.xyz/izle/ Frame E1FE 0
0

GET
H3 200 Galatasaray%2B-%2BHatayspor.jpeg
1.bp.blogspot.com/-qe_vQ81zRq8/X1AlXEmCfLI/AAAAAAAAAQA/9nNDKZaeNT4UrYrNpPuSD1tAwgJVCUmsgCLcBGAsYHQ/w200-h150-c/ 14 KB
14 KB 8ms
7ms Image
image/jpeg 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-qe_vQ81zRq8/X1AlXEmCfLI/AAAAAAAAAQA/9nNDKZaeNT4UrYrNpPuSD1tAwgJVCUmsgCLcBGAsYHQ/w200-h150-c/Galatasaray%2B-%2BHatayspor.jpeg

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

0ed5b41d46a08008f3f1a9a654a57593905ebd3feb53bae2d0576fc52c7ebe2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:53:47 GMT
x-content-type-options: nosniff
age: 72
content-disposition: inline;filename="Galatasaray - Hatayspor.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14435
x-xss-protection: 0
server: fife
etag: "v101"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 04 Sep 2021 08:29:36 GMT

GET bein3hd.html
git.player25.xyz/izle/ Frame E245 0
0

GET
H/1.1 200
OK 1633161299966 Show response
betnetmed.advertserve.com/servlet/tagger/99837248/ 67 B
580 B 17ms
17ms Script
text/javascript 172.255.62.195
GOSSAMERTHREADS

General

Check archive.org

Show headers Download Go to

Full URL: https://betnetmed.advertserve.com/servlet/tagger/99837248/1633161299966
Requested by: Host: betnetmed.advertserve.com
URL: https://betnetmed.advertserve.com/js/libcode3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.195 London, United Kingdom, ASN36483 (GOSSAMERTHREADS, CA),
Reverse DNS
Software: nginx /
Resource Hash: 37175d09485e31d157e82f022e94a20324e474287174db0ce47ca600f0273666

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 07:54:59 GMT
Content-Encoding: gzip
Server: nginx
X-Robots-Tag: none
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET 120600bahiscom.html
git.player25.xyz/kutular/ Frame BB1A 0
0

GET 120600bahiscom.html
git.player25.xyz/kutular/ Frame 830D 0
0

GET tablo7.html
git.player25.xyz/ Frame A653 0
0

GET 300250restbet.html
git.player25.xyz/kutular/ Frame 40D9 0
0

GET 300250saha.html
git.player25.xyz/kutular/ Frame 458B 0
0

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 8 KB
9 KB 289ms
95ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.maledm.com%2F&j=
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 43857766eb916d75874e5ff5a850cc8f4e64cd165426d2b68ecfa67dada2d6e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:55:00 GMT
X-T: 0.673
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sat, 02 Oct 2021 07:54:59 GMT

GET
H3 200 repeat-bg.png
4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/ 229 B
254 B 8ms
8ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/repeat-bg.png

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

2baf0db4101196df611d843d4741b65c2ebde9d4d458196ab9fb71039d8ccec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:03:49 GMT
x-content-type-options: nosniff
age: 3071
content-disposition: inline;filename="repeat-bg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
server: fife
etag: "v9cf"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 14:20:38 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 8ms
8ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.maledm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:37:36 GMT
x-content-type-options: nosniff
age: 227844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:37:36 GMT

GET 300250kolik.html
git.player25.xyz/kutular/ Frame 069C 0
0

GET 300250kolik.html
git.player25.xyz/kutular/ Frame 4BC8 0
0

GET
H3 200 summary Show response
www.maledm.com/feeds/posts/ 6 KB
2 KB 155ms
155ms Script
text/javascript 104.21.57.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maledm.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata

Requested by

Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/Arlina-Design/redvision/master/unlipage.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.57.198 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b81eb249e15aab05000de860b86e9b38a1ce468821edbf4e35892da2bb08c43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.maledm.com
referer: https://www.maledm.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 23:37:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4c28de3794ee23bd0040fdfc2686c51f3345f5ffeca9f76570a691a09243f505"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBs7zukyobDryE8Y0QcGwnLFv8Tx04%2FS73e69NfMd%2BDjawJNrfpyahm3yz8R9jR%2FY5jBltfJE0U3SNrn%2FuV97fw7yuwZOAdTCixG98wHrDZ93tIqvvOfPI4x3WMtRIAcsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 697c5dad5cbc5c44-FRA
expires: Sat, 02 Oct 2021 07:55:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 49ms
13ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4083
date: Sat, 02 Oct 2021 06:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 08:46:57 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5fb0456d76f4567b/ 2 KB
889 B 269ms
261ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5fb0456d76f4567b/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f69fdc67eae83bc109b6ba5bb77c8b4a8e56aa172724845a26ecc90ee5937fcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
content-encoding: gzip
etag: 403626266--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=10, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 714

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 217ms
148ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6158105374e454a6&bkl=0&bl=1&pdt=346&sid=6158105374e454a6&pub=ra-5fb0456d76f4567b&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.maledm.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=selcuksportshd%2Cselcuksports%2Cselcuksport%2Cselcuksporthd%2Cselcuksportshd.live%2Cselcuksportshd%20live%2Cselcuk%20sports%2Cselcuk%20sport%2Cselcuk%20sports%20hd%2Cselcuk%20sport%20hd%2Csel%C3%A7uk%20spor%2Csel%C3%A7uksports%2Csel%C3%A7uk%20sports&colc=1633161300225&jsl=1&uvs=615810538e1b7b23000&skipb=1&callback=addthis.cbs.jsonp__066576546607758580
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bd5502720b59b00ed552f58a2707cd1d567d7c16028df3a30f2c7ecb812fb8e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:00 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2DFB 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame F814 71 KB
26 KB 45ms
45ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.maledm.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 02 Oct 2021 07:55:00 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
145 B 342ms
112ms Script
text/javascript 67.202.94.93
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=ligtvmax1&t=Sel%C3%A7uksports%2C%20Sel%C3%A7uk%20sports%20izle%2C%20selcuksportshd%2C%20selcuk%20sport&c=d&x=https%3A%2F%2Fwww.maledm.com%2F&y=&a=0&v=27&r=7022
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.93 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 25b182b3d82fd22aa3c7cb3b1a79df1fd363428abe09342e7c7832ed002496d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H3 200 arlinadesign.gif
1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/ 43 B
67 B 8ms
7ms Image
image/gif 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/arlinadesign.gif

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

133e13c382aab95cbd5c7c1ec3c13ffebf59fa7f616ffa4e8714013d224e6178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 05:30:22 GMT
x-content-type-options: nosniff
age: 8678
content-disposition: inline;filename="arlinadesign.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
server: fife
etag: "va12"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:41:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
23ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1086627317&t=pageview&_s=1&dl=https%3A%2F%2Fwww.maledm.com%2F&ul=en-us&de=UTF-8&dt=Sel%C3%A7uksports%2C%20Sel%C3%A7uk%20sports%20izle%2C%20selcuksportshd%2C%20selcuk%20sport&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1896031593&gjid=967245840&cid=883740860.1633161300&tid=UA-74068698-19&_gid=258502362.1633161300&_r=1&_slc=1&z=1643288164

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.maledm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.maledm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame B021 1 KB
750 B 290ms
97ms Document
text/html 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001633161300EFEC23AD3632EC940C
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.maledm.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8cbe24f60b775b20b3b9e91c0b23339c86f6067500cb93022ed3ca6144a9d2d3

Request headers

Host: t.dtscout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.maledm.com/
Accept-Encoding: gzip, deflate, br
Cookie: m=1; b=1; st=1; oa=1; df=1633161300; l=6D001633161300EFEC23AD3632EC940C
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 02 Oct 2021 07:55:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Sat, 02 Oct 2021 07:54:59 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 36ms
7ms Script
text/javascript 13.225.87.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.maledm.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 50813
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/javascript
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 01 Oct 2021 17:48:08 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 4SJFe28ZMO1YBC9OXWa020WLiZklBdF02iUTcoeZPiCEcmOHEiTmHg==

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ 0
88 B 45ms
7ms Script
text/plain 3.121.175.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.sharethis.com/pd/dtscout
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.maledm.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.175.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 02 Oct 2021 07:55:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 298ms
100ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=maledm.com&_ss=4xy7pwbjpm&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=6j0o&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.maledm.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3da5d6770a1f49992a514a64ddf69d79dd60b8a2dbd33dbeddb03b38d0bc5abc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:55:00 GMT
X-T: 0.195
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sat, 02 Oct 2021 07:54:59 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 111ms
111ms Stylesheet
text/css 142.250.185.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6445711025509997513&zx=1d0da4f5-e3d1-40a7-9fc3-721218ac723d

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 02 Oct 2021 07:55:00 GMT
server: GSE
date: Sat, 02 Oct 2021 07:55:00 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
986 B 144ms
117ms Fetch
application/json 13.225.87.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-78.fra2.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront), 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA2-C2
x-amzn-requestid: e046c8f5-3711-43a0-8f77-c143c54dd6aa
x-edge-origin-shield-skipped: 0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-cache: Miss from cloudfront
x-amz-apigw-id: Gkd9OG8LCYcFRfw=
content-length: 555
x-amz-cf-id: PMruS0Wfl1WQxGbYvFF9F7-4ObkKFP_PA16BwGWT9vfneINE4F-3ow==

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
11ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 02 Oct 2021 07:55:00 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST shares-post.json
api-public.addthis.com/url/serviceapi/ 0
0

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 34 B
283 B 204ms
189ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.maledm.com%2F&callback=_ate.cbs.rcb_4kfw0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

13a4d207350b3549c8b9859a264518d39d621bb172174fe36bada26a33527811

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.maledm.com/
last-modified: Sat, 02 Oct 2021 07:55:00 GMT
server: nginx/1.15.8
date: Sat, 02 Oct 2021 07:55:00 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 54

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 34 B
283 B 204ms
189ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.maledm.com%2F&callback=_ate.cbs.rcb_8jmw0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

bd35acca7a4e20899ed7568cc3580187e2bc243866502a98f7e32ad2d48ec3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.maledm.com/
last-modified: Sat, 02 Oct 2021 07:55:00 GMT
server: nginx/1.15.8
date: Sat, 02 Oct 2021 07:55:00 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 54

GET
H3 200 repeat-bg.png
4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/ 229 B
0 8ms
8ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/repeat-bg.png

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

2baf0db4101196df611d843d4741b65c2ebde9d4d458196ab9fb71039d8ccec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Sat, 02 Oct 2021 07:03:49 GMT
x-content-type-options: nosniff
age: 3071
content-disposition: inline;filename="repeat-bg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
server: fife
etag: "v9cf"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 14:20:38 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 70 B
118 B 139ms
113ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.maledm.com%2F&callback=window._ate.cbs.rcb_7pt50

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e53f3bdbccd2d646a02a495e1eca0860081eeddb17c9865337ede8fe0df85c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1342318088103121
expires: Sat, 02 Oct 2021 08:10:00 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 69 B
283 B 131ms
105ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.maledm.com%2F&callback=window._ate.cbs.rcb_gep70

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c5bcfd4bd6480250ae04be4553b89b42799a5f04e4f12d19955d444a04c3163

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 4589771535045095
expires: Sat, 02 Oct 2021 08:10:00 GMT

GET
H3 200 repeat-bg.png
4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/ 229 B
0 8ms
8ms Image
image/png 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/repeat-bg.png

Requested by

Host: www.maledm.com
URL: https://www.maledm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

fife /

Resource Hash

2baf0db4101196df611d843d4741b65c2ebde9d4d458196ab9fb71039d8ccec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Sat, 02 Oct 2021 07:03:49 GMT
x-content-type-options: nosniff
age: 3071
content-disposition: inline;filename="repeat-bg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
server: fife
etag: "v9cf"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 14:20:38 GMT

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
860 B 36ms
8ms Fetch
application/json 13.225.87.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-46.fra2.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:02:17 GMT
content-encoding: gzip
server: restify
age: 49963
vary: Accept-Encoding,origin
x-edge-origin-shield-skipped: 0
content-type: application/json
access-control-allow-origin: https://www.maledm.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 2PB-F78vL3osYPrb4frndsystgIO_QSgb6V8A0GRfca1ry_dLaGRhw==
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 39ms
17ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 212150
etag: W/"612951fd-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 697c5db0ca5c6903-FRA
expires: Tue, 05 Oct 2021 07:55:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 38 KB
13 KB 35ms
7ms Script
text/javascript 13.225.87.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.maledm.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 01 Oct 2021 09:40:16 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
age: 80089
etag: W/"f321a7442b8087eba0d1817aa7dbb5f7"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/javascript
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 7PrKo6IIC-xJ854J-INZEDzB050JFtwFA-g9ohsjlI_m3gfRhrZmGw==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 361ms
89ms Script
application/javascript 45.55.96.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001633161300EFEC23AD3632EC940C&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.maledm.com%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.maledm.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 08:01:52 GMT
X-T: 1.11
x-server: web13.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sat, 02 Oct 2021 08:01:51 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
329 B 199ms
157ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=6D001633161300EFEC23AD3632EC940C&ret=html&phint=__bk_t%3DSel%C3%A7uksports%2C%20Sel%C3%A7uk%20sports%20izle%2C%20selcuksportshd%2C%20selcuk%20sport&phint=__bk_k%3Dselcuksportshd%2C%20selcuksports%2C%20selcuksport%2C%20selcuksporthd%2C%20selcuksportshd.live%2C%20selcuksportshd%20live%2C%20selcuk%20sports%2C%20selcuk%20sport%2C%20selcuk%20sports%20hd%2C%20selcuk%20sport%20hd%2C%20sel%C3%A7uk%20spor%2C%20sel%C3%A7uksports%2C%20sel%C3%A7uk%20sports%2C%20webspor%2C%20sel%C3%A7uk%20sports%20izle&phint=__bk_l%3Dhttps%3A%2F%2Fwww.maledm.com%2F&r=16843684
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:55:00 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: c319
Content-Type: image/gif

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D001633161300EFEC23AD3632EC940C
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=1d40012c3f8e1136

62 B
304 B

165ms
152ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=1d40012c3f8e1136
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:55:00 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=1d40012c3f8e1136
content-length: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 337ms
110ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1633161300627&dn=TC&iso=0&t=Sel%C3%A7uksports%2C%20Sel%C3%A7uk%20sports%20izle%2C%20selcuksportshd%2C%20selcuk%20sport&cu=https%3A%2F%2Fwww.maledm.com%2F
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 339ms
111ms Script
application/javascript 208.100.17.185
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.185 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip185.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:00 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sun, 03 Oct 2021 07:55:01 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1633161300627&dn=TC&iso=0&t=Sel%C3%A7uksports%2C%20Sel%C3%A7uk%20sports%20izle%2C%20selcuksportshd%2C%20selcuk%20sport&cu=https%3A%2F%2Fwww.maledm.com%2F
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:01 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1633161300627&dn=TC&iso=0&t=Sel%C3%A7uksports%2C%20Sel%C3%A7uk%20sports%20izle%2C%20selcuksportshd%2C%20selcuk%20sport
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:01 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1633161300627&dn=TC&iso=0
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:01 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1633161300627&dn=TC&iso=0
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:01 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1633161300627&dn=TC&iso=0
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:01 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
109ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!ligtvmax1&lm=0&ts=1633161300627&dn=TC&iso=0
Requested by: Host: www.maledm.com
URL: https://www.maledm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:01 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 403ms
387ms XHR
application/json 13.225.87.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://www.maledm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Oct 2021 07:55:02 GMT
content-encoding: gzip
x-edge-origin-shield-skipped: 0
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: xn4_l7_qU6xvPXH-LI7fD4zpEJRcecyrJxGYgBkPI3T5Fi7tQQ96pA==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 603 B
1 KB 196ms
124ms XHR
application/json 34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 99069449399513eb30d9c39c154079fab62e181edd03c3660e3514f2cd38bdd7

Request headers

Referer: https://www.maledm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.maledm.com
cache-control: no-cache
x-server: 10.45.20.97
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 603
expires: 0

POST
H2 200 a
a.dtssrv.com/ 0
556 B 267ms
222ms Ping
text/html 172.67.220.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=6D001633161300EFEC23AD3632EC940C&k=lotpano&v=20101b88939d4d20422fdf24ae1916d539380d42e482e324bc38adba5871a74a
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.maledm.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.maledm.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Oct 2021 07:55:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BADjlml3hUeI1BTL0uu57LFscQmPrKeRmQPTg1a5MesWgon5SvlaiJDEXAMAW8QujnxDTMJ3fYbi1GVbmikKGmSGKH55J7DCKVKcEFwdnWQtbCG%2BJbyYNAzBQMgrqZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 697c5dbb5be82798-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 6E7B 2 KB
1 KB 8ms
7ms Document
text/html 13.225.87.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-87.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.maledm.com/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=2602f4332eaef9320dd0387147d26007; _cc_cc="ACZ4XmNQMDIzMEozMTY2Sk1MTbM0NjJISTEwtjA3NDFPAUoZmDMAQWKEQBiIhgCe45umsDB%2BlGX4z8jI8PGzJYz5bPEcuPDyP4Uw4eNHDzHD2Lv3XRaAsT803IezDyNpnX5CHabk3RKEiWs2POWGiU%2F8OEEbxgYAvDU7vg%3D%3D"; _cc_aud="ABR4XmNgYGBIjBAIA1IQwMzAsKgVzOSaASIZH9YDSQBI8wRN"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.maledm.com/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
x-edge-origin-shield-skipped: 0
content-encoding: gzip
date: Fri, 01 Oct 2021 14:46:56 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: A8mt-vnEBzYptdRdehH6U42Trk0UcHQPtQzE3pCfOLjl6rItVQXL4Q==
age: 61687

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 5976 3 KB
3 KB 32ms
31ms Document
text/html 34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9fd54b6e61d037e30043744432619ad42078eeb98cda2e8f944f6d5e7a1ceae9

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.crwdcntrl.net/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=2602f4332eaef9320dd0387147d26007; _cc_cc="ACZ4XmNQMDIzMEozMTY2Sk1MTbM0NjJISTEwtjA3NDFPAUoZmDMAQWKEQBiIhgCe45umsDB%2BlGX4z8jI8PGzJYz5bPEcuPDyP4Uw4eNHDzHD2Lv3XRaAsT803IezDyNpnX5CHabk3RKEiWs2POWGiU%2F8OEEbxgYAvDU7vg%3D%3D"; _cc_aud="ABR4XmNgYGBIjBAIA1IQwMzAsKgVzOSaASIZH9YDSQBI8wRN"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Sat, 02 Oct 2021 07:55:02 GMT
content-type: text/html
content-length: 3184
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.5.209
server: Jetty(9.4.38.v20210224)

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5976 0
166 B 78ms
17ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5976
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=2602f4332eaef9320dd0387147d26007&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=2602f4332eaef9320dd0387147d26007&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=c2e8b746771108d75a30dbe11656d231&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOyRsj4BQWh5Ffsmkl0xEj4ZEp5O6YuTiPoxnhIQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/7/3.gif?puid=8913705983582622197&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOyRsj4BQWh5Ffsmkl0xEj4ZE...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjYwMmY0MzMyZWFlZjkzMjBkZDAzODcxNDdkMjYwMDc&google_redir={xENCODEDURL}&id5id=ID5-ZHMOyRsj4BQWh5Ffsmkl0xEj4ZEp5O6YuTiPoxnhIQ

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjYwMmY0MzMyZWFlZjkzMjBkZDAzODcxNDdkMjYwMDc&google_redir={xENCODEDURL}&id5id=ID5-ZHMOyRsj4BQWh5Ffsmkl0xEj4ZEp5O6YuTiPoxnhIQ

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjYwMmY0MzMyZWFlZjkzMjBkZDAzODcxNDdkMjYwMDc&google_redir={xENCODEDURL}&id5id=ID5-ZHMOyRsj4BQWh5Ffsmkl0xEj4ZEp5O6YuTiPoxnhIQ
cache-control: no-cache
x-server: 10.45.14.87
content-length: 0
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5976 70 B
265 B 112ms
34ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 5976 43 B
238 B 40ms
15ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
via: 1.1 varnish
server: nginx
x-timer: S1633161302.338193,VS0,VE9
x-served-by: cache-fra19129-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

tpid=907abe3c-1620-44b0-8881-ced55682f126
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 5976
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=2602f4332eaef9320dd0387147d26007&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=2602f4332eaef9320dd0387147d26007&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=907abe3c-1620-44b0-8881-ced55682f126

49 B
264 B

53ms
35ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=907abe3c-1620-44b0-8881-ced55682f126
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.32
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=907abe3c-1620-44b0-8881-ced55682f126
date: Sat, 02 Oct 2021 07:55:02 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

/
loadm.exelator.com/load/ Frame 5976
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=260&buid=2602f4332eaef9320dd0387147d26007&j=0
https://loadm.exelator.com/load/?p=204&g=260&buid=2602f4332eaef9320dd0387147d26007&j=0&xl8blockcheck=1

0
751 B

12ms
12ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=2602f4332eaef9320dd0387147d26007&j=0&xl8blockcheck=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 02 Oct 2021 07:55:02 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=260&buid=2602f4332eaef9320dd0387147d26007&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET t
px.surveywall-api.survata.com/ Frame 5976 0
0

GET
H2

200

tpid=67093335059029225410562034516081828911
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 5976
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=2602f4332eaef9320dd0387147d26007&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=2602f4332eaef9320dd0387147d26007&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=67093335059029225410562034516081828911

49 B
265 B

37ms
36ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=67093335059029225410562034516081828911
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.250
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-1-v018-012e7a688.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vnh4KdO1T3A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=67093335059029225410562034516081828911
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 5976 42 B
167 B 42ms
8ms Image
image/gif 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/lotame?uid=2602f4332eaef9320dd0387147d26007&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:55:02 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 5976 0
337 B 104ms
29ms Image
text/plain 34.250.222.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=2602f4332eaef9320dd0387147d26007
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.222.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-222-102.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:55:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1633161302
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 5976
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=2602f4332eaef9320dd0387147d26007
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=2602f4332eaef9320dd0387147d26007

120 B
990 B

409ms
91ms

Image
image/png

69.169.85.7
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=2602f4332eaef9320dd0387147d26007
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.7 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 07:55:23 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: NY08
Content-Type: image/png
Content-Length: 120
Expires: -1

Redirect headers

Date: Sat, 02 Oct 2021 07:55:02 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=2602f4332eaef9320dd0387147d26007
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: private
X-Server: LAS03
Content-Type: text/html; charset=utf-8
Content-Length: 217

GET
H2

200

tpid=164861203927000070241
bcp.crwdcntrl.net/5/c=368/tp=NEUS/ Frame 5976
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9202276048
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164861203927000070241

49 B
367 B

51ms
51ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164861203927000070241
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.157
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164861203927000070241
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 5976 43 B
422 B 134ms
30ms Image
image/gif 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=2602f4332eaef9320dd0387147d26007&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 07:55:02 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Sun, 03 Oct 2021 03:55:02 GMT

GET
H2

200

tpid=921e11fb-c7e0-4886-9ec4-4419feb54f3d
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 5976
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=921e11fb-c7e0-4886-9ec4-4419feb54f3d?gdpr=1&gdpr_consent=

49 B
264 B

38ms
38ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=921e11fb-c7e0-4886-9ec4-4419feb54f3d?gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.27
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Apache-Coyote/1.1
location: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=921e11fb-c7e0-4886-9ec4-4419feb54f3d?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

tpid=CI-54a1d90926312f6ffac05e2203d27464
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame 5976
Redirect Chain

https://dt-secure.videohub.tv/v1/usync/lo
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-54a1d90926312f6ffac05e2203d27464

49 B
264 B

75ms
74ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-54a1d90926312f6ffac05e2203d27464
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.32
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-54a1d90926312f6ffac05e2203d27464
Date: Sat, 02 Oct 2021 07:55:02 GMT
useSecure: true
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 5976
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=c1376158-1056-4900-9561-60d8b29d32eb

49 B
265 B

47ms
47ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=c1376158-1056-4900-9561-60d8b29d32eb
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.115
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Sat, 02 Oct 2021 07:55:02 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=c1376158-1056-4900-9561-60d8b29d32eb
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 02 Oct 2021 07:55:01 GMT

GET
H2

200

tpid=b54fadf9-36f7-4c24-9165-9930347633b7-61581056-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 5976
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b54fadf9-36f7-4c24-9165-9930347633b7-61581056-5553

49 B
264 B

40ms
40ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b54fadf9-36f7-4c24-9165-9930347633b7-61581056-5553
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.231
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:01 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=b54fadf9-36f7-4c24-9165-9930347633b7-61581056-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=j0yNGr9Q1MwzRl5
sync.crwdcntrl.net/map/c=1818/tp=DTXU/ Frame 5976
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=j0yNGr9Q1MwzRl5

49 B
264 B

34ms
34ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=j0yNGr9Q1MwzRl5
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:03 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.27
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 07:55:02 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-006cb242530ed7361@us-west-2c@dxedge-app-us-west-2-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=j0yNGr9Q1MwzRl5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=YVgQVgAF96LhKgA6&_test=YVgQVgAF96LhKgA6
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 5976
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YVgQVgAF96LhKgA6
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVgQVgAF96LhKgA6&_test=YVgQVgAF96LhKgA6

49 B
264 B

38ms
38ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVgQVgAF96LhKgA6&_test=YVgQVgAF96LhKgA6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.5.209
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1633161303.606449,VS0,VE0
x-served-by: cache-hhn4022-HHN
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVgQVgAF96LhKgA6&_test=YVgQVgAF96LhKgA6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5976
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

170 B
188 B

31ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 5976 62 B
304 B 143ms
143ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=c2e8b746771108d75a30dbe11656d231
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:55:02 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=2572637708244963829
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 5976
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/2602f4332eaef9320dd0387147d26007/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2572637708244963829

49 B
264 B

34ms
34ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2572637708244963829
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.7.240
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2572637708244963829
pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=927381277/tpid=1522799204497746710/ Frame 5976
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=927381277%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D927381277%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=927381277/tpid=1522799204497746710/tp=ANXS

49 B
264 B

35ms
35ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=927381277/tpid=1522799204497746710/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C108%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C65%2C61%2C50%2C45%2C38%2C33%2C30%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 07:55:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.18
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 07:55:02 GMT
X-Proxy-Origin: 216.131.114.163; 216.131.114.163; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c8300459-270d-481b-a67d-721fdcef9a5f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=927381277/tpid=1522799204497746710/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: git.player25.xyz
URL: https://git.player25.xyz/pop-tipobet.js

Domain: netsportv50.com.hostiyi.cc
URL: http://netsportv50.com.hostiyi.cc/futbolcafe/pop-tipobet.js

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/100050bahiscom.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/72890bahiscom.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/100050ultraselcuk.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/100050tipobet.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/100050setraselcuk.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/72890ultraselcuk.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/72890tipo.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/72890setraselcuk.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/seyret/bein1.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/72890betkolikselcuk.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/izle/ch7.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/izle/yurop10.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/izle/bein3hd.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/120600bahiscom.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/120600bahiscom.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/tablo7.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/300250restbet.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/300250saha.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/300250kolik.html

Domain: git.player25.xyz
URL: https://git.player25.xyz/kutular/300250kolik.html

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: api-public.addthis.com
URL: https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.maledm.com%2F

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/t

Verdicts & Comments Add Verdict or Comment

306 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
betnetmed.advertserve.com/	1970-01-20 06:24:57	Name: AVPUID Value: 9bfcc65dc1aef2b6ade4a7cbc1f2361b
www.maledm.com/	1970-01-20 07:09:35	Name: __atuvc Value: 1%7C39
www.maledm.com/	1970-01-19 21:39:23	Name: __atuvs Value: 615810538e1b7b23000
.maledm.com/	1970-01-20 15:10:33	Name: _ga Value: GA1.2.883740860.1633161300
.maledm.com/	1970-01-19 21:40:47	Name: _gid Value: GA1.2.258502362.1633161300
.maledm.com/	1970-01-19 21:39:21	Name: _gat_blogger Value: 1
.dtscout.com/	1970-01-19 21:39:26	Name: m Value: 1
.dtscout.com/	1970-01-19 21:39:39	Name: b Value: 1
.dtscout.com/	1970-01-19 21:39:24	Name: st Value: 1
.dtscout.com/	1970-01-19 21:39:35	Name: oa Value: 1
.dtscout.com/	1970-01-20 00:03:21	Name: df Value: 1633161300
.dtscout.com/	1970-01-19 23:47:30	Name: l Value: 6D001633161300EFEC23AD3632EC940C
.addthis.com/	1970-01-20 07:09:35	Name: uvc Value: 1%7C39
.addthis.com/	1970-01-20 07:09:35	Name: loc Value: MDAwMDBFVURFQlkyMjgxMTkxNzAwNTAwMDBDSA==
.maledm.com/	1970-01-19 23:44:38	Name: __dtsu Value: 6D001633161300EFEC23AD3632EC940C
.maledm.com/	1970-01-19 21:39:21	Name: lotame_domain_check Value: maledm.com
.onaudience.com/	1970-01-20 06:24:57	Name: cookie Value: dcc136ef44034b4a
.onaudience.com/	1970-01-19 21:40:47	Name: done_redirects109 Value: 1
.dtscdn.com/	1970-01-20 01:57:06	Name: uid Value: 6D001633161300EFEC23AD3632EC940C
.crwdcntrl.net/	1970-01-20 04:08:06	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:08:06	Name: _cc_id Value: 2602f4332eaef9320dd0387147d26007
.crwdcntrl.net/	1970-01-20 04:08:09	Name: _cc_cc Value: "ACZ4XmNQMDIzMEozMTY2Sk1MTbM0NjJISTEwtjA3NDFPAUoZmDMAQWKEQBiIhgCe45umsDB%2BlGX4z8jI8PGzJYz5bPEcuPDyP4Uw4eNHDzHD2Lv3XRaAsT803IezDyNpnX5CHabk3RKEiWs2POWGiU%2F8OEEbxgYAvDU7vg%3D%3D"
.crwdcntrl.net/	1970-01-20 04:08:09	Name: _cc_aud Value: "ABR4XmNgYGBIjBAIA1IQwMzAsKgVzOSaASIZH9YDSQBI8wRN"
.maledm.com/	1970-01-20 04:08:09	Name: _cc_id Value: 2602f4332eaef9320dd0387147d26007
.maledm.com/	1970-01-20 04:08:09	Name: _cc_cc Value: ACZ4XmNQMDIzMEozMTY2Sk1MTbM0NjJISTEwtjA3NDFPAUoZmDMAQWKEQBiIhgCe45umsDB%2BlGX4z8jI8PGzJYz5bPEcuPDyP4Uw4eNHDzHD2Lv3XRaAsT803IezDyNpnX5CHabk3RKEiWs2POWGiU%2F8OEEbxgYAvDU7vg%3D%3D
.maledm.com/	1970-01-20 04:08:09	Name: _cc_aud Value: ABR4XmNgYGBIjBAIA1IQwMzAsKgVzOSaASIZH9YDSQBI8wRN
.maledm.com/	1970-01-19 21:49:26	Name: panoramaId_expiry Value: 1633766102122
.maledm.com/	1970-01-19 21:49:26	Name: panoramaId Value: 20101b88939d4d20422fdf24ae1916d539380d42e482e324bc38adba5871a74a
.exelator.com/	1970-01-20 00:32:09	Name: EE Value: "77490255a03e472952a9549e3cb6d3af"
.id5-sync.com/	1970-01-19 21:39:21	Name: cf Value:
.id5-sync.com/	1970-01-19 21:39:21	Name: cip Value:
.id5-sync.com/	1970-01-19 21:39:21	Name: cnac Value:
.id5-sync.com/	1970-01-19 21:39:21	Name: car Value:
.id5-sync.com/	1970-01-19 21:39:21	Name: gdpr Value:
.id5-sync.com/	1970-01-19 21:39:21	Name: callback Value:
.exelator.com/	1970-01-20 00:32:09	Name: ud Value: "eJxrXxzq6XKLQcHc3MTSwMjUNNHAONXE3MjS1CjR0tTEMtU4OcksxTgxbXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ4SX5RZvoiF9fFRSlpDItKik8F71NgAABD8ijA"
.tapad.com/	1970-01-19 23:05:45	Name: TapAd_TS Value: 1633161302342
.tapad.com/	1970-01-19 23:05:45	Name: TapAd_DID Value: 907abe3c-1620-44b0-8881-ced55682f126
.id5-sync.com/	1970-01-19 23:48:57	Name: id5 Value: 0efc441c-17e0-4fc3-8154-113b2a654123#1633161298069#2
.tapad.com/	1970-01-19 23:05:45	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 01:58:33	Name: _kuid_ Value: OZXvc5Xl
.agkn.com/	1970-01-20 06:24:57	Name: ab Value: 0001%3AkMcY1%2BCqdwdAL3nCVl815k6lFXMruyJR
.demdex.net/	1970-01-20 01:58:33	Name: demdex Value: 67093335059029225410562034516081828911
.tidaltv.com/	1970-01-20 06:24:57	Name: tidal_ttid Value: 921e11fb-c7e0-4886-9ec4-4419feb54f3d
.mathtag.com/	1970-01-20 07:05:16	Name: uuid Value: c1376158-1056-4900-9561-60d8b29d32eb
.dpm.demdex.net/	1970-01-20 01:58:33	Name: dpm Value: 67093335059029225410562034516081828911
.tidaltv.com/	1970-01-20 06:24:57	Name: sync-his Value: "H4sIAAAAAAAAADM0srA0tjI0NAAARUtoHAkAAAA="
.sitescout.com/	1970-01-20 06:24:57	Name: ssi Value: b54fadf9-36f7-4c24-9165-9930347633b7#1633161302499
.sitescout.com/	1970-01-19 22:22:33	Name: _ssuma Value: eyI3IjoxNjMzMTYxMzAyNTI0fQ
.doubleclick.net/	1970-01-19 21:39:22	Name: test_cookie Value: CheckForPermission
.everesttech.net/	1970-01-20 06:24:57	Name: everest_g_v2 Value: g_surferid~YVgQVgAF96LhKgA6
.turn.com/	1970-01-20 01:58:33	Name: uid Value: 2572637708244963829
.id5-sync.com/	1970-01-19 23:48:57	Name: 3pi Value: 224#1633161298339#1036385741\|321#1633161298285#-1897356074\|19#1633161298078#1660570766#2602f4332eaef9320dd0387147d26007\|398#1633161298339#2062946011
.adnxs.com/	1970-01-19 23:48:57	Name: uuid2 Value: 1522799204497746710
.videohub.tv/	1970-01-20 06:24:57	Name: UIXX_UPDT Value: "UILO=1633161302644"
.videohub.tv/	1970-01-20 06:24:57	Name: uid Value: CI-54a1d90926312f6ffac05e2203d27464
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: e03o0hgzkppklhts5aydwjqd
.w55c.net/	1970-01-20 07:09:35	Name: wfivefivec Value: j0yNGr9Q1MwzRl5
.w55c.net/	1970-01-19 22:22:33	Name: matchlotame Value: 5
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 012ouj0owlqkz4pfy2rkatti
.ib.mookie1.com/	1970-01-20 06:24:57	Name: ibkukiuno Value: s=a5801e1a-becb-45d7-9451-b7070644ee19&h=&v=7299065182&l=-8585684455615613928&op=&hl=0&vlu=3&tcs=1&dcc=-8585684455615613928
.ib.mookie1.com/	1970-01-20 06:24:57	Name: ibkukinet Value: 3632493219=-8585684455615613928

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.maledm.com/ Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure script 'http://netsportv50.com.hostiyi.cc/futbolcafe/pop-tipobet.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1060) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/72890bahiscom.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1057) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/100050bahiscom.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1121) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/100050ultraselcuk.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1126) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/100050setraselcuk.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1123) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/100050tipobet.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1134) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/72890tipo.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1132) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/72890ultraselcuk.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1137) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/72890setraselcuk.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1156) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/seyret/bein1.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1160) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/72890betkolikselcuk.html'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.maledm.com/ Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/repeat-bg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.maledm.com/(Line 1775) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/120600bahiscom.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1777) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/120600bahiscom.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1789) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/tablo7.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1795) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/300250saha.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 1793) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/300250restbet.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 2204) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/300250kolik.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.maledm.com/(Line 2161) Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure frame 'http://netsportv50.com.hostiyi.cc/futbolcafe/kutular/300250kolik.html'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.maledm.com/ Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/arlinadesign.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.maledm.com/ Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/arlinadesign.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.maledm.com/ Message: Mixed Content: The page at 'https://www.maledm.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-Qg5bi1ZtDdM/VZ5nHAyYBqI/AAAAAAAAChE/exGnasO4oyk/s640/arlinadesign.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://www.maledm.com/ Message: Access to XMLHttpRequest at 'https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.maledm.com%2F' from origin 'https://www.maledm.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.maledm.com%2F Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://px.surveywall-api.survata.com/t Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a.dtssrv.com
aa.agkn.com
ajax.googleapis.com
api-public.addthis.com
bcp.crwdcntrl.net
beacon.krxd.net
betnetmed.advertserve.com
cdn.rawgit.com
cdn.tynt.com
cm.g.doubleclick.net
code.jquery.com
d.turn.com
de.tynt.com
dpm.demdex.net
dt-secure.videohub.tv
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
git.player25.xyz
global.ib-ibi.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
image6.pubmatic.com
loadm.exelator.com
m.addthis.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
ml314.com
netsportv50.com.hostiyi.cc
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
px.surveywall-api.survata.com
s7.addthis.com
secure.adnxs.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.sharethis.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
trc.taboola.com
v1.addthisedge.com
waust.at
whos.amung.us
widgets.pinterest.com
www.blogger.com
www.google-analytics.com
www.maledm.com
z.moatads.com
api-public.addthis.com
git.player25.xyz
netsportv50.com.hostiyi.cc
px.surveywall-api.survata.com
s7.addthis.com
104.111.215.191
104.18.11.207
104.18.29.199
104.21.57.198
104.26.4.7
104.75.88.126
13.225.87.103
13.225.87.46
13.225.87.78
13.225.87.87
13.248.242.197
142.250.184.194
142.250.185.137
142.250.185.142
142.250.185.99
142.250.186.161
142.250.186.42
151.101.0.84
151.101.1.44
151.101.130.49
158.69.139.226
172.217.23.106
172.255.62.195
172.67.220.51
18.169.90.17
18.198.69.109
18.203.8.109
185.29.134.244
185.33.220.240
185.64.190.78
199.127.207.188
2.18.235.40
208.100.17.185
3.121.175.251
34.247.104.176
34.250.222.102
34.253.111.115
35.227.248.159
45.55.96.63
46.228.164.13
51.210.112.63
52.215.191.146
52.29.0.64
52.34.139.214
54.36.109.22
64.58.232.176
66.155.71.150
67.202.105.32
67.202.94.93
69.16.175.42
69.169.85.7
89.187.169.47
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
042a78c15f12b148098c4f7dd5c9dbba0c1bed62d373480a747de7173c1c8fa9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ed5b41d46a08008f3f1a9a654a57593905ebd3feb53bae2d0576fc52c7ebe2b
133e13c382aab95cbd5c7c1ec3c13ffebf59fa7f616ffa4e8714013d224e6178
13a4d207350b3549c8b9859a264518d39d621bb172174fe36bada26a33527811
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
25b182b3d82fd22aa3c7cb3b1a79df1fd363428abe09342e7c7832ed002496d4
2baf0db4101196df611d843d4741b65c2ebde9d4d458196ab9fb71039d8ccec7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
37175d09485e31d157e82f022e94a20324e474287174db0ce47ca600f0273666
3da5d6770a1f49992a514a64ddf69d79dd60b8a2dbd33dbeddb03b38d0bc5abc
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
43857766eb916d75874e5ff5a850cc8f4e64cd165426d2b68ecfa67dada2d6e9
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
5c5bcfd4bd6480250ae04be4553b89b42799a5f04e4f12d19955d444a04c3163
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
71d3b53f5fc2d9ff983184f539a0c8b9991c31af89b3448ab7475c1ef94e6124
78e5961dcbc54da9dcc6ac5ebc8706b623ccddb3569ed0bfa700da5f3a5bc305
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e53f3bdbccd2d646a02a495e1eca0860081eeddb17c9865337ede8fe0df85c9
84d26577a24a160877b0846cdc660de9fea04a02ef6b27ca803af76a99c43d02
853627ca7115a7f573a25e1869a27a22cb1ed22f0cf5c84910a5d080c3ad63d0
859bc0c9116da19b33d539bd2348ad1636385d7a25744f839004a43ab2ea5391
8cbe24f60b775b20b3b9e91c0b23339c86f6067500cb93022ed3ca6144a9d2d3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
94c8bee3297944a661cb284b40fc327bba42d8fe96c2a3fcafe77bba6cfb056b
95311ebb5de58163475e772c7fc9899fe5e84087a9ab61b5035eb366e52afa08
99069449399513eb30d9c39c154079fab62e181edd03c3660e3514f2cd38bdd7
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9a0ad23dd55f080b3fd01c4d95601e92cb2faac2c6527a95a0427cdfb62a51b0
9fd54b6e61d037e30043744432619ad42078eeb98cda2e8f944f6d5e7a1ceae9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b81eb249e15aab05000de860b86e9b38a1ce468821edbf4e35892da2bb08c43b
bb606f4398b4913e5cf8c50c02e848fbe0ac648901acbe56f7e5ed2854c6fa9c
bd35acca7a4e20899ed7568cc3580187e2bc243866502a98f7e32ad2d48ec3f7
bd5502720b59b00ed552f58a2707cd1d567d7c16028df3a30f2c7ecb812fb8e5
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
c93efc9f61620f152f69f2db294b4e3653f70935208e582f3921a910f33e42ef
cb6097215dfc8d9cdda76b92549683c85f836f06d7e7602d649a0aec59fa150d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccca0dba2f0d3225f8c05ff7e36c3897965d5a37f1d41318d99075c92f368383
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
d9d622b86d8469f47f57cc198a2a6e6b8a60196f9ad80fdece59a8a9b7e5d963
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
ddfba7510cc3596b0c7d380a780e89cbf52e59681d2ec04ab9f49d6fb620a9ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f69fdc67eae83bc109b6ba5bb77c8b4a8e56aa172724845a26ecc90ee5937fcf
f7b118d3049b2b6d6a631419d5ed567ed368c2f0801a3d4a2a726f4d9ab2b58d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.maledm.com Open in urlscan Pro 104.21.57.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

121 Requests

79 %HTTPS

0 %IPv6

49 Domains

62 Subdomains

39 IPs

8 Countries

949 kBTransfer

1846 kBSize

62 Cookies

5 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.maledm.com Open in urlscan Pro
104.21.57.198 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

79 %
HTTPS

0 %
IPv6

49
Domains

62
Subdomains

39
IPs

8
Countries

949 kB
Transfer

1846 kB
Size

62
Cookies

121 HTTP transactions
1 data transactions