updown.mesutates.com Open in urlscan Pro
2a02:4780:b:1347:0:38ff:18db:2  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

• https://adx.adform.net/adx/?rp=4&bWlkPTEzODgyMjY%3D&callback=adf__JC8DOODlU33o7isAnFws HTTP 302
• https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTEzODgyMjY%3D&callback=adf__JC8DOODlU33o7isAnFws

Request Chain 45

• https://iq.reklamselfie.com/585ce73218044 HTTP 302
• https://bank.reklamstore.com/rs.js

Request Chain 47

• https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbank.reklamstore.com%2Fanx.php%3Fuid%3D%24UID HTTP 302
• https://bank.reklamstore.com/anx.php?uid=2518320743541467700

Request Chain 49

• https://dmp.adform.net/serving/cookie/match?party=1068 HTTP 302
• https://dmp.adform.net/serving/cookie/match?CC=1&party=1068 HTTP 302
• https://bank.reklamstore.com/adform.php?uid=4515660207610626510

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response updown.mesutates.com/	14 KB 5 KB	446ms 149ms	Document text/html	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/8.1.27 Resource Hash 7ac3ed77e5c039fea64d996de89522cdf6022ea8080fdaf78bd8ed00d47e3e28 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sun, 23 Jun 2024 04:57:20 GMT platform hostinger server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.1.27
GET H2	200	mobirise-icons.css updown.mesutates.com/assets/web/assets/mobirise-icons/	7 KB 1 KB	147ms 145ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/web/assets/mobirise-icons/mobirise-icons.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 7e4bef0411e315409d57f6290b7764ec7de88cbbed6ee613899fc22841a41829 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:30 GMT server LiteSpeed etag "1da7-6236e806-db8b4d7ad77d6c32;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1374 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	tether.min.css updown.mesutates.com/assets/tether/	237 B 321 B	148ms 146ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/tether/tether.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:18 GMT server LiteSpeed etag "ed-6236e7fa-bc259debbeb8cd4e;;;" content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 237 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	bootstrap.min.css updown.mesutates.com/assets/bootstrap/css/	141 KB 18 KB	149ms 147ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/bootstrap/css/bootstrap.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 485e24072723b03d3452bbf93b3d3bc525d6501a9ac3cae705c5d9cd67b9cb9b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:21 GMT server LiteSpeed etag "235ed-6236e7fd-48c088d11e04b363;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 18177 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	bootstrap-grid.min.css updown.mesutates.com/assets/bootstrap/css/	33 KB 3 KB	292ms 290ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/bootstrap/css/bootstrap-grid.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a90198156fe0348676ade92621c0c8a7bd27253d16c02394aa64e8892896cdb2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:20 GMT server LiteSpeed etag "85c3-6236e7fc-dbdf6be8b0f29c54;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 2865 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	bootstrap-reboot.min.css updown.mesutates.com/assets/bootstrap/css/	4 KB 1 KB	295ms 294ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/bootstrap/css/bootstrap-reboot.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a73eb8489f6f9d693286d3a8ee6b6239e916b85a3b608197af35e31256337160 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:19 GMT server LiteSpeed etag "f60-6236e7fb-cee94fc77132dddb;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1354 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	style.css updown.mesutates.com/assets/dropdown/css/	8 KB 2 KB	296ms 295ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/dropdown/css/style.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 38892acc026f0badcbb38eb0b148470f4e57821ae04c892a2cee50b5e0968d35 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:22 GMT server LiteSpeed etag "1f2e-6236e7fe-a1d120b151907fc7;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1528 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	styles.css updown.mesutates.com/assets/socicon/css/	9 KB 2 KB	297ms 295ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/socicon/css/styles.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 6a12cbbf9bdb4a5672d9821632cb5db3c88b2defb3d25122df85c3fc8067cfa1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:26 GMT server LiteSpeed etag "23b8-6236e802-c606c3b87cd03ffa;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1665 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	animate.min.css updown.mesutates.com/assets/animatecss/	52 KB 4 KB	298ms 297ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/animatecss/animate.min.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 26a8c9b8f82d207d18092437cee9f7204ffbc43336b6fb5278aa0fcbbe6f5343 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:16 GMT server LiteSpeed etag "ce35-6236e7f8-eb14180170989a09;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 3719 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	style.css updown.mesutates.com/assets/theme/css/	9 KB 2 KB	299ms 298ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/theme/css/style.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9d95dafb5abb5b65d069ab8a3882850f65ed9256a513008d8cffa2a59b5d5e63 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 21:06:47 GMT server LiteSpeed etag "238c-62379767-19441a8584f80ffb;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 2101 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	mbr-additional.css updown.mesutates.com/assets/mobirise/css/	81 KB 6 KB	300ms 299ms	Stylesheet text/css	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/mobirise/css/mbr-additional.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash dbdd7d5d76683ca8875b4384c6e70f05d1c22cfb8754a7f02632e9379baa3ddb Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:25 GMT server LiteSpeed etag "14277-6236e801-dada24cbb87fb766;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6544 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.0.10/css/	36 KB 8 KB	187ms 170ms	Stylesheet text/css	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.10/css/all.css Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Origin https://updown.mesutates.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br cf-cache-status MISS last-modified Fri, 22 Sep 2023 01:44:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d1acb8ad33b1526acbfd3f0028b859b0" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERYXcMsAoKEXixwqPtsJvnwMUwpXafm40qYgSczRnm1KGcCn3liZ%2Fze%2F2lrNkmjRkUYu23k0KuTC2%2FKyGBfVuAmNNJrSniRDdlX1kXvZ%2B0EWNzxyT1JtW9J5OL%2F556t4Ni3tPQGDmYPmnRmI7H2RmFfn"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 8981e590781e365d-FRA alt-svc h3=":443"; ma=86400
GET H2	200	miniowlfavicon.png updown.mesutates.com/assets/images/	4 KB 4 KB	301ms 300ms	Image image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://updown.mesutates.com/assets/images/miniowlfavicon.png Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f3a3b9379b73420579fd1f97e47c9e18f828368244706cf4beae6223b2f253e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:17 GMT server LiteSpeed etag "1023-6236e7f9-5996fc33371e0e51;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4131 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	updownlogo9.png updown.mesutates.com/assets/images/	6 KB 6 KB	302ms 301ms	Image image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://updown.mesutates.com/assets/images/updownlogo9.png Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash cb46fa56ebca90eff1fc1a0a2cd454df031fc40ef36350be76797a70f2470745 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-security-policy upgrade-insecure-requests last-modified Fri, 10 Nov 2023 14:04:58 GMT server LiteSpeed etag "18db-654e388a-f1a975c813db9bb0;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6363 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	reklamstore.js Show response adserver.reklamstore.com/	94 KB 29 KB	25ms 8ms	Script application/javascript	2600:9000:21f3:fc00:1c:4bbb:9180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserver.reklamstore.com/reklamstore.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:fc00:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e1e7d359cb19925707d24195b70023cc4f35bfc3b47b3135ebdcf30245030da9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 00:34:15 GMT content-encoding gzip via 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront) last-modified Wed, 01 Nov 2023 12:25:08 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 15788 etag "ddf6350dc1c4386d4af4587f5ad31d31" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript content-length 28991 x-amz-cf-id yUi_2y5j4gtmqx7tdvJD0kXRrW9akjiKxNH5nCNazWVndF6MQdPzXA==
GET H2	200	fav.png updown.mesutates.com/assets/images/	6 KB 6 KB	294ms 293ms	Image image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://updown.mesutates.com/assets/images/fav.png Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 5d6ebf00d2ee81242ae023f39b18c8eb5b44cd5e7fe38b29ab936f30bf25b616 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:16 GMT server LiteSpeed etag "1693-6236e7f8-f9ee84d26dd3263;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 5779 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	jquery.min.js Show response updown.mesutates.com/assets/web/assets/jquery/	94 KB 31 KB	294ms 293ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/web/assets/jquery/jquery.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash c3a6743c2592879fb9cb5d45776a337b72c5c8ad544de956a2d27a7ddcbafd23 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:30 GMT server LiteSpeed etag "176bb-6236e806-f3a11ce3372b4b7c;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 32089 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	popper.min.js Show response updown.mesutates.com/assets/popper/	19 KB 6 KB	294ms 293ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/popper/popper.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:18 GMT server LiteSpeed etag "4a32-6236e7fa-f62d80defbc6381c;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6520 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	tether.min.js Show response updown.mesutates.com/assets/tether/	23 KB 6 KB	295ms 293ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/tether/tether.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:19 GMT server LiteSpeed etag "5ab1-6236e7fb-9f1566805a4cd885;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6550 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	bootstrap.min.js Show response updown.mesutates.com/assets/bootstrap/js/	48 KB 12 KB	295ms 294ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/bootstrap/js/bootstrap.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 04f3b18e866852d8d98ea7dfabb1296d7865cb7fa45443de64d1d0640654462b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:22 GMT server LiteSpeed etag "bf30-6236e7fe-78315ec82a68f508;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 12434 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	smooth-scroll.js Show response updown.mesutates.com/assets/smoothscroll/	21 KB 6 KB	295ms 294ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/smoothscroll/smooth-scroll.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash ceb391aa23e91caa4f9cb02a989023bc7fdfb22da727ee9d390363360810468a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:18 GMT server LiteSpeed etag "541d-6236e7fa-314a5d0c64358de1;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 6125 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	script.min.js Show response updown.mesutates.com/assets/dropdown/js/	9 KB 3 KB	295ms 294ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/dropdown/js/script.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 73b166cd63024c943ecbdd71e7503a0f5ede703c07ee5cc7431f50851938d859 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:22 GMT server LiteSpeed etag "25b5-6236e7fe-87e289a7e00b686c;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 3162 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	jquery.viewportchecker.js Show response updown.mesutates.com/assets/viewportchecker/	3 KB 1 KB	295ms 294ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/viewportchecker/jquery.viewportchecker.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 93cae82f0eaa9f66db4b0ab8dfff9f4b39aec0a60a58464bab54ccaa59322ac9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:19 GMT server LiteSpeed etag "d7e-6236e7fb-f67f0499b3d49d0f;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 1223 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	social-likes.js Show response updown.mesutates.com/assets/sociallikes/	22 KB 5 KB	295ms 294ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/sociallikes/social-likes.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash b9049a7c32f217f75c5b42d241840b4e6da5843f03d2cf0df9a8dbb679c2360f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:18 GMT server LiteSpeed etag "59f2-6236e7fa-f2cd7fd020cb7e56;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 5105 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	jquery.touch-swipe.min.js Show response updown.mesutates.com/assets/touchswipe/	20 KB 5 KB	295ms 295ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/touchswipe/jquery.touch-swipe.min.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a94d0ed5ed164442aea3586996b00ac880703aaacc547618cf83dd1440bd6d9b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:19 GMT server LiteSpeed etag "4fbc-6236e7fb-c3d92c118d8c833e;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4857 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	script.js Show response updown.mesutates.com/assets/theme/js/	40 KB 8 KB	295ms 295ms	Script application/x-javascript	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/theme/js/script.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 4ce9892393079095dc73c9a293db58797775c83f99359ae8f78dd748eae34f45 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:29 GMT server LiteSpeed etag "a014-6236e805-d81f32ca2b77e374;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 8129 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	css fonts.googleapis.com/	19 KB 1 KB	38ms 17ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Exo:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/assets/mobirise/css/mbr-additional.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bd2d50add9f89be07414d3d4a1f65f8582d399db8bba8d40c4066dc55051a16d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 23 Jun 2024 04:57:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 23 Jun 2024 04:57:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 23 Jun 2024 04:57:21 GMT
GET H2	200	4UaOrEtFpBISc36j.woff2 fonts.gstatic.com/s/exo/v21/	21 KB 21 KB	33ms 8ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/exo/v21/4UaOrEtFpBISc36j.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Exo:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 533560ab5ad5c4f2c81404249e7277e57c2ea8e434b5a4965932d93ad5fc56d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://updown.mesutates.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:55:13 GMT x-content-type-options nosniff age 396128 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21400 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:48:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:55:13 GMT
GET H2	200	4UaOrEtFpBISfX6jyDM.woff2 fonts.gstatic.com/s/exo/v21/	18 KB 18 KB	39ms 15ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/exo/v21/4UaOrEtFpBISfX6jyDM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Exo:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8dec1b72207c6622b555e3c1a395965cfb651cfc5e48ee8bcd8d4fca56de3d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://updown.mesutates.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 19:32:58 GMT x-content-type-options nosniff age 120263 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18652 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:02:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Jun 2025 19:32:58 GMT
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	128 KB 41 KB	51ms 25ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 6604d8fb32714d8a30eb27f014ea9e6b57bb6a709f5130cace784a32ec08fbac Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Mon, 03 Jun 2024 10:49:47 GMT server nginx etag W/"665d9fcb-1ff33" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 24 Jun 2024 04:57:21 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	402 KB 138 KB	37ms 15ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140633 x-xss-protection 0 expires Sun, 23 Jun 2024 04:57:21 GMT
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/	321 B 620 B	101ms 18ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1106074 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 82a71a95f98119f332c875a964c1ffec5928933383e952a5c199389dcf7db223 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 04:54:24 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Vary Accept-Encoding Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H2	200	gtm.js Show response www.googletagmanager.com/	188 KB 68 KB	38ms 16ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b092ab686976072c90df3de46d3adddc670afc83a8c24aa983e2424e9d66b266 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69648 x-xss-protection 0 last-modified Sun, 23 Jun 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 23 Jun 2024 04:57:21 GMT
GET H/1.1	200 OK	sync x.bidswitch.net/	43 B 235 B	50ms 16ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=reklamstore Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 04:57:21 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	reklamstore.js Show response adserver.reklamstore.com/	94 KB 0	0ms 0ms	Script application/javascript	2600:9000:21f3:fc00:1c:4bbb:9180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserver.reklamstore.com/reklamstore.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:fc00:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e1e7d359cb19925707d24195b70023cc4f35bfc3b47b3135ebdcf30245030da9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 00:34:15 GMT content-encoding gzip via 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront) last-modified Wed, 01 Nov 2023 12:25:08 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 15788 etag "ddf6350dc1c4386d4af4587f5ad31d31" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript content-length 28991 x-amz-cf-id yUi_2y5j4gtmqx7tdvJD0kXRrW9akjiKxNH5nCNazWVndF6MQdPzXA==
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	128 KB 0	39ms 39ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 6604d8fb32714d8a30eb27f014ea9e6b57bb6a709f5130cace784a32ec08fbac Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 10:49:47 GMT server nginx etag W/"665d9fcb-1ff33" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 24 Jun 2024 04:57:21 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	402 KB 0	25ms 25ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140633 x-xss-protection 0 expires Sun, 23 Jun 2024 04:57:21 GMT
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/	341 B 633 B	91ms 18ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1106215 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 0ea66fd16179814eee9a52cc2c51db08a6a9a5b99b7b5e43dd1c2e8c929aaeb4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 04:54:24 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Vary Accept-Encoding Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H3	200	socicon.woff updown.mesutates.com/assets/socicon/fonts/	38 KB 38 KB	140ms 140ms	Font application/font-woff	217.196.55.43 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/socicon/fonts/socicon.woff Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/assets/socicon/css/styles.css Protocol H3 Security QUIC, , AES_128_GCM Server 217.196.55.43 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 165def3c7a5c82e6cd701ad9039f39b537e6e2e748948a4c54d70ed47d0d27f3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/assets/socicon/css/styles.css Origin https://updown.mesutates.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:29 GMT server LiteSpeed etag "972c-6236e805-5283f75b4fedb33e;;;" content-type application/font-woff accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 38700
GET H3	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	15 B 40 B	55ms 39ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fupdown.mesutates.com%2F Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash 039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 x-xss-protection 0 expires Sun, 23 Jun 2024 04:57:21 GMT
GET H3	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	15 B 0	52ms 52ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fupdown.mesutates.com%2F Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash 039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 x-xss-protection 0 expires Sun, 23 Jun 2024 04:57:21 GMT
GET H/1.1	200 OK	init.js Show response bank.reklamstore.com/	125 KB 28 KB	52ms 24ms	Script application/javascript	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/init.js?v1 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash 0f43366469f0cee36bc863493cbd6845c9f1f897ae116613b197b6a10930a1db Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 04:45:14 GMT Content-Encoding gzip Last-Modified Wed, 10 Jan 2018 13:16:00 GMT Server nginx/1.14.0 Etag eccbc87e4b5ce2fe28308fd9f2a7baf3 Vary Accept-Encoding P3P policyref="http://bank.reklamstore.com/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Access-Control-Allow-Credentials true X-Upstream 10.135.39.102:80 Connection keep-alive Content-Length 27845 Expires Sun, 23 Jun 2024 05:57:21 GMT
POST H2	200	prebid Show response ib.adnxs.com/ut/v2/	157 B 1 KB	89ms 58ms	XHR application/json	185.89.210.212 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v2/prebid Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 9d7400fca51a5759e1c6054601191952f5e0173f1c4167fe7ea6c793ce1509fe Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 23 Jun 2024 04:57:21 GMT an-x-request-uuid 8a80836b-e3bf-4061-ab28-5fd5c503b6ff server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://updown.mesutates.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 157 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/ Redirect Chain https://adx.adform.net/adx/?rp=4&bWlkPTEzODgyMjY%3D&callback=adf__JC8DOODlU33o7isAnFws https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTEzODgyMjY%3D&callback=adf__JC8DOODlU33o7isAnFws	33 B 710 B	71ms 71ms	Script text/javascript	37.157.5.132 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTEzODgyMjY%3D&callback=adf__JC8DOODlU33o7isAnFws Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Server 37.157.5.132 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e91cbb286f4dfb3ae1114e731bf81eb7eb13965a3584c11c85b7d3268129b6b7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 23 Jun 2024 04:57:21 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" pragma no-cache server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Sun, 23 Jun 2024 04:57:21 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" location https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTEzODgyMjY%3D&callback=adf__JC8DOODlU33o7isAnFws access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/	4 KB 2 KB	82ms 41ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=caa22d83be694fdd814eb0dd19de0cdf&ufid=JC8DOODlU33o7isAnFws&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__JC8DOODlU33o7isAnFws&ref=updown.mesutates.com&_=1719118641174&crtg=-1 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 6b2271577d1000fd939197e022892f937cb49f9bd85074ccd5b1a2b2add690e3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 04:54:24 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Connection keep-alive
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/	0 183 B	47ms 18ms	XHR text/plain	185.184.8.90 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY), Reverse DNS ip-185-184-8-90.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://updown.mesutates.com date Sun, 23 Jun 2024 04:57:21 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
GET H/1.1	200 OK	rs.js Show response bank.reklamstore.com/ Redirect Chain https://iq.reklamselfie.com/585ce73218044 https://bank.reklamstore.com/rs.js	24 B 378 B	9ms 9ms	Script application/javascript	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/rs.js Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash 9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 23 Jun 2024 04:45:14 GMT Last-Modified Tue, 21 Feb 2017 07:13:43 GMT Server nginx/1.14.0 ETag "18-549051ec0ae13" Content-Type application/javascript Access-Control-Allow-Origin * X-Upstream 10.135.15.5:80 Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Content-Length 24 Redirect headers Location https://bank.reklamstore.com/rs.js Date Sun, 23 Jun 2024 04:56:16 GMT Server openresty/1.11.2.2 Connection keep-alive Content-Length 167 Content-Type text/html
GET H/1.1	200 OK	pixel Show response ps.eyeota.net/	1 KB 2 KB	40ms 12ms	Script text/plain	3.120.214.218 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=6677ab3130376 Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-214-218.eu-central-1.compute.amazonaws.com Software / Resource Hash 175be6275764a0c59ff6fa5f11dc1be8068945f7b0df0dcbd3acd9b50efcb62d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 04:57:21 GMT Content-Length 1331 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200 OK	anx.php Show response bank.reklamstore.com/ Redirect Chain https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbank.reklamstore.com%2Fanx.php%3Fuid%3D%24UID https://bank.reklamstore.com/anx.php?uid=2518320743541467700	41 B 440 B	14ms 10ms	Script text/javascript	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/anx.php?uid=2518320743541467700 Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash 556651ce31e5a1ca6ef0a87984fd009e3543d04defc538256f6154406e392fab Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 23 Jun 2024 04:45:14 GMT Server nginx/1.14.0 Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * X-Upstream 10.135.39.102:80 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 41 Redirect headers pragma no-cache date Sun, 23 Jun 2024 04:57:21 GMT an-x-request-uuid 5ea2c476-8ff1-482b-b7ef-ee1d48559e56 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://bank.reklamstore.com/anx.php?uid=2518320743541467700 x-proxy-origin 81.95.5.36; 81.95.5.36; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel Show response cm.g.doubleclick.net/	170 B 409 B	60ms 17ms	Script image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 04:57:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	adform.php Show response bank.reklamstore.com/ Redirect Chain https://dmp.adform.net/serving/cookie/match?party=1068 https://dmp.adform.net/serving/cookie/match?CC=1&party=1068 https://bank.reklamstore.com/adform.php?uid=4515660207610626510	41 B 438 B	9ms 9ms	Script text/javascript	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/adform.php?uid=4515660207610626510 Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash 9d2cf2ce9d1d000906a42cc2c6c89d4a7446eda9746e48eb4a4b3ec10bf00fa6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 23 Jun 2024 04:45:14 GMT Server nginx/1.14.0 Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * X-Upstream 10.135.15.5:80 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 41 Redirect headers pragma no-cache date Sun, 23 Jun 2024 04:57:21 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://bank.reklamstore.com/adform.php?uid=4515660207610626510 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	404	px.js p.cpx.to/p/12475/	0 0	90ms 29ms	Script text/plain	52.48.136.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.cpx.to/p/12475/px.js Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.136.129 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-48-136-129.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-length 0
GET H2	200	fltiu.js Show response pixel.yabidos.com/	2 KB 1 KB	42ms 17ms	Script text/javascript	104.16.94.102 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=51196&s=updown.mesutates.com&x=rekmob&nci=&adtg=caa22d83be694fdd814eb0dd19de0cdf&nai=&si=44042&pn=&h=60&w=468&bp=&pp=&ci=&ip=81.95.5.36&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.102 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 22 Apr 2024 13:48:57 GMT server cloudflare age 617 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 8981e5940a5f1d86-FRA content-length 1168 expires Sun, 23 Jun 2024 06:57:21 GMT
GET H/1.1	200 OK	pixel Show response ps.eyeota.net/	0 344 B	10ms 10ms	Script text/plain	3.120.214.218 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=6677ab3130376&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1&c_e= Requested by Host: ps.eyeota.net URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=6677ab3130376 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-214-218.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 04:57:21 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H2	200	syncframe gum.criteo.com/ Frame 7A46	0 0	39ms 14ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=updown.mesutates.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://updown.mesutates.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 04:57:20 GMT server Kestrel server-processing-duration-in-ticks 344720 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
POST H/1.1	200 OK	store.php Show response bank.reklamstore.com/	0 261 B	41ms 17ms	XHR text/html	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/store.php Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 23 Jun 2024 04:45:14 GMT Server nginx/1.14.0 Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * X-Upstream 10.135.15.5:80 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H2	200	flimpobj.js Show response pixel.yabidos.com/	31 KB 24 KB	17ms 16ms	Script text/javascript	104.16.94.102 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1719118641303&ver1=2.2.3&qid=230383f5530383f5434353&rnd=20ro0v0thjs5&cid=544 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=51196&s=updown.mesutates.com&x=rekmob&nci=&adtg=caa22d83be694fdd814eb0dd19de0cdf&nai=&si=44042&pn=&h=60&w=468&bp=&pp=&ci=&ip=81.95.5.36&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.102 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 22 Apr 2024 13:48:57 GMT server cloudflare age 648 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 8981e5942a751d86-FRA content-length 24223 expires Sun, 23 Jun 2024 06:57:21 GMT
POST H/1.1	200 OK	store.php Show response bank.reklamstore.com/	0 263 B	26ms 12ms	XHR text/html	104.248.139.51 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bank.reklamstore.com/store.php Requested by Host: bank.reklamstore.com URL: https://bank.reklamstore.com/init.js?v1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS com.reklamstore.bank.v3.lb1 Software nginx/1.14.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 23 Jun 2024 04:45:14 GMT Server nginx/1.14.0 Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * X-Upstream 10.135.39.102:80 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H2	200	nflrc.gif pre.glotgrx.com/	26 B 231 B	38ms 20ms	Image image/gif	2606:4700::6811:faa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1719118641334631&ver=1.2r81&qid=230383f5530383f5434353&p=51196&s=updown.mesutates.com&x=rekmob&cid=544&od1=&od2=&adtg=caa22d83be694fdd814eb0dd19de0cdf&nci=&nai=&si=44042&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=20ro0v0thjs5&impid=&idl=&ttduid=&id5=&emh=&tps=36&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&os=&mm=&di=&ip=81.95.5.36&ci=&pp=&bp=&w=468&h=60&pn=&1=a20eb2cbf3b906c51780af7988f06888&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22PDF%2520Viewer%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%222%22%3A%22Chromium%2520PDF%2520Viewer%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%223%22%3A%22Microsoft%2520Edge%2520PDF%2520Viewer%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%224%22%3A%22WebKit%2520built-in%2520PDF%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=1600x1200&atf=&dbgcid=544&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=33&icp=https%253A//updown.mesutates.com/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-20-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-133-os-fl-0-mm-fl-0-di-fl-0-ip-fl-10-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22x86%22,%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22126%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22126%22}],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22Win32%22,%22platformVersion%22:%2210.0.0%22,%22uaFullVersion%22:%22126.0.6478.114%22}&fli=&flerr=0&trim=&fio=14 Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:21 GMT cf-cache-status HIT last-modified Wed, 06 Mar 2024 03:04:14 GMT server cloudflare age 1437 vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 8981e5949e6ebbf1-FRA content-length 26 expires Sun, 23 Jun 2024 06:57:21 GMT
GET H2	200	miniowlfavicon.png updown.mesutates.com/assets/images/	4 KB 0	0ms 0ms	Other image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/images/miniowlfavicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f3a3b9379b73420579fd1f97e47c9e18f828368244706cf4beae6223b2f253e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:17 GMT server LiteSpeed etag "1023-6236e7f9-5996fc33371e0e51;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4131 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	miniowlfavicon.png updown.mesutates.com/assets/images/	4 KB 0	0ms 0ms	Other image/png	2a02:4780:b:1347:0:38ff:18db:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://updown.mesutates.com/assets/images/miniowlfavicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:b:1347:0:38ff:18db:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f3a3b9379b73420579fd1f97e47c9e18f828368244706cf4beae6223b2f253e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:20 GMT content-security-policy upgrade-insecure-requests last-modified Sun, 20 Mar 2022 08:38:17 GMT server LiteSpeed etag "1023-6236e7f9-5996fc33371e0e51;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 4131 expires Sun, 30 Jun 2024 04:57:20 GMT
GET H2	200	vbl.gif pre.glotgrx.com/	26 B 133 B	15ms 15ms	Image image/gif	2606:4700::6811:faa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1719118642342&rnd=20ro0v0thjs5&ifm=0&uai=1&cid=544&s=updown.mesutates.com&p=51196&x=rekmob&adtg=caa22d83be694fdd814eb0dd19de0cdf&ats=1600x1200&atf=&nsi=&si=44042&nci=&nai=&pft=0&iip=172.17.0.24&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//updown.mesutates.com/&impid=&idl=&ttduid=&id5=&emh= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 04:57:22 GMT cf-cache-status HIT last-modified Wed, 06 Mar 2024 03:04:14 GMT server cloudflare age 1772 vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 8981e59aab94bbf1-FRA content-length 26 expires Sun, 23 Jun 2024 06:57:22 GMT
GET H/1.1	200 OK	425ed8a5b36d4914aa298c1aa1835fdc adimg.rekmob.com/ Frame DC7B	23 KB 23 KB	27ms 7ms	Image image/jpeg	18.66.102.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/425ed8a5b36d4914aa298c1aa1835fdc Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.102.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-72.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 9e5eaec74a8d2c88fd80c34040c61e97f366402c2fe8dc8ef6a1b3fd2e9a3c5d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sat, 22 Jun 2024 07:02:58 GMT Via 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront) Last-Modified Wed, 20 May 2020 15:52:55 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-P2 Age 78865 ETag "373bb0579268fdc61771542229bc3701" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive Content-Length 23144 X-Amz-Cf-Id a4NyfhGqAAIvwR-QKu6XPxRuMzi7jioCWAwCyY_tQrvC8NML8jwOoQ==
GET H/1.1	200 OK	imp ads.rekmob.com/m/ Frame DC7B	2 B 179 B	16ms 15ms	Image image/avif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/m/imp?uid=caa22d83be694fdd814eb0dd19de0cdf&udid=f308a19db25a4cd3846dfdfff47370ae&rid=NjY3N2FiMzEwY2YyYjRhYjA3ZDE1MmIw&adId=MTM1OQ== Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 04:54:25 GMT Server nginx/1.9.6 Connection keep-alive X-Code DE Content-Length 2 Content-Type image/avif;charset=ISO-8859-1
GET H/1.1	200 OK	rs-b.png adimg.rekmob.com/logos/ Frame DC7B	471 B 911 B	28ms 7ms	Image image/png	18.66.102.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/logos/rs-b.png Requested by Host: updown.mesutates.com URL: https://updown.mesutates.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.102.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-72.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://updown.mesutates.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sat, 22 Jun 2024 06:22:17 GMT Via 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront) Last-Modified Thu, 26 Jul 2018 10:20:15 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-P2 Age 81306 ETag "5965d59f86a925e809f20a75e26c9d0c" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Content-Length 471 X-Amz-Cf-Id caDVGhFxH7JUKIqtRixMA_C2KZ6Lg0kgvCG7eER7AYCpq8HXR3dneg==