updown.mesutates.com Open in urlscan Pro
2a02:4780:b:1347:0:38ff:18db:2  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

• https://adx.adform.net/adx/?rp=4&bWlkPTEzODgyMjY%3D&callback=adf__l8tuTMeHhlxWG53EOWwM HTTP 302
• https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTEzODgyMjY%3D&callback=adf__l8tuTMeHhlxWG53EOWwM

Request Chain 43

• https://iq.reklamselfie.com/585ce73218044 HTTP 302
• https://bank.reklamstore.com/rs.js

Request Chain 45

• https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbank.reklamstore.com%2Fanx.php%3Fuid%3D%24UID HTTP 302
• https://bank.reklamstore.com/anx.php?uid=5481898223849003008

Request Chain 47

• https://dmp.adform.net/serving/cookie/match?party=1068 HTTP 302
• https://dmp.adform.net/serving/cookie/match?CC=1&party=1068 HTTP 302
• https://bank.reklamstore.com/adform.php?uid=2088942355797256825

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response updown.mesutates.com/	14 KB 5 KB	485ms 149ms	Document text/html	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/8.1.27 Resource Hash 83ec40ad0ca963d470630e349112c6e29a81db55e59b89d3bd11e9c488b43429 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sun, 23 Jun 2024 20:02:24 GMT platform hostinger server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.1.27
GET H2	200	mobirise-icons.css updown.mesutates.com/assets/web/assets/mobirise-icons/	7 KB 2 KB	155ms 153ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/web/assets/mobirise-icons/mobirise-icons.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 7e4bef0411e315409d57f6290b7764ec7de88cbbed6ee613899fc22841a41829 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:30 GMT server LiteSpeed etag "1da7-6236e806-db8b4d7ad77d6c32;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1374 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	tether.min.css updown.mesutates.com/assets/tether/	237 B 321 B	156ms 154ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/tether/tether.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:18 GMT server LiteSpeed etag "ed-6236e7fa-bc259debbeb8cd4e;;;" content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 237 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	bootstrap.min.css updown.mesutates.com/assets/bootstrap/css/	141 KB 18 KB	156ms 154ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/bootstrap/css/bootstrap.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 485e24072723b03d3452bbf93b3d3bc525d6501a9ac3cae705c5d9cd67b9cb9b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:21 GMT server LiteSpeed etag "235ed-6236e7fd-48c088d11e04b363;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 18177 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	bootstrap-grid.min.css updown.mesutates.com/assets/bootstrap/css/	33 KB 3 KB	297ms 295ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/bootstrap/css/bootstrap-grid.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a90198156fe0348676ade92621c0c8a7bd27253d16c02394aa64e8892896cdb2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:20 GMT server LiteSpeed etag "85c3-6236e7fc-dbdf6be8b0f29c54;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 2865 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	bootstrap-reboot.min.css updown.mesutates.com/assets/bootstrap/css/	4 KB 1 KB	298ms 297ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/bootstrap/css/bootstrap-reboot.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a73eb8489f6f9d693286d3a8ee6b6239e916b85a3b608197af35e31256337160 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:19 GMT server LiteSpeed etag "f60-6236e7fb-cee94fc77132dddb;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1354 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	style.css updown.mesutates.com/assets/dropdown/css/	8 KB 2 KB	299ms 298ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/dropdown/css/style.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 38892acc026f0badcbb38eb0b148470f4e57821ae04c892a2cee50b5e0968d35 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:22 GMT server LiteSpeed etag "1f2e-6236e7fe-a1d120b151907fc7;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1528 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	styles.css updown.mesutates.com/assets/socicon/css/	9 KB 2 KB	300ms 298ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/socicon/css/styles.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 6a12cbbf9bdb4a5672d9821632cb5db3c88b2defb3d25122df85c3fc8067cfa1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:26 GMT server LiteSpeed etag "23b8-6236e802-c606c3b87cd03ffa;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1665 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	animate.min.css updown.mesutates.com/assets/animatecss/	52 KB 4 KB	301ms 299ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/animatecss/animate.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 26a8c9b8f82d207d18092437cee9f7204ffbc43336b6fb5278aa0fcbbe6f5343 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:16 GMT server LiteSpeed etag "ce35-6236e7f8-eb14180170989a09;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 3719 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	style.css updown.mesutates.com/assets/theme/css/	9 KB 2 KB	301ms 300ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/theme/css/style.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9d95dafb5abb5b65d069ab8a3882850f65ed9256a513008d8cffa2a59b5d5e63 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 21:06:47 GMT server LiteSpeed etag "238c-62379767-19441a8584f80ffb;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 2101 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	mbr-additional.css updown.mesutates.com/assets/mobirise/css/	81 KB 6 KB	302ms 300ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/mobirise/css/mbr-additional.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash dbdd7d5d76683ca8875b4384c6e70f05d1c22cfb8754a7f02632e9379baa3ddb Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:25 GMT server LiteSpeed etag "14277-6236e801-dada24cbb87fb766;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6544 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.0.10/css/	36 KB 9 KB	257ms 232ms	Stylesheet text/css	2606:4700:3036::6815:1b98 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.10/css/all.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Origin https://updown.mesutates.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding zstd cf-cache-status MISS last-modified Fri, 22 Sep 2023 01:44:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d1acb8ad33b1526acbfd3f0028b859b0" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czpfBnK8wYHHfBLrJdUtQ%2FXbxxUVY3U17smseQB%2FQgsTe1B%2FvBjvl9fGFhFvk2a0o1XmBf4aNmumcSQ84UGpcXl2%2Bh15Q9BcNKpSAHPLzOEnVTPxm%2Fu5kjXd2c8PTll9snj3f60IrHWtIZWDB7reIio8"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 8987135a3f6a377c-FRA alt-svc h3=":443"; ma=86400
GET H2	200	miniowlfavicon.png updown.mesutates.com/assets/images/	4 KB 4 KB	309ms 308ms	Image image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://updown.mesutates.com/assets/images/miniowlfavicon.png Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f3a3b9379b73420579fd1f97e47c9e18f828368244706cf4beae6223b2f253e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:17 GMT server LiteSpeed etag "1023-6236e7f9-5996fc33371e0e51;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4131 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	updownlogo9.png updown.mesutates.com/assets/images/	6 KB 6 KB	310ms 309ms	Image image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://updown.mesutates.com/assets/images/updownlogo9.png Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash cb46fa56ebca90eff1fc1a0a2cd454df031fc40ef36350be76797a70f2470745 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-security-policy upgrade-insecure-requests last-modified Fri, 10 Nov 2023 14:04:58 GMT server LiteSpeed etag "18db-654e388a-f1a975c813db9bb0;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6363 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	reklamstore.js Show response adserver.reklamstore.com/	94 KB 29 KB	79ms 14ms	Script application/javascript	2600:9000:21c7:e400:1c:4bbb:9180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserver.reklamstore.com/reklamstore.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21c7:e400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e1e7d359cb19925707d24195b70023cc4f35bfc3b47b3135ebdcf30245030da9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 00:34:13 GMT content-encoding gzip via 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront) last-modified Wed, 01 Nov 2023 12:25:08 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 age 70093 etag "ddf6350dc1c4386d4af4587f5ad31d31" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript content-length 28991 x-amz-cf-id nSrNFOz--q0SB6K4GoSPDq4orIenu-_aKl3JIfpc8sU9pf8rhGGwLw==
GET H2	200	fav.png updown.mesutates.com/assets/images/	6 KB 6 KB	424ms 423ms	Image image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://updown.mesutates.com/assets/images/fav.png Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 5d6ebf00d2ee81242ae023f39b18c8eb5b44cd5e7fe38b29ab936f30bf25b616 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:16 GMT server LiteSpeed etag "1693-6236e7f8-f9ee84d26dd3263;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 5779 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	jquery.min.js Show response updown.mesutates.com/assets/web/assets/jquery/	94 KB 31 KB	424ms 423ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/web/assets/jquery/jquery.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash c3a6743c2592879fb9cb5d45776a337b72c5c8ad544de956a2d27a7ddcbafd23 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:30 GMT server LiteSpeed etag "176bb-6236e806-f3a11ce3372b4b7c;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 32089 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	popper.min.js Show response updown.mesutates.com/assets/popper/	19 KB 6 KB	424ms 423ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/popper/popper.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:18 GMT server LiteSpeed etag "4a32-6236e7fa-f62d80defbc6381c;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6520 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	tether.min.js Show response updown.mesutates.com/assets/tether/	23 KB 6 KB	424ms 423ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/tether/tether.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:19 GMT server LiteSpeed etag "5ab1-6236e7fb-9f1566805a4cd885;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6550 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	bootstrap.min.js Show response updown.mesutates.com/assets/bootstrap/js/	48 KB 12 KB	425ms 424ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/bootstrap/js/bootstrap.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 04f3b18e866852d8d98ea7dfabb1296d7865cb7fa45443de64d1d0640654462b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:22 GMT server LiteSpeed etag "bf30-6236e7fe-78315ec82a68f508;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 12434 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	smooth-scroll.js Show response updown.mesutates.com/assets/smoothscroll/	21 KB 6 KB	425ms 424ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/smoothscroll/smooth-scroll.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash ceb391aa23e91caa4f9cb02a989023bc7fdfb22da727ee9d390363360810468a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:18 GMT server LiteSpeed etag "541d-6236e7fa-314a5d0c64358de1;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6125 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	script.min.js Show response updown.mesutates.com/assets/dropdown/js/	9 KB 3 KB	425ms 424ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/dropdown/js/script.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 73b166cd63024c943ecbdd71e7503a0f5ede703c07ee5cc7431f50851938d859 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:22 GMT server LiteSpeed etag "25b5-6236e7fe-87e289a7e00b686c;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 3162 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	jquery.viewportchecker.js Show response updown.mesutates.com/assets/viewportchecker/	3 KB 1 KB	425ms 424ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/viewportchecker/jquery.viewportchecker.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 93cae82f0eaa9f66db4b0ab8dfff9f4b39aec0a60a58464bab54ccaa59322ac9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:19 GMT server LiteSpeed etag "d7e-6236e7fb-f67f0499b3d49d0f;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1223 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	social-likes.js Show response updown.mesutates.com/assets/sociallikes/	22 KB 5 KB	425ms 424ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/sociallikes/social-likes.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash b9049a7c32f217f75c5b42d241840b4e6da5843f03d2cf0df9a8dbb679c2360f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:18 GMT server LiteSpeed etag "59f2-6236e7fa-f2cd7fd020cb7e56;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 5105 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	jquery.touch-swipe.min.js Show response updown.mesutates.com/assets/touchswipe/	20 KB 5 KB	425ms 425ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/touchswipe/jquery.touch-swipe.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a94d0ed5ed164442aea3586996b00ac880703aaacc547618cf83dd1440bd6d9b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:19 GMT server LiteSpeed etag "4fbc-6236e7fb-c3d92c118d8c833e;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4857 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	script.js Show response updown.mesutates.com/assets/theme/js/	40 KB 8 KB	425ms 425ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/theme/js/script.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 4ce9892393079095dc73c9a293db58797775c83f99359ae8f78dd748eae34f45 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:29 GMT server LiteSpeed etag "a014-6236e805-d81f32ca2b77e374;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 8129 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	css fonts.googleapis.com/	19 KB 1 KB	38ms 16ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Exo:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/assets/mobirise/css/mbr-additional.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bd2d50add9f89be07414d3d4a1f65f8582d399db8bba8d40c4066dc55051a16d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 23 Jun 2024 20:02:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 23 Jun 2024 20:02:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 23 Jun 2024 20:02:25 GMT
GET H2	200	4UaOrEtFpBISc36j.woff2 fonts.gstatic.com/s/exo/v21/	21 KB 21 KB	42ms 9ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/exo/v21/4UaOrEtFpBISc36j.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Exo:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 533560ab5ad5c4f2c81404249e7277e57c2ea8e434b5a4965932d93ad5fc56d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://updown.mesutates.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:55:13 GMT x-content-type-options nosniff age 450432 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21400 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:48:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:55:13 GMT
GET H2	200	4UaOrEtFpBISfX6jyDM.woff2 fonts.gstatic.com/s/exo/v21/	18 KB 18 KB	48ms 16ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/exo/v21/4UaOrEtFpBISfX6jyDM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Exo:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8dec1b72207c6622b555e3c1a395965cfb651cfc5e48ee8bcd8d4fca56de3d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://updown.mesutates.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 19:32:58 GMT x-content-type-options nosniff age 174567 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18652 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:02:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Jun 2025 19:32:58 GMT
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	128 KB 41 KB	78ms 27ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 6604d8fb32714d8a30eb27f014ea9e6b57bb6a709f5130cace784a32ec08fbac Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Mon, 03 Jun 2024 10:49:47 GMT server nginx etag W/"665d9fcb-1ff33" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 24 Jun 2024 20:02:25 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	402 KB 138 KB	84ms 29ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140633 x-xss-protection 0 expires Sun, 23 Jun 2024 20:02:25 GMT
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/	321 B 621 B	121ms 18ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1106074 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash c495a326a3b2ffc28397a6fa75c1568b55c0f628cd964c7b9ef87698538f5fe4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 19:59:25 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Vary Accept-Encoding Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H2	200	gtm.js Show response www.googletagmanager.com/	188 KB 68 KB	64ms 40ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d74220380eecdeb6e3f64bf1afce22bb5e3c2ad04363c9c42187300ebc68e47a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69658 x-xss-protection 0 last-modified Sun, 23 Jun 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 23 Jun 2024 20:02:25 GMT
GET H/1.1	200 OK	sync x.bidswitch.net/	43 B 235 B	70ms 17ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=reklamstore Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 20:02:25 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/	341 B 630 B	138ms 32ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1106215 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 02a5dbcd9d6b1e8f176d1fa962708f8017bdafda3b9d1d6fcde2f732ae2d59b0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 19:59:25 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Vary Accept-Encoding Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H3	200	socicon.woff updown.mesutates.com/assets/socicon/fonts/	38 KB 38 KB	156ms 156ms	Font application/font-woff	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/socicon/fonts/socicon.woff Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/assets/socicon/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 165def3c7a5c82e6cd701ad9039f39b537e6e2e748948a4c54d70ed47d0d27f3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/assets/socicon/css/styles.css Origin https://updown.mesutates.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:29 GMT server LiteSpeed etag "972c-6236e805-5283f75b4fedb33e;;;" content-type application/font-woff accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 38700
GET H/1.1	200 OK	init.js Show response bank.reklamstore.com/	125 KB 28 KB	86ms 22ms	Script application/javascript	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/init.js?v1 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash 335307bba2d64acd4100f452edc081670f7e4539a175ac1c8bdf93123bc73fae Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 19:50:16 GMT Content-Encoding gzip Last-Modified Wed, 10 Jan 2018 13:16:00 GMT Server nginx/1.14.0 Etag eccbc87e4b5ce2fe28308fd9f2a7baf3 Vary Accept-Encoding P3P policyref="http://bank.reklamstore.com/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Access-Control-Allow-Credentials true X-Upstream 10.135.39.102:80 Connection keep-alive Content-Length 27844 Expires Sun, 23 Jun 2024 21:02:25 GMT
POST H2	200	prebid Show response ib.adnxs.com/ut/v2/	152 B 845 B	74ms 24ms	XHR application/json	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash b2029c1ff066b995ff6442c7ab0ba4c62c4bfa7a4afb905431a71ba825f0dea0 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 23 Jun 2024 20:02:25 GMT an-x-request-uuid 576ef800-6b0f-4c4f-8e54-06fd5658a6db server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://updown.mesutates.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 45.141.152.72; 45.141.152.72; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 152 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Redirect Chain https://adx.adform.net/adx/?rp=4&bWlkPTEzODgyMjY%3D&callback=adf__l8tuTMeHhlxWG53EOWwM https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTEzODgyMjY%3D&callback=adf__l8tuTMeHhlxWG53EOWwM	33 B 711 B	181ms 181ms	Script text/javascript	37.157.3.26 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTEzODgyMjY%3D&callback=adf__l8tuTMeHhlxWG53EOWwM Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Server 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 5c495f98f84d7644c8065fe48178286cdfd89d289b0ac3647eaf402775167228 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 23 Jun 2024 20:02:25 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" pragma no-cache server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Sun, 23 Jun 2024 20:02:25 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" location https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTEzODgyMjY%3D&callback=adf__l8tuTMeHhlxWG53EOWwM access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/	4 KB 2 KB	110ms 44ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=caa22d83be694fdd814eb0dd19de0cdf&ufid=l8tuTMeHhlxWG53EOWwM&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__l8tuTMeHhlxWG53EOWwM&ref=updown.mesutates.com&_=1719172945490&crtg=-1 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 7a0f48ae2924e7cbfc666aa146241de9cf317beb8cc3c6e098149eb43d2b71a6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 19:59:26 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Connection keep-alive
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/	0 183 B	58ms 15ms	XHR text/plain	185.184.8.90 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY), Reverse DNS ip-185-184-8-90.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://updown.mesutates.com date Sun, 23 Jun 2024 20:02:25 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
GET H3	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	15 B 40 B	71ms 42ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fupdown.mesutates.com%2F Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 x-xss-protection 0 expires Sun, 23 Jun 2024 20:02:25 GMT
GET H3	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	15 B 0	72ms 72ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fupdown.mesutates.com%2F Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 x-xss-protection 0 expires Sun, 23 Jun 2024 20:02:25 GMT
GET H2	200	syncframe gum.criteo.com/ Frame AB0E	0 0	52ms 15ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=updown.mesutates.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 20:02:24 GMT server Kestrel server-processing-duration-in-ticks 292190 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
GET H/1.1	200 OK	rs.js Show response bank.reklamstore.com/ Redirect Chain https://iq.reklamselfie.com/585ce73218044 https://bank.reklamstore.com/rs.js	24 B 378 B	9ms 8ms	Script application/javascript	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/rs.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash 9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 23 Jun 2024 19:50:17 GMT Last-Modified Tue, 21 Feb 2017 07:13:43 GMT Server nginx/1.14.0 ETag "18-549051ec0ae13" Content-Type application/javascript Access-Control-Allow-Origin * X-Upstream 10.135.15.5:80 Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Content-Length 24 Redirect headers Location https://bank.reklamstore.com/rs.js Date Sun, 23 Jun 2024 20:01:19 GMT Server openresty/1.11.2.2 Connection keep-alive Content-Length 167 Content-Type text/html
GET H/1.1	200 OK	pixel Show response ps.eyeota.net/	1 KB 2 KB	53ms 9ms	Script text/plain	3.120.214.218 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=66787f5186cd9 Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-214-218.eu-central-1.compute.amazonaws.com Software / Resource Hash 99cb75c553dcb84d96e0cb423d49fd92c8c9fd301581c3c3a14d3663238b91a0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 20:02:25 GMT Content-Length 1331 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200 OK	anx.php Show response bank.reklamstore.com/ Redirect Chain https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbank.reklamstore.com%2Fanx.php%3Fuid%3D%24UID https://bank.reklamstore.com/anx.php?uid=5481898223849003008	41 B 440 B	9ms 9ms	Script text/javascript	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/anx.php?uid=5481898223849003008 Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash f666408525f406511bcef96db79a9c076cf5ab1f148eb65980268803f7916581 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 23 Jun 2024 19:50:17 GMT Server nginx/1.14.0 Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * X-Upstream 10.135.39.102:80 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 41 Redirect headers pragma no-cache date Sun, 23 Jun 2024 20:02:25 GMT an-x-request-uuid 854b0da5-f26e-4eac-9168-0b303a39c654 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://bank.reklamstore.com/anx.php?uid=5481898223849003008 x-proxy-origin 45.141.152.72; 45.141.152.72; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel Show response cm.g.doubleclick.net/	170 B 409 B	70ms 21ms	Script image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 20:02:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	adform.php Show response bank.reklamstore.com/ Redirect Chain https://dmp.adform.net/serving/cookie/match?party=1068 https://dmp.adform.net/serving/cookie/match?CC=1&party=1068 https://bank.reklamstore.com/adform.php?uid=2088942355797256825	41 B 440 B	22ms 22ms	Script text/javascript	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/adform.php?uid=2088942355797256825 Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash d4c76edbe9d4e49e2ddf9b7e5e9ff18a7a515b92459452ade867edce206c2a1e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 23 Jun 2024 19:50:17 GMT Server nginx/1.14.0 Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * X-Upstream 10.135.39.102:80 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 41 Redirect headers pragma no-cache date Sun, 23 Jun 2024 20:02:25 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://bank.reklamstore.com/adform.php?uid=2088942355797256825 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	404	px.js p.cpx.to/p/12475/	0 0	114ms 33ms	Script text/plain	52.49.242.239 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.cpx.to/p/12475/px.js Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.242.239 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-242-239.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-length 0
GET H2	200	fltiu.js Show response pixel.yabidos.com/	2 KB 1 KB	76ms 40ms	Script text/javascript	104.16.94.102 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=51196&s=updown.mesutates.com&x=rekmob&nci=&adtg=caa22d83be694fdd814eb0dd19de0cdf&nai=&si=44042&pn=&h=60&w=468&bp=&pp=&ci=&ip=45.141.152.72&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.102 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 22 Apr 2024 13:48:57 GMT server cloudflare age 4514 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 8987135e4b4d35e4-FRA content-length 1168 expires Sun, 23 Jun 2024 22:02:25 GMT
GET H/1.1	200 OK	pixel Show response ps.eyeota.net/	0 344 B	12ms 12ms	Script text/plain	3.120.214.218 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=66787f5186cd9&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1&c_e= Requested by Host: ps.eyeota.net URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=66787f5186cd9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-214-218.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 20:02:25 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H2	200	flimpobj.js Show response pixel.yabidos.com/	31 KB 24 KB	50ms 28ms	Script text/javascript	104.16.94.102 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1719172945681&ver1=2.2.3&qid=230383f5530383f5434353&rnd=peppo0sdlxy6&cid=544 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=51196&s=updown.mesutates.com&x=rekmob&nci=&adtg=caa22d83be694fdd814eb0dd19de0cdf&nai=&si=44042&pn=&h=60&w=468&bp=&pp=&ci=&ip=45.141.152.72&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.102 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 22 Apr 2024 13:48:57 GMT server cloudflare age 4544 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 8987135eabdf35e4-FRA content-length 24223 expires Sun, 23 Jun 2024 22:02:25 GMT
POST H/1.1	200 OK	store.php Show response bank.reklamstore.com/	0 263 B	46ms 12ms	XHR text/html	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/store.php Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 23 Jun 2024 19:50:17 GMT Server nginx/1.14.0 Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * X-Upstream 10.135.39.102:80 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H2	200	nflrc.gif pre.glotgrx.com/	26 B 231 B	55ms 24ms	Image image/gif	2606:4700::6811:faa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1719172945755540&ver=1.2r81&qid=230383f5530383f5434353&p=51196&s=updown.mesutates.com&x=rekmob&cid=544&od1=&od2=&adtg=caa22d83be694fdd814eb0dd19de0cdf&nci=&nai=&si=44042&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=peppo0sdlxy6&impid=&idl=&ttduid=&id5=&emh=&tps=36&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&os=&mm=&di=&ip=45.141.152.72&ci=&pp=&bp=&w=468&h=60&pn=&1=a20eb2cbf3b906c51780af7988f06888&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22PDF%2520Viewer%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%222%22%3A%22Chromium%2520PDF%2520Viewer%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%223%22%3A%22Microsoft%2520Edge%2520PDF%2520Viewer%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%224%22%3A%22WebKit%2520built-in%2520PDF%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=1600x1200&atf=&dbgcid=544&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=33&icp=https%253A//updown.mesutates.com/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-20-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-133-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22x86%22,%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22Win32%22,%22platformVersion%22:%2210.0.0%22,%22uaFullVersion%22:%22126.0.6478.114%22}&fli=&flerr=0&trim=&fio=18 Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT cf-cache-status HIT last-modified Wed, 06 Mar 2024 03:04:14 GMT server cloudflare age 5333 vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 8987135f5cd55b5c-FRA content-length 26 expires Sun, 23 Jun 2024 22:02:25 GMT
GET H2	200	miniowlfavicon.png updown.mesutates.com/assets/images/	4 KB 0	0ms 0ms	Other image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/images/miniowlfavicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f3a3b9379b73420579fd1f97e47c9e18f828368244706cf4beae6223b2f253e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:17 GMT server LiteSpeed etag "1023-6236e7f9-5996fc33371e0e51;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4131 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	miniowlfavicon.png updown.mesutates.com/assets/images/	4 KB 0	0ms 0ms	Other image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/images/miniowlfavicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f3a3b9379b73420579fd1f97e47c9e18f828368244706cf4beae6223b2f253e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:25 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:17 GMT server LiteSpeed etag "1023-6236e7f9-5996fc33371e0e51;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4131 expires Sun, 30 Jun 2024 20:02:25 GMT
GET H2	200	vbl.gif pre.glotgrx.com/	26 B 133 B	18ms 18ms	Image image/gif	2606:4700::6811:faa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1719172946765&rnd=peppo0sdlxy6&ifm=0&uai=1&cid=544&s=updown.mesutates.com&p=51196&x=rekmob&adtg=caa22d83be694fdd814eb0dd19de0cdf&ats=1600x1200&atf=&nsi=&si=44042&nci=&nai=&pft=0&iip=172.17.0.16&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//updown.mesutates.com/&impid=&idl=&ttduid=&id5=&emh= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 20:02:26 GMT cf-cache-status HIT last-modified Wed, 06 Mar 2024 03:04:14 GMT server cloudflare age 5669 vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 898713655b305b5c-FRA content-length 26 expires Sun, 23 Jun 2024 22:02:26 GMT
GET H/1.1	200 OK	425ed8a5b36d4914aa298c1aa1835fdc adimg.rekmob.com/ Frame E32C	23 KB 23 KB	54ms 9ms	Image image/jpeg	18.66.102.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/425ed8a5b36d4914aa298c1aa1835fdc Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.102.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-72.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 9e5eaec74a8d2c88fd80c34040c61e97f366402c2fe8dc8ef6a1b3fd2e9a3c5d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 07:17:11 GMT Via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) Last-Modified Wed, 20 May 2020 15:52:55 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-P2 Age 45917 ETag "373bb0579268fdc61771542229bc3701" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive Content-Length 23144 X-Amz-Cf-Id yAhsdHRXB5_4Tz6R7d7uc7AlT8DFkoUAYD3x58AL8wq9QXvZ8Cad-A==
GET H/1.1	200 OK	imp ads.rekmob.com/m/ Frame E32C	2 B 179 B	22ms 21ms	Image image/avif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/m/imp?uid=caa22d83be694fdd814eb0dd19de0cdf&udid=3629aa724ea542708cd3b5b6721a1057&rid=NjY3ODdmNTEwY2YyYjRhYjA3ZDQ5MDg1&adId=MTM1OQ== Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 19:59:27 GMT Server nginx/1.9.6 Connection keep-alive X-Code DE Content-Length 2 Content-Type image/avif;charset=ISO-8859-1
GET H/1.1	200 OK	rs-b.png adimg.rekmob.com/logos/ Frame E32C	471 B 911 B	51ms 7ms	Image image/png	18.66.102.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/logos/rs-b.png Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.102.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-72.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 06:22:29 GMT Via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) Last-Modified Thu, 26 Jul 2018 10:20:15 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-P2 Age 49209 ETag "5965d59f86a925e809f20a75e26c9d0c" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Content-Length 471 X-Amz-Cf-Id AgUxr6pZCtsWjjgclpZie4Z9VyJTygusVHVv5vm0pF1eJxo6iWM7-A==