taraftariumyayin31.pages.dev Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://taraftariumyayin31.pages.dev/
Effective URL:
https://taraftariumyayin31.pages.dev/
Submission: On November 09 via api (November 9th 2023, 6:58:41 pm UTC) from US — Scanned from NL

Summary HTTP 50 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 50 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is taraftariumyayin31.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on November 5th 2023. Valid for: 3 months.

This is the only time taraftariumyayin31.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
2 2	140.82.121.4 140.82.121.4	36459 (GITHUB) (GITHUB)
2	2606:50c0:800... 2606:50c0:8001::154	54113 (FASTLY) (FASTLY)
4	192.229.233.25 192.229.233.25	15133 (EDGECAST) (EDGECAST)
1	172.67.7.204 172.67.7.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
4	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:310... 2606:4700:310c::ac42:2ca6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.4.7 104.26.4.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
6	172.67.143.41 172.67.143.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.171.19 172.64.171.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	23

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

taraftariumyayin31.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 140.82.121.4 (Frankfurt am Main, Germany) 2 redirects

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-4-fra.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.233.25 (Marlborough, United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.7.204 (United States)

ASN13335 (CLOUDFLARENET, US)

wallpaperaccess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:310c::ac42:2ca6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fram8.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

acdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdsnnt.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.7 (None, )

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.143.41 (United States)

ASN13335 (CLOUDFLARENET, US)

corsproxy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.171.19 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	pages.dev 1 redirects taraftariumyayin31.pages.dev fram8.pages.dev cdsnnt.pages.dev	38 KB
6	corsproxy.org corsproxy.org	8 MB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447	150 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	60 KB
5	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12682	7 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	283 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	310 B
2	acdcdn.com acdcdn.com — Cisco Umbrella Rank: 129837	91 KB
2	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4473	222 KB
2	github.com 2 redirects github.com — Cisco Umbrella Rank: 3165	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	93 KB
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 26862	1 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 16137	187 B
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11116	15 KB
1	waust.at waust.at — Cisco Umbrella Rank: 39728	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	27 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	91 KB
1	wallpaperaccess.com wallpaperaccess.com — Cisco Umbrella Rank: 74021	3 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7022	50 KB
50	19

	Domain	Requested by
6	corsproxy.org	cdn.jsdelivr.net
5	blogger.googleusercontent.com	taraftariumyayin31.pages.dev
4	cdn.jsdelivr.net	taraftariumyayin31.pages.dev fram8.pages.dev
4	platform.twitter.com	taraftariumyayin31.pages.dev platform.twitter.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fram8.pages.dev	1 redirects taraftariumyayin31.pages.dev fram8.pages.dev
3	taraftariumyayin31.pages.dev	taraftariumyayin31.pages.dev
2	cdsnnt.pages.dev	fram8.pages.dev
2	www.gstatic.com	cdn.jsdelivr.net www.gstatic.com
2	syndication.twitter.com	platform.twitter.com taraftariumyayin31.pages.dev
2	region1.google-analytics.com	www.googletagmanager.com
2	acdcdn.com	fram8.pages.dev acdcdn.com
2	raw.githubusercontent.com	taraftariumyayin31.pages.dev
2	github.com	2 redirects
1	youradexchange.com	acdcdn.com
1	whos.amung.us	waust.at
1	1.bp.blogspot.com	taraftariumyayin31.pages.dev
1	waust.at	fram8.pages.dev
1	cdnjs.cloudflare.com	fram8.pages.dev
1	www.googletagmanager.com	taraftariumyayin31.pages.dev
1	ajax.googleapis.com	taraftariumyayin31.pages.dev
1	wallpaperaccess.com	taraftariumyayin31.pages.dev
1	i.imgur.com	taraftariumyayin31.pages.dev
1	fonts.googleapis.com	taraftariumyayin31.pages.dev
50	24

This site contains links to these domains. Also see Links.

Domain
refpa58351.top
x.com
sites.google.com
hdmacizle8.op
t.me
twitter.com

Subject Issuer	Validity	Valid
taraftariumyayin31.pages.dev GTS CA 1P5	`2023-11-05` - `2024-02-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
fram8.pages.dev GTS CA 1P5	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
acdcdn.com E1	`2023-09-12` - `2023-12-11`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-01` - `2024-10-31`	a year	crt.sh
cdsnnt.pages.dev GTS CA 1P5	`2023-09-15` - `2023-12-14`	3 months	crt.sh
corsproxy.org E1	`2023-10-07` - `2024-01-05`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://taraftariumyayin31.pages.dev/
Frame ID: 1A940A535C7E269DF6C4FD1D1E76F858
Requests: 26 HTTP requests in this frame

Frame: https://fram8.pages.dev/channel?id=yayinstar
Frame ID: 5DE8B2E34457CFA573F58B8052AF5418
Requests: 22 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ftaraftariumyayin31.pages.dev
Frame ID: D54670FFD13F9C0F1459640CD40558AE
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.d37472b4a6622d0b1fff46ad904f6896.tr.html
Frame ID: 072DFBD04AD1B9C8D5FE90524674FC28
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yeni Taraftarium24 - Canlı maç izleyin taraftarium 24 ile

Page URL History Show full URLs

http://taraftariumyayin31.pages.dev/ HTTP 307
https://taraftariumyayin31.pages.dev/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

50
Requests

96 %
HTTPS

52 %
IPv6

19
Domains

24
Subdomains

23
IPs

4
Countries

9494 kB
Transfer

11224 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://refpa58351.top/L?tag=d_2776357m_62079c_1stdep&site=2776357&ad=62079&r=bonus/rules/1st
Title: Sponsor : BizBet'e Hemen Üye Ol!

Search URL Search Domain Scan URL

URL: https://x.com/taraftarium24x
Title: Twitter

Search URL Search Domain Scan URL

URL: https://sites.google.com/view/iptvold
Title: IPTV Satış

Search URL Search Domain Scan URL

URL: https://refpa58351.top/L?tag=d_2776357m_62079c_OlympusFS&site=2776357&ad=62079&r=bonus/rules/open_the_gates_of_olympus

Search URL Search Domain Scan URL

URL: https://hdmacizle8.op/

Search URL Search Domain Scan URL

URL: https://t.me/taraftariumgiris

Search URL Search Domain Scan URL

URL: https://twitter.com/taraftarium24x

Search URL Search Domain Scan URL

URL: https://refpa58351.top/L?tag=d_2776357m_62079c_Superlig&site=2776357&ad=62079&r=bonus/rules/turkey-superliga

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://taraftariumyayin31.pages.dev/ HTTP 307
https://taraftariumyayin31.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://github.com/volegol/taraftariumyayin22/blob/main/gameof3.gif?raw=true HTTP 302
https://github.com/volegol/taraftariumyayin22/raw/main/gameof3.gif HTTP 302
https://raw.githubusercontent.com/volegol/taraftariumyayin22/main/gameof3.gif

Request Chain 17

https://fram8.pages.dev/channel.html?id=yayinstar HTTP 308
https://fram8.pages.dev/channel?id=yayinstar

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
taraftariumyayin31.pages.dev/
Redirect Chain

http://taraftariumyayin31.pages.dev/
https://taraftariumyayin31.pages.dev/

63 KB
16 KB

501ms
89ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b774d24cabe7af12020282856dd6eaa8c59dae4b0dde174c76b29702456be81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 823849ad182418b7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 18:58:33 GMT
etag: W/"447e15a0518bdf19d3bc550e35cb5719"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DSuvjqGr0ixHWcSjNE2wHX4idXKBDVTqgF0akydnZSl1UINBVPklswQFkGguCevTLOD6ie2irewvau4V84sS8FpHeixZnDYvbdhb2aMdWUbvlkhfK5MsxtGZHOzSeGDyONJcxtaSWdLvFWEzxpU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://taraftariumyayin31.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 262ms
70ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 18:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 18:13:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 18:58:33 GMT

GET
H2 200 icons8-close-30.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHg8ld0akjLVT6tttZ3wemsl1_O8Tcwg_O0Nv8iYnHIYVu-8NRTjtuE7zGJy9dgwG91ySMBWrfPCAQTY7AfCz9e6RjTDwUv3R-wcmtg7gbWfIe8vD5VfCaVm2XFuDRujLtt2T_RU6iCnKvt4dt... 358 B
463 B 625ms
234ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHg8ld0akjLVT6tttZ3wemsl1_O8Tcwg_O0Nv8iYnHIYVu-8NRTjtuE7zGJy9dgwG91ySMBWrfPCAQTY7AfCz9e6RjTDwUv3R-wcmtg7gbWfIe8vD5VfCaVm2XFuDRujLtt2T_RU6iCnKvt4dt8Mgn3DJqZ1aRe_GAewkwAIGOe-u3YtuZEIq1EgCySg_B/s1600/icons8-close-30.png

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

776a6d67a53f1e96542d335ea425ab04603edfbfedf16be749703df3785651e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v47e"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="icons8-close-30.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 10 Nov 2023 18:58:33 GMT

GET
H2 200 T2444.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZ0wvNWyb1fvxeWWoPwAImz7XhHIQT1hnOmokbYZ5BVtwoTOFIZFKfmnOnKLulCoRbR7PePuAkShtNOVJibfGFE89OMh-M3l26rAFy-V_ornnherSKdOaXJldetZGKGfsYE3RZRb2BQnawxkmG... 4 KB
4 KB 616ms
226ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZ0wvNWyb1fvxeWWoPwAImz7XhHIQT1hnOmokbYZ5BVtwoTOFIZFKfmnOnKLulCoRbR7PePuAkShtNOVJibfGFE89OMh-M3l26rAFy-V_ornnherSKdOaXJldetZGKGfsYE3RZRb2BQnawxkmGwlUTryk7YSrDJEjPa_30QShd33mqA5ECRVHrS6jLStGh/s320/T2444.png

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a34d0fbe27df59bbf679ad3d46cc4651d630e43fd878af36e868df12daa67a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v488"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="T2444.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3680
x-xss-protection: 0
expires: Fri, 10 Nov 2023 18:58:33 GMT

GET
H2 200 icon-isikAc.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipwegFTyBp-vMj6n86VJW_jk5V0CNuT-2PphwyyV4juBXMKMfUC-BIk0oghuRhv4DVJ1hjUKZyAVgytxUidA21I6sf058nrvNjNQjRqwqF1Ha8o8tmGWUbHHDhYCMX_kDEpX1CrdlCM5T130wz... 389 B
515 B 232ms
232ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipwegFTyBp-vMj6n86VJW_jk5V0CNuT-2PphwyyV4juBXMKMfUC-BIk0oghuRhv4DVJ1hjUKZyAVgytxUidA21I6sf058nrvNjNQjRqwqF1Ha8o8tmGWUbHHDhYCMX_kDEpX1CrdlCM5T130wzWCR28Nhff8k6B4npG38DgKD6fKfr8uI735Z5OwfWYYLd/s1600/icon-isikAc.png

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c6d4e547298c923a56c053a7c8b874ba4792cf8459db3a534dd9a578767b568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:34 GMT
x-content-type-options: nosniff
server: fife
etag: "v482"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="icon-isikAc.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 0
expires: Fri, 10 Nov 2023 18:58:34 GMT

GET
H2 200 464gtwm.jpg
i.imgur.com/ 50 KB
50 KB 80ms
21ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/464gtwm.jpg

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b3fa9aee9091ebcf2249eba90b03e084f884d4d301b1a2c15b68f099b386423d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:33 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 3220785
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 51000
x-served-by: cache-iad-kiad7000041-IAD, cache-fra-etou8220083-FRA
last-modified: Sat, 02 Sep 2023 10:39:28 GMT
server: cat factory 1.0
x-timer: S1699556314.914249,VS0,VE1
etag: "ae5e25cd2635b88c1647f9966a12724d"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4wWMSoBequxidp32h0LqNOHxOm0T-T3XYeyoHAndSp7cHxRu5irgIA==
x-cache-hits: 312, 34

GET
H2

200

gameof3.gif
raw.githubusercontent.com/volegol/taraftariumyayin22/main/
Redirect Chain

https://github.com/volegol/taraftariumyayin22/blob/main/gameof3.gif?raw=true
https://github.com/volegol/taraftariumyayin22/raw/main/gameof3.gif
https://raw.githubusercontent.com/volegol/taraftariumyayin22/main/gameof3.gif

186 KB
186 KB

345ms
32ms

Image
image/gif

2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/volegol/taraftariumyayin22/main/gameof3.gif

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

68c69f5cd3899f7db3d20196b66ee3c881675c1a9b59d3cfb3574fa95a2cf07b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-fastly-request-id: e7815ed42043daa2a8fbab18825ddd033f292e42
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 18:58:34 GMT
via: 1.1 varnish
x-cache-hits: 1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 190231
x-xss-protection: 1; mode=block
x-served-by: cache-ams21060-AMS
x-github-request-id: 2270:083C:3D44D70:400821F:654D1542
x-timer: S1699556314.369283,VS0,VE1
etag: W/"5c311cbfe785c778aeeedefc17d161c64fb08b4b12f408ff854658a75674d338"
source-age: 254
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 09 Nov 2023 19:03:34 GMT

Redirect headers

date: Thu, 09 Nov 2023 18:56:53 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: GitHub.com
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.githubcopilot.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events objects-origin.githubusercontent.com *.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ staffwus201resultssa0.blob.core.windows.net/ staffwus201resultssa1.blob.core.windows.net/ prodweu01resultssa0.blob.core.windows.net/ prodweu01resultssa1.blob.core.windows.net/ prodweu01resultssa2.blob.core.windows.net/ prodweu01resultssa3.blob.core.windows.net/ wss://*.actions.githubusercontent.com github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com support.github.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
x-github-request-id: 9120:DD2B:2986A079:2A16AC01:654D2BDA
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options: deny
content-type: text/html; charset=utf-8
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/volegol/taraftariumyayin22/main/gameof3.gif
cache-control: no-cache
content-length: 0
x-xss-protection: 0

GET
H2 200 email-decode.min.js Show response
taraftariumyayin31.pages.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
21ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taraftariumyayin31.pages.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654bb442-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=938sY3wJ47MlPbYnfdb2ykuJB2lHahR9NiNX8i899OoU2O9VQkfTveadd9YyUrb3zqOPA1Jn7Ax8zNFnU9%2B3BEQoyoMXHVQ5akS9g5mgpbqyO0UUf15BK2IlqixSw56ipImCGV8PbL3USbaWNpTO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 823849b329be18b7-FRA
expires: Sat, 11 Nov 2023 18:58:34 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 410ms
13ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 18:58:35 GMT
Content-Encoding: gzip
Age: 757
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (amb/6BC3)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 6392687.png
wallpaperaccess.com/full/ 3 KB
3 KB 391ms
31ms Image
image/webp 172.67.7.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallpaperaccess.com/full/6392687.png

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.7.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9490603bf14cbbfbe1bc8754478a02d8eb24c9b388ba5899506d5ecd53f6aeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
cf-cache-status: HIT
age: 168126
cf-polished: origFmt=png, origSize=4441
content-disposition: inline; filename="6392687.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2860
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Jul 2023 08:06:13 GMT
server: cloudflare
etag: "64b101f5-1159"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 823849bbfcd80e7e-AMS
expires: Thu, 07 Dec 2023 20:16:29 GMT

GET
H3 200 telegram.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjxgC5-EI5HEM1essZT3zTkvc4rEpsPLlnDt3z82u-PFycpaUfB0uU1lmtKzaSa_EP2gSxQartQR4cSF9jhLSWofLjOioxour-4XhMR5qdaFlyuDlTYFu9bv_rmUJRjE950V7ldNwZdMpIW5W1... 979 B
1000 B 297ms
296ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjxgC5-EI5HEM1essZT3zTkvc4rEpsPLlnDt3z82u-PFycpaUfB0uU1lmtKzaSa_EP2gSxQartQR4cSF9jhLSWofLjOioxour-4XhMR5qdaFlyuDlTYFu9bv_rmUJRjE950V7ldNwZdMpIW5W12WR7dbW70lYkgOwADTU2dce44UsYjJjCquqAC4E-EVLh/s1600/telegram.png

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

822fd0329aeecbe83aa957713645f3de1cf2169fd06c7e56c916a648e076f004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v48b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="telegram.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 979
x-xss-protection: 0
expires: Fri, 10 Nov 2023 18:58:35 GMT

GET
H3 200 twitter.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEio5KEhzkCheSd75mHCV0l0y8riD_aieUzmqmRmC4X-KWqaEVb-XAncYKPEYsJqdEpAJErtZ7ANK7qoWoEc8E8c0l-tzXb8pGPNjxxQ1uru2qzwKaPXygLeBaT9ar5rtyXAUA6FGyc2YgoM4JMy... 1002 B
1023 B 296ms
295ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEio5KEhzkCheSd75mHCV0l0y8riD_aieUzmqmRmC4X-KWqaEVb-XAncYKPEYsJqdEpAJErtZ7ANK7qoWoEc8E8c0l-tzXb8pGPNjxxQ1uru2qzwKaPXygLeBaT9ar5rtyXAUA6FGyc2YgoM4JMyEXgoI0pw4tQlkY4VPnwICcJctMkQIQfaYXR2eKWW7y05/s1600/twitter.png

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b19a92dab5be652d0b2694c38e6a607a2ab93dca0e44be18e60f72b9599a5d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v48c"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="twitter.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1002
x-xss-protection: 0
expires: Fri, 10 Nov 2023 18:58:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
91 KB 1052ms
43ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:17:13 GMT
x-content-type-options: nosniff
age: 92482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92629
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 17:17:13 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ 513 KB
139 KB 393ms
45ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1581
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230051-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2mrXgCgS9Uf8ttn3aCdkL6X26xBPnmtaE8rOeKkMeXD6XNvuHZc9CieiO2ONig%2FlVJ4C51PeyyTC0vYR53UT4xkrlJBTD1kyUNwOT5qLafRkY5fUql3xc4hADMjeW%2BPW58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 823849bbea2e3684-FRA

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ 30 KB
11 KB 379ms
32ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39682
x-jsd-version: 0.3.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230055-FRA, cache-yyz4526-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hanoDdwMT2Jj7uE100d4PXW9fb1HAtFmSUkPh36p%2FD2RCCU%2FvKfyvxdSYHVntFWpWXxPf3WomRuQd%2FRdfT4%2BrCB5AlVNz0C2y4Un4GECKr7ZoXLwc3eBuOs7rGaYEq%2Fm55Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 823849bbea313684-FRA

GET
H2 200 o%CC%88rnek%201.gif
raw.githubusercontent.com/volegol/taraftariumyayin15/main/ 35 KB
35 KB 4037ms
4035ms Image
image/gif 2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/volegol/taraftariumyayin15/main/o%CC%88rnek%201.gif

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae3ec420fe85b8dde1d3b38558f47d078e6d63c6f0c447966520e16690ac4b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-fastly-request-id: d12dbf864a3c6e4e3ee4668f7f85e48aa4a23c95
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 18:58:35 GMT
via: 1.1 varnish
x-cache-hits: 1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 35914
x-xss-protection: 1; mode=block
x-served-by: cache-ams21060-AMS
x-github-request-id: EC5A:5E4D:7A287:7DFB4:654CF571
x-timer: S1699556315.160563,VS0,VE1
etag: W/"8d659092fb8e46eb78fbb318ea1826191df0a2b82e92dd531552bec2163a20d5"
source-age: 257
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 09 Nov 2023 19:03:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 386ms
36ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W8H8QN3QWR

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d400f606631ac0f0cd94d566fd96a984075be3590b2fb4ddd21964b64229312c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92800
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 18:58:35 GMT

GET
H2 200 pop.js Show response
taraftariumyayin31.pages.dev/ 2 KB
1 KB 70ms
68ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://taraftariumyayin31.pages.dev/pop.js

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69bce5cc614dd919e569f3e23d433ba1ba895f0fac6c2b4fa83a2a27e57d6a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"91f5b5e93f30bf0d18dcf144f64057a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCuE3kBR1q3LvLckHVLJSuLpphC9kQVcc4QrF%2BWbSOuf%2FH4PkiA4%2FgPR9Po3UcbSVrJaK%2BDwfpb0N8IDBcQEWwlcQpf4sfK3Zgltlxo1LZyzMkjUk6O3enXEcu4dfYxUNfwORyPND0H3Mfm%2BLzKq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 823849b9cba718b7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

channel Show response
fram8.pages.dev/ Frame 5DE8
Redirect Chain

https://fram8.pages.dev/channel.html?id=yayinstar
https://fram8.pages.dev/channel?id=yayinstar

4 KB
2 KB

60ms
59ms

Document
text/html

2606:4700:310c::ac42:2ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fram8.pages.dev/channel?id=yayinstar

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e39d548bd6748adabc59724cfe00ae886bd525b16f10cd19c35e34f5f694c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://taraftariumyayin31.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 823849bb0c549199-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 18:58:35 GMT
etag: W/"eb8fd4dc4ddfad87dacd931635816e88"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwG6IYE0w8sHry9%2FeF8HMf3%2FW5QJPekVHSHgP%2BUyOlXL7UUiSGsu1%2FN0R05alkWhtxDuSc9%2BTmIm4RGZOq9HwKakMiVvwAstxlqYXsl4ytkC%2BQWlSuEYMTvZTR83bRz%2BfbXyeEa%2FztZc66c65Rw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 823849baabe09199-FRA
content-length: 0
date: Thu, 09 Nov 2023 18:58:35 GMT
location: /channel?id=yayinstar
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmnqciW6Cl38KUcuofvQXp%2BsT5kH3z%2Fmwvc3K2POzNuHUArmbsBjjAAr2ml0xzJXkGOXkXVchouKZpJH6ywhWRCUjzMHhxB1NeDEyNtTPDWC4bZauXCqWVfvBQOPLrsqUnn72o0rnIem3ccIPLU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 454ms
42ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://taraftariumyayin31.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 19:40:17 GMT
x-content-type-options: nosniff
age: 256698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 19:40:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 503ms
92ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://taraftariumyayin31.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 261592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 18:18:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 1195ms
784ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://taraftariumyayin31.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 11:32:51 GMT
x-content-type-options: nosniff
age: 458744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 11:32:51 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/clappr/latest/ Frame 5DE8 517 KB
126 KB 54ms
52ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

Requested by

Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 120676
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA
server: cloudflare
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44z%2FxQh5TrnND%2F9ru2TQxLdmAhuV7vue1dRxsgPTB4ab9KJOk1kktID4npMJ1vB0ygWW7K1ddUGsr9%2Bs4nqqe6BCD8yIakacVoQuEmTNKQ15c6LoaA%2BNuGlsgnr3tKJYAxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 823849bc0a493684-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ Frame 5DE8 85 KB
27 KB 368ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 56999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27277
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0kUKYGTp9MHBHSZz%2FlvdOkeAO7nn7PPdIm2aBrDAG%2BXYxog9NtBqHSOh%2FMp2hlAToVsfBJbzsw2UqOhOAhVPVmLu5RDw0nBFs7EEt7yhNIA9i5tJfjRf6%2BypZTBPKwfmvFOFvgEAmfXIHOz8Wx9J3t4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 823849be0f2f65b0-FRA
expires: Tue, 29 Oct 2024 18:58:35 GMT

GET
H2 200 clappr.js Show response
fram8.pages.dev/ Frame 5DE8 9 KB
2 KB 56ms
55ms Script
application/javascript 2606:4700:310c::ac42:2ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fram8.pages.dev/clappr.js

Requested by

Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc16a41c2f9a7cb2259f61375104362a2f35dbd8c00bf5e7a5c50fae93482ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/channel?id=yayinstar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ca496eb09fee6af9986f7121e90e21d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1%2F64dN1J3O1FVb1Y3s2eQZOWQNF0Rx%2By9QslfsxLEi%2FO3o9X4sEz%2Fm9XPTGLF%2BrGFC21YqL7gUxRu%2FP88fGwIVVGQVCgBqzfCzLgnSPpTHP9gPqcORd1EQlUmU3XaFZ3Oj8IVlHurpHFpalU2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 823849bc0d6f9199-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 clappr-chromecast-plugin.min.js Show response
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ Frame 5DE8 25 KB
7 KB 31ms
30ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Requested by

Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13349
x-jsd-version: 0.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA, cache-yyz4543-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcJRCLR2Xr9buwulY7UeuZtUgdgty1RCp5p%2FOa9Z%2B5HibxXBS8Mog8UZAxCRc0ipX1QmibxZdBnE1ZiIbQFDyqsqq6YjKDtJIF551lP7NZOHGrMI8lAnZgGiDjTvvFGYNvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 823849bc0a4a3684-FRA

GET
H2 200 suv4.js Show response
acdcdn.com/script/ Frame 5DE8 196 KB
60 KB 397ms
56ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acdcdn.com/script/suv4.js
Requested by: Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a798b59b5740eb3901359c7b3c59281f15c83845407e5da4acf9da65d1df1c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1639
x-guploader-uploadid: ABPtcPpEgYGzllzdT-4yJJ-8JKSF0Bf-koUC0AHiALOInUbGdPMUYpVsoE4gKIsa1RjNORAMiiB-YEQyIjOXsRozXNYv5A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 14:22:11 GMT
server: cloudflare
etag: W/"8e2e9bb02f5cd29492c039a53f925f4e"
vary: Accept-Encoding
x-goog-hash: crc32c=EjSibg==, md5=ji6bsC9c0pSSwDmlP5JfTg==
x-goog-generation: 1698934931333133
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFu3cPq8OSRfooDlt0X0fqH%2FDm2PBB%2B%2B0TTnZwU8UK41MDtPIpSeFCHLDFybY9eZ%2B16GOoBFL%2BEgpCtsW4vTnsXCt784HR3QWlozXC4TCsCLkGQEgIMFp72a0GuzLgIJnlFr4c%2FZUZ%2BP"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 200322
cf-ray: 823849be2aea5c2c-FRA
expires: Thu, 09 Nov 2023 19:13:57 GMT

GET
H2 200 d.js Show response
waust.at/ Frame 5DE8 14 KB
7 KB 389ms
41ms Script
application/x-javascript 104.26.4.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3506
etag: W/"63c04122-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82d40XRv7TAkYtAKmwmcjCw5AeD4wpcgoQljGN9IKhaN%2BX9y7FKhdTYQ1Poa%2BZuHd4OwEZlHrY1vSkdeb2O08tMe%2FZmoZdHTtOEp6P%2BULQ74pPdnlFqxSdo%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 823849be2c0e6973-FRA
expires: Fri, 10 Nov 2023 18:00:09 GMT

GET
H2 200 logo.png
1.bp.blogspot.com/-SJfGiLdCNaw/W_gy-bcprRI/AAAAAAAAAHE/_glQB999LpwGuCvFzIWq4TbSgNBvvUnRQCK4BGAYYCw/s1600/ 15 KB
15 KB 1170ms
45ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SJfGiLdCNaw/W_gy-bcprRI/AAAAAAAAAHE/_glQB999LpwGuCvFzIWq4TbSgNBvvUnRQCK4BGAYYCw/s1600/logo.png

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

84396e0be4820086ad51c9bb6771fe0b76c9eed882f7fd757bc5fec0b7bd646c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:15:52 GMT
x-content-type-options: nosniff
age: 13364
content-disposition: inline;filename="logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
server: fife
etag: "v72"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 10 Nov 2023 15:15:52 GMT

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame D546 319 KB
104 KB 16ms
16ms Document
text/html 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ftaraftariumyayin31.pages.dev
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B84) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://taraftariumyayin31.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2672770
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Nov 2023 18:58:35 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B84)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 365ms
58ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W8H8QN3QWR&gtm=45je3b81h2v9165996133&_p=1699556315866&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=471723332.1699556316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699556315&sct=1&seg=0&dl=https%3A%2F%2Ftaraftariumyayin31.pages.dev%2F&dt=Yeni%20Taraftarium24%20-%20Canl%C4%B1%20ma%C3%A7%20izleyin%20taraftarium%2024%20ile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3223
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W8H8QN3QWR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 18:58:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://taraftariumyayin31.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D546 869 B
660 B 176ms
129ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d8180fecffcbb4b9260d04b62133f66e874fe357

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Ftaraftariumyayin31.pages.dev

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 109
date: Thu, 09 Nov 2023 18:58:35 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 09 Nov 2023 18:58:36 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: f4d3822d23c2e881
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 3503124b809d4ed863cdbeb93713a1a5176f29aaf5e10b89adcc3135e058c23f
content-length: 337

GET
H/1.1 200
OK button.13c48d2966337fafa1c1eb5533fdf29d.js Show response
platform.twitter.com/js/ 8 KB
3 KB 14ms
14ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 18:58:36 GMT
Content-Encoding: gzip
Age: 2672764
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2617
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (amb/6BC3)
Etag: "def6f3052007521ae22a38b870dfd318+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.d37472b4a6622d0b1fff46ad904f6896.tr.html Show response
platform.twitter.com/widgets/ Frame 072D 38 KB
15 KB 14ms
14ms Document
text/html 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.d37472b4a6622d0b1fff46ad904f6896.tr.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: e87845f2085e32073fbabe082ccd9d81560437305ad1a40ecc7fe2fe8e565d59

Request headers

Referer: https://taraftariumyayin31.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2672612
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14250
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Nov 2023 18:58:36 GMT
Etag: "13cffffb4aa7845f9e55d8c8449943b5+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:16 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC3)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
103 B 128ms
127ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftaraftariumyayin31.pages.dev%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1699556316168%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=d8180fecffcbb4b9260d04b62133f66e874fe357

Requested by

Host: taraftariumyayin31.pages.dev
URL: https://taraftariumyayin31.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 107
date: Thu, 09 Nov 2023 18:58:35 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 09 Nov 2023 18:58:36 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: ee901e46c9f34eeb
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 3503124b809d4ed863cdbeb93713a1a5176f29aaf5e10b89adcc3135e058c23f
content-length: 43

GET
DATA 200
OK truncated
/ Frame 072D 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 suv5.js Show response
acdcdn.com/script/ Frame 5DE8 95 KB
32 KB 130ms
129ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acdcdn.com/script/suv5.js
Requested by: Host: acdcdn.com
URL: https://acdcdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6845e0ebbdda70bfe9caa0cb70d119f78050883c53e088dbdbaf3989e8e2d442

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3063
x-guploader-uploadid: ABPtcPppwltHAD9F7wy4Zh_frvESUhnnGDvoCxUCndnBvfNn7M9ePvHFpMrT7BKpagUHicb9NiIohzp0sbNPO_yyUpfHdg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 14:22:37 GMT
server: cloudflare
etag: W/"226ffbc5dcd8edf0219b2a0a6f19edb9"
vary: Accept-Encoding
x-goog-hash: crc32c=4DeGyw==, md5=Im/7xdzY7fAhmyoKbxntuQ==
x-goog-generation: 1698934956986302
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qs%2BtlbIsyHecQA1ptRU1Ep8EquyxTtHET2Agik0gP%2BTlYPPi8pW9Pc4ztMR4AsEubYBBN%2Be4jMOOLUGW4igylOATFjHVeXWxT1TRXj13r228cUHKizc3UBqnaT87yray%2FijuU8Lstwoi"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97496
cf-ray: 823849c8a90c5c2c-FRA
expires: Thu, 09 Nov 2023 18:11:23 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ Frame 5DE8 32 B
187 B 202ms
159ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=hnxm5b9piu&t=&c=d&x=https%3A%2F%2Ffram8.pages.dev%2Fchannel%3Fid%3Dyayinstar&y=https%3A%2F%2Ftaraftariumyayin31.pages.dev%2F&a=0&v=27&r=9470
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381c42adc0b6a76281d46be3abf43883d408fc47e7e14f6843c6068c25298fcc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 823849c90fd81911-FRA
content-type: text/javascript;charset=UTF-8

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5DE8 4 KB
2 KB 935ms
136ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 18:58:38 GMT

GET
H2 200 load.gif
cdsnnt.pages.dev/ Frame 5DE8 4 KB
0 273ms
119ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdsnnt.pages.dev/load.gif

Requested by

Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:37 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dedecf4a2132c2c220ca95bbeb5a22cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpDJYVEd7c0%2F4alhf%2B0BJNvQo3Xxyvv41Jth0abhsSRMfRG4WuXJi2RJDDlcJeusNgZ%2FB8Y8YRoySppbRXBZ9P0%2Bprj%2FW9f9twqPTconZyVIrW3rrHLXvyvCEqiO%2FWbKNxjpctfbTKtU1BzZl0qT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 823849c9dcea3a90-FRA
alt-svc: h3=":443"; ma=86400
content-length: 980065

GET
H2 200 t244.png
cdsnnt.pages.dev/ Frame 5DE8 15 KB
15 KB 273ms
119ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdsnnt.pages.dev/t244.png

Requested by

Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83dad6577f2fb6e9b595a327c96afb5089430f45c26bb77f4fb85c42b62e5387

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:37 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b6de0e2280e7e838f176089c09b83e77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nc0eR9tPqHhT6dTRgF8FD5dzBYVJ8pGigz%2FAe05m77ciONw5g2b83AAZmMftD0IFqH%2Faw906DHqdAHORpGKd9WeubZbc0BYRlL9apQPiwtrx%2BgBHOBuWk67htUY3C9aUrcATnnZ11IYljYifJ2Qb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 823849c9dced3a90-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15427

GET
H2 200 / Show response
corsproxy.org/ Frame 5DE8 997 B
863 B 403ms
56ms XHR
application/vnd.apple.mpegurl 172.67.143.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corsproxy.org/?https://cakal.click/yayinstar.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72047f77b8447be30f02743c2675e12a41a45a7d00039b652a2a545b31abcdd8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 18:58:37 GMT
server: cloudflare
etag: W/"654d2bdd-3e5"
access-control-max-age: 86400
access-control-allow-methods: CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE, PATCH
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BlEkNOCBfG9ywbSRsiZx%2F6A%2FcGV9EMCz6JSCf9qz1btjITuFbWiKWUNz1lclghmeshQynZmTxm2ltM9N53Zmx7peBvaR1gtx78cUJUQqwg%2BFHtk2wMlfYm57dMvZYHT"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 823849cb2bf4b8d0-AMS
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ Frame 5DE8 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
corsproxy.org/ Frame 5DE8 997 B
486 B 78ms
75ms XHR
application/vnd.apple.mpegurl 172.67.143.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corsproxy.org/?https://cakal.click/yayinstar.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72047f77b8447be30f02743c2675e12a41a45a7d00039b652a2a545b31abcdd8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 18:58:37 GMT
server: cloudflare
etag: W/"654d2bdd-3e5"
access-control-max-age: 86400
access-control-allow-methods: CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE, PATCH
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxcujK9bUOpBf3Elpu89AwYf%2BZ9Q0OItFOjCz6nRA7s%2B0deCzkRIEtDWo9gC75mYwRphQ9e3LcWP4lr5q9DYp9mQb0U5FAinPMBEgHlVaEX5F8bCu%2BbgO%2B02Ya%2FJuO%2Bs"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 823849cb8ca3b8d0-AMS
access-control-allow-headers: *

GET
H2 200 / Show response
corsproxy.org/ Frame 5DE8 2 MB
2 MB 42ms
41ms XHR
application/octet-stream 172.67.143.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corsproxy.org/?https%3A%2F%2Fcakal.click/yayinstar_6024_66394.apk
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c5c5ac2282559cecc2ddbbc0c9d1fe1bdfdea5d2d3079419a99062629856c36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30
alt-svc: h3=":443"; ma=86400
content-length: 2469944
last-modified: Thu, 09 Nov 2023 18:58:07 GMT
server: cloudflare
etag: "654d2bbf-25b038"
vary: Accept-Encoding
access-control-allow-methods: CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE, PATCH
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHCoNAh2goG3mg%2BfMSjuVnOK5JhkibWoc3Y3VK%2Bxb499jou%2F09fVugS4sOPeGjopNBAQ9or8n0LlnxDJlLnvCNG%2BwYWnKahefmgTzGdJyx3xmmDrv7BiXtWWfeTugwot"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
cache-control: max-age=300
access-control-allow-credentials: true
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 823849cb9ca8b8d0-AMS
access-control-allow-headers: *

GET
BLOB 200
OK d4356505-8a0b-49c9-ad50-c0ffb09feefc
https://fram8.pages.dev/ Frame 5DE8 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fram8.pages.dev/d4356505-8a0b-49c9-ad50-c0ffb09feefc
Requested by: Host: fram8.pages.dev
URL: https://fram8.pages.dev/channel?id=yayinstar
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5fb5f5d4d1eb0a7fc0485931d9f1d3b435218621794cf07058cc635195264be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 63944
Content-Type: text/javascript

GET
H2 200 / Show response
corsproxy.org/ Frame 5DE8 1 MB
1 MB 30ms
30ms XHR
application/octet-stream 172.67.143.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corsproxy.org/?https%3A%2F%2Fcakal.click/yayinstar_6024_66395.apk
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4da45d02b931493e09d64f0a8745f523c79657c4e9143c50f3184bb5fe7fbe88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26
alt-svc: h3=":443"; ma=86400
content-length: 1196432
last-modified: Thu, 09 Nov 2023 18:58:12 GMT
server: cloudflare
etag: "654d2bc4-124190"
vary: Accept-Encoding
access-control-allow-methods: CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE, PATCH
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXbne%2F9SVgyzPqyMo9QZXHoMTi7rCK7w8A%2FjDDn2aNpnNwGw3B308ZGXu7JM%2FDzz14FJk1WpTUD8cil3va9k%2B4UJhU8SwVu7POqp6%2F2fkLEoChWD%2BgqSsHUQah1p68zX"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
cache-control: max-age=300
access-control-allow-credentials: true
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 823849cd5ed5b8d0-AMS
access-control-allow-headers: *

GET
H2 200 / Show response
corsproxy.org/ Frame 5DE8 2 MB
2 MB 29ms
29ms XHR
application/octet-stream 172.67.143.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corsproxy.org/?https%3A%2F%2Fcakal.click/yayinstar_6024_66396.apk
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b809aa627089ce308a75cf171985c82602c61ddda3126db77beb3b7ee9c1e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17
alt-svc: h3=":443"; ma=86400
content-length: 2453776
last-modified: Thu, 09 Nov 2023 18:58:20 GMT
server: cloudflare
etag: "654d2bcc-257110"
vary: Accept-Encoding
access-control-allow-methods: CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE, PATCH
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC6%2B%2BpOAmbD4jTxXgT94a7yYDYX%2BKT4XB66xCjELOel3dgUQ60Qj1Vpum%2BgDMlWioOsG5K9hsMPtJJPbmBXfpSO3oYFC5F2TsN9jf4N99ALKlOX%2Bw7ABfqI%2Fp8lcOPLm"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
cache-control: max-age=300
access-control-allow-credentials: true
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 823849cddf78b8d0-AMS
access-control-allow-headers: *

GET
H2 200 / Show response
corsproxy.org/ Frame 5DE8 2 MB
2 MB 31ms
31ms XHR
application/octet-stream 172.67.143.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corsproxy.org/?https%3A%2F%2Fcakal.click/yayinstar_6024_66397.apk
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923e56d2a98fa8b8a77764b08f83af0da92e4f2d76387d86711dbc4604cb03c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9
alt-svc: h3=":443"; ma=86400
content-length: 2422944
last-modified: Thu, 09 Nov 2023 18:58:28 GMT
server: cloudflare
etag: "654d2bd4-24f8a0"
vary: Accept-Encoding
access-control-allow-methods: CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE, PATCH
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRfv6dQFpFOeY7bwEdvf%2FKKU20mtZlBB2t07zkxKjmEDN2gz8eLiEx8GzUQW3yPEkH%2BpVTKrelXwi%2BHrVSQlKHn9Bh0uvuARJp2II8pNCUp9L%2Fgr6mHGRcytqx%2BCtdhk"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: *
cache-control: max-age=300
access-control-allow-credentials: true
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 823849ceb8e8b8d0-AMS
access-control-allow-headers: *

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/119/ Frame 5DE8 50 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/119/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 09 Nov 2023 20:16:41 GMT

GET
H2 200 suurl5.php Show response
youradexchange.com/script/ Frame 5DE8 988 B
1 KB 558ms
205ms Fetch
application/json 172.64.171.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=7295018&chmob=%3F0&cbur=0.46678349117036366&cbiframe=1&cbWidth=730&cbHeight=481&cbtitle=&cbpage=https%3A%2F%2Ftaraftariumyayin31.pages.dev%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&ts=1699556320037&srs=62f8451fb4f97f4220d878edb2700b7d&atv=37.4-sw-suv5
Requested by: Host: acdcdn.com
URL: https://acdcdn.com/script/suv5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.171.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6500ebb00569ba5de41660aaef118748212827c773614a8066af102e1bc6a948

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://fram8.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:58:40 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTMNQHvYVm%2FPUuqIwWPAqvfb7rx6IrPiDQ7CL5ZtE3HCnBi5UsLOsk3rRov%2BPX2ltomhh4qAu0IBERLnJR%2FGGzR%2FBPhGB5venrSjXqJbygMrOyqZ4gvW1N0MbBGqhqgI7HZ1BqQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cf-ray: 823849da7d430a47-AMS
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 36ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W8H8QN3QWR&gtm=45je3b81h2v9165996133&_p=1699556315866&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=471723332.1699556316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699556315&sct=1&seg=0&dl=https%3A%2F%2Ftaraftariumyayin31.pages.dev%2F&dt=Yeni%20Taraftarium24%20-%20Canl%C4%B1%20ma%C3%A7%20izleyin%20taraftarium%2024%20ile&en=scroll&epn.percent_scrolled=90&_et=7&tfd=8233
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W8H8QN3QWR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://taraftariumyayin31.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 18:58:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://taraftariumyayin31.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.taraftariumyayin31.pages.dev/	1970-01-21 01:41:56	Name: _ga Value: GA1.1.471723332.1699556316
			.taraftariumyayin31.pages.dev/	1970-01-21 01:41:56	Name: _ga_W8H8QN3QWR Value: GS1.1.1699556315.1.0.1699556315.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
acdcdn.com
ajax.googleapis.com
blogger.googleusercontent.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cdsnnt.pages.dev
corsproxy.org
fonts.googleapis.com
fonts.gstatic.com
fram8.pages.dev
github.com
i.imgur.com
platform.twitter.com
raw.githubusercontent.com
region1.google-analytics.com
syndication.twitter.com
taraftariumyayin31.pages.dev
wallpaperaccess.com
waust.at
whos.amung.us
www.googletagmanager.com
www.gstatic.com
youradexchange.com
104.16.88.20
104.244.42.72
104.26.4.7
140.82.121.4
142.250.184.200
146.75.120.193
172.64.171.19
172.67.143.41
172.67.7.204
188.114.97.3
192.229.233.25
2001:4860:4802:34::36
2606:4700:10::ac43:88d
2606:4700:310c::ac42:2ca6
2606:4700::6811:190e
2606:50c0:8001::154
2a00:1450:4001:801::200a
2a00:1450:4001:803::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a06:98c1:3120::3
0e39d548bd6748adabc59724cfe00ae886bd525b16f10cd19c35e34f5f694c39
1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2fc16a41c2f9a7cb2259f61375104362a2f35dbd8c00bf5e7a5c50fae93482ea
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
381c42adc0b6a76281d46be3abf43883d408fc47e7e14f6843c6068c25298fcc
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
4a798b59b5740eb3901359c7b3c59281f15c83845407e5da4acf9da65d1df1c9
4c5c5ac2282559cecc2ddbbc0c9d1fe1bdfdea5d2d3079419a99062629856c36
4da45d02b931493e09d64f0a8745f523c79657c4e9143c50f3184bb5fe7fbe88
56b809aa627089ce308a75cf171985c82602c61ddda3126db77beb3b7ee9c1e5
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
6500ebb00569ba5de41660aaef118748212827c773614a8066af102e1bc6a948
6845e0ebbdda70bfe9caa0cb70d119f78050883c53e088dbdbaf3989e8e2d442
68c69f5cd3899f7db3d20196b66ee3c881675c1a9b59d3cfb3574fa95a2cf07b
69bce5cc614dd919e569f3e23d433ba1ba895f0fac6c2b4fa83a2a27e57d6a96
6c6d4e547298c923a56c053a7c8b874ba4792cf8459db3a534dd9a578767b568
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
72047f77b8447be30f02743c2675e12a41a45a7d00039b652a2a545b31abcdd8
776a6d67a53f1e96542d335ea425ab04603edfbfedf16be749703df3785651e3
822fd0329aeecbe83aa957713645f3de1cf2169fd06c7e56c916a648e076f004
83dad6577f2fb6e9b595a327c96afb5089430f45c26bb77f4fb85c42b62e5387
84396e0be4820086ad51c9bb6771fe0b76c9eed882f7fd757bc5fec0b7bd646c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
923e56d2a98fa8b8a77764b08f83af0da92e4f2d76387d86711dbc4604cb03c8
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
a34d0fbe27df59bbf679ad3d46cc4651d630e43fd878af36e868df12daa67a6a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b19a92dab5be652d0b2694c38e6a607a2ab93dca0e44be18e60f72b9599a5d2d
b3fa9aee9091ebcf2249eba90b03e084f884d4d301b1a2c15b68f099b386423d
b5fb5f5d4d1eb0a7fc0485931d9f1d3b435218621794cf07058cc635195264be
b774d24cabe7af12020282856dd6eaa8c59dae4b0dde174c76b29702456be81c
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cae3ec420fe85b8dde1d3b38558f47d078e6d63c6f0c447966520e16690ac4b1
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
d400f606631ac0f0cd94d566fd96a984075be3590b2fb4ddd21964b64229312c
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87845f2085e32073fbabe082ccd9d81560437305ad1a40ecc7fe2fe8e565d59
e9490603bf14cbbfbe1bc8754478a02d8eb24c9b388ba5899506d5ecd53f6aeb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

taraftariumyayin31.pages.dev Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

52 %IPv6

19 Domains

24 Subdomains

23 IPs

4 Countries

9494 kBTransfer

11224 kBSize

2 Cookies

8 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

taraftariumyayin31.pages.dev Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

52 %
IPv6

19
Domains

24
Subdomains

23
IPs

4
Countries

9494 kB
Transfer

11224 kB
Size

2
Cookies

50 HTTP transactions
2 data transactions