urlscan.io logo urlscan.io
SecurityTrails logo

m.buyabilify.life Open in urlscan Pro
2606:4700:3037::ac43:81de  Public Scan

Go To Rescan Add Verdict Report
URL: https://m.buyabilify.life/
Submission: On December 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 3 countries across 49 domains to perform 98 HTTP transactions. The main IP is 2606:4700:3037::ac43:81de, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.buyabilify.life.
TLS certificate: Issued by GTS CA 1P5 on December 12th 2023. Valid for: 3 months.
This is the only time m.buyabilify.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 146.75.28.193 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2a04:4e42::485 54113 (FASTLY)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.18.34.83 13335 (CLOUDFLAR...)
2 18.238.55.108 16509 (AMAZON-02)
3 18.223.194.247 16509 (AMAZON-02)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
2 108.138.128.28 16509 (AMAZON-02)
1 1 15.235.15.221 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 142.250.80.66 15169 (GOOGLE)
1 67.202.105.31 32748 (STEADFAST)
1 18.173.132.23 16509 (AMAZON-02)
4 23.200.88.69 20940 (AKAMAI-ASN1)
1 67.202.105.33 32748 (STEADFAST)
1 108.139.29.112 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 67.202.105.23 32748 (STEADFAST)
14 19 23.46.225.71 16625 (AKAMAI-AS)
2 34.86.110.8 396982 (GOOGLE-CL...)
7 10 35.244.154.8 15169 (GOOGLE)
4 4 35.244.159.8 15169 (GOOGLE)
2 2 52.223.40.198 16509 (AMAZON-02)
3 18.116.146.56 16509 (AMAZON-02)
1 2 107.178.254.65 396982 (GOOGLE-CL...)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 50.16.174.192 14618 (AMAZON-AES)
1 2 34.117.77.79 396982 (GOOGLE-CL...)
1 2 63.251.114.136 32475 (SINGLEHOP...)
1 23.203.182.189 16625 (AKAMAI-AS)
1 54.88.134.208 14618 (AMAZON-AES)
1 44.205.86.46 ()
1 108.139.29.24 ()
4 4 3.222.98.107 ()
1 1 2620:112:f002... ()
2 2 108.138.106.17 ()
1 1 199.38.167.131 ()
1 1 35.194.66.159 ()
1 23.92.190.68 ()
98 46
2    2606:4700:3037::ac43:81de (United States)

ASN13335 (CLOUDFLARENET, US)
m.buyabilify.life
9    2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
bedavacanliyayin10.blogspot.com
1    146.75.28.193 (Ashburn, United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4006:816::2009 (United States)

ASN15169 (GOOGLE, US)
www.blogger.com
2    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:10::ac43:7cc (United States)

ASN13335 (CLOUDFLARENET, US)
wallpaperaccess.com
1    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2606:4700:3034::ac43:bd43 (United States)

ASN13335 (CLOUDFLARENET, US)
appgool.click
1    2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
2    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:3030::6815:2eed (United States)

ASN13335 (CLOUDFLARENET, US)
corsproxy.org
3    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscout.com
1    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
1    104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
2    18.238.55.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-108.jfk52.r.cloudfront.net
get.s-onetag.com
3    18.223.194.247 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-194-247.us-east-2.compute.amazonaws.com
pd.sharethis.com
7    2606:4700:20::681a:683 (United States)

ASN13335 (CLOUDFLARENET, US)
corsproxy.pro
2    108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    15.235.15.221 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
cm.g.doubleclick.net
1    67.202.105.31 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
1    18.173.132.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-23.jfk52.r.cloudfront.net
onetag-geo.s-onetag.com
4    23.200.88.69 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-88-69.deploy.static.akamaitechnologies.com
t.sharethis.com
1    67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
1    108.139.29.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-112.jfk50.r.cloudfront.net
data-beacons.s-onetag.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-tc.33across.com
1    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
lex.33across.com
19    23.46.225.71 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-225-71.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
stags.bluekai.com
x.dlx.addthis.com
tags.bluekai.com
2    34.86.110.8 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.110.86.34.bc.googleusercontent.com
i.simpli.fi
10    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
rc.rlcdn.com
idsync.rlcdn.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    18.116.146.56 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-146-56.us-east-2.compute.amazonaws.com
sync.sharethis.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    50.16.174.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com
ps.eyeota.net
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
2    63.251.114.136 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    23.203.182.189 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-182-189.deploy.static.akamaitechnologies.com
tags.bkrtx.com
1    54.88.134.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-134-208.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    44.205.86.46 (None, )

ASN- ()
track2.securedvisit.com
1    108.139.29.24 (None, )

ASN- ()
api.intentiq.com
4    3.222.98.107 (None, )

ASN- ()
i.liadm.com
1    2620:112:f002:bbbb::23 (None, )

ASN- ()
d.turn.com
2    108.138.106.17 (None, )

ASN- ()
live.rezync.com
1    199.38.167.131 (None, )

ASN- ()
p.rfihub.com
1    35.194.66.159 (None, )

ASN- ()
um.simpli.fi
1    23.92.190.68 (None, )

ASN- ()
ce.lijit.com
Apex Domain
Subdomains		 Transfer
12 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1786
x.dlx.addthis.com — Cisco Umbrella Rank: 1554
7 KB
10 rlcdn.com
rc.rlcdn.com — Cisco Umbrella Rank: 4617
idsync.rlcdn.com — Cisco Umbrella Rank: 408
2 KB
10 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 11669
t.sharethis.com — Cisco Umbrella Rank: 5617
sync.sharethis.com — Cisco Umbrella Rank: 2848
17 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
151 KB
7 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 848
tags.bluekai.com — Cisco Umbrella Rank: 638
2 KB
7 corsproxy.pro
corsproxy.pro
25 MB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
6 KB
4 liadm.com
i.liadm.com
2 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
1 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4856
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6028
data-beacons.s-onetag.com — Cisco Umbrella Rank: 14842
14 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
289 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11518
64 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
3 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 3745
um.simpli.fi
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
31 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 13327
ic.tynt.com — Cisco Umbrella Rank: 11417
de.tynt.com — Cisco Umbrella Rank: 1577
12 KB
3 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 14358
5 KB
3 appgool.click
appgool.click
10 KB
2 rezync.com
live.rezync.com
2 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1824
547 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
538 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
676 B
2 33across.com
cdn-tc.33across.com — Cisco Umbrella Rank: 25423
lex.33across.com — Cisco Umbrella Rank: 4987
527 B
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2888
mwzeom.zeotap.com — Cisco Umbrella Rank: 3215
879 B
2 gstatic.com
www.gstatic.com
17 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
185 KB
2 blogspot.com
bedavacanliyayin10.blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11479
25 KB
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12342
72 KB
2 buyabilify.life
m.buyabilify.life
9 KB
1 rfihub.com
p.rfihub.com
1 KB
1 turn.com
d.turn.com
416 B
1 intentiq.com
api.intentiq.com
1 securedvisit.com
track2.securedvisit.com
178 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 5121
16 KB
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2916
400 B
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 17707
183 B
1 corsproxy.org
corsproxy.org
859 B
1 waust.at
waust.at — Cisco Umbrella Rank: 43427
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
27 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
33 KB
1 wallpaperaccess.com
wallpaperaccess.com — Cisco Umbrella Rank: 74663
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7364
928 B
0 criteo.com Failed
dis.criteo.com Failed
0 adsymptotic.com Failed
p.adsymptotic.com Failed
0 dtscdn.com Failed
t.dtscdn.com Failed
0 t24reklam.xyz Failed
t24reklam.xyz Failed
98 49
Domain Requested by
9 cdn.ampproject.org m.buyabilify.life
cdn.ampproject.org
8 e.dlx.addthis.com 8 redirects
7 corsproxy.pro cdn.jsdelivr.net
6 idsync.rlcdn.com 3 redirects appgool.click
5 stags.bluekai.com 5 redirects
4 i.liadm.com 4 redirects
4 us-u.openx.net 4 redirects
4 rc.rlcdn.com 4 redirects
4 x.dlx.addthis.com appgool.click
4 t.sharethis.com pd.sharethis.com
t.sharethis.com
appgool.click
4 cdn.jsdelivr.net bedavacanliyayin10.blogspot.com
appgool.click
4 www.blogger.com bedavacanliyayin10.blogspot.com
3 px.ads.linkedin.com 1 redirects appgool.click
3 sync.sharethis.com appgool.click
3 cm.g.doubleclick.net 3 redirects
3 pd.sharethis.com t.dtscout.com
appgool.click
t.sharethis.com
3 t.dtscout.com waust.at
t.dtscout.com
3 appgool.click bedavacanliyayin10.blogspot.com
appgool.click
2 live.rezync.com 2 redirects
2 ap.lijit.com 1 redirects appgool.click
2 tags.bluekai.com 1 redirects tags.bkrtx.com
2 ml314.com 1 redirects appgool.click
2 ps.eyeota.net 2 redirects
2 pippio.com 1 redirects appgool.click
2 match.adsrvr.org 2 redirects
2 i.simpli.fi appgool.click
2 tags.crwdcntrl.net t.dtscout.com
cdn-tc.33across.com
2 get.s-onetag.com t.dtscout.com
get.s-onetag.com
2 www.gstatic.com cdn.jsdelivr.net
www.gstatic.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 pagead2.googlesyndication.com bedavacanliyayin10.blogspot.com
pagead2.googlesyndication.com
2 blogger.googleusercontent.com m.buyabilify.life
appgool.click
2 m.buyabilify.life m.buyabilify.life
1 ce.lijit.com appgool.click
1 um.simpli.fi 1 redirects
1 p.rfihub.com 1 redirects
1 d.turn.com 1 redirects
1 api.intentiq.com data-beacons.s-onetag.com
1 track2.securedvisit.com data-beacons.s-onetag.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.bkrtx.com pd.sharethis.com
1 lex.33across.com appgool.click
1 cdn-tc.33across.com de.tynt.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 de.tynt.com cdn.tynt.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 ic.tynt.com appgool.click
1 mwzeom.zeotap.com appgool.click
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 cdn.tynt.com waust.at
1 whos.amung.us waust.at
1 corsproxy.org cdn.jsdelivr.net
1 waust.at appgool.click
1 cdnjs.cloudflare.com appgool.click
1 1.bp.blogspot.com bedavacanliyayin10.blogspot.com
1 ajax.googleapis.com bedavacanliyayin10.blogspot.com
1 wallpaperaccess.com bedavacanliyayin10.blogspot.com
1 www.googletagmanager.com bedavacanliyayin10.blogspot.com
1 bedavacanliyayin10.blogspot.com cdn.ampproject.org
1 i.imgur.com m.buyabilify.life
0 dis.criteo.com Failed appgool.click
0 p.adsymptotic.com Failed appgool.click
0 t.dtscdn.com Failed t.dtscout.com
0 t24reklam.xyz Failed bedavacanliyayin10.blogspot.com
98 65

This site contains links to these domains. Also see Links.

Domain
x.com
www.dosyaupload.com
ampsite.click
twitter.com
buyabilify.life
Subject Issuer Validity Valid
buyabilify.life
GTS CA 1P5		 2023-12-12 -
2024-03-11		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
appgool.click
GTS CA 1P5		 2023-11-27 -
2024-02-25		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
corsproxy.org
E1		 2023-12-05 -
2024-03-04		 3 months crt.sh
dtscout.com
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-19		 a year crt.sh
corsproxy.pro
E1		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cert1-prod.aut.a24365.net
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-05		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M03		 2023-08-16 -
2024-09-13		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh

This page contains 13 frames:

Primary Page: https://m.buyabilify.life/
Frame ID: 7C67C8D25A5B92DE6D1963281F573608
Requests: 13 HTTP requests in this frame

Frame: https://bedavacanliyayin10.blogspot.com/
Frame ID: D61FBCBD80A1B2BBDFDCC8AF92D4DA31
Requests: 14 HTTP requests in this frame

Frame: https://appgool.click/ad?id=yayinex1
Frame ID: E0CC79DF9F0C7315B09A0F2A90031E80
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: BF270F326132A707F1BFD3889FA7B150
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104017026200338A18BBFE9998B67A00
Frame ID: A9AA130E6548C192D95B0872B4FEE45C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7026251248099729&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A66048%2C4%3A66048%2C8%3A512%2C9%3A33280%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm.buyabilify.life%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702620033384&bpp=4&bdt=608&idt=440&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&nras=1&correlator=1926472301562&frm=24&ife=1&pv=2&ga_vid=2131478512.1702620034&ga_sid=1702620034&ga_hid=1112252492&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=800&ish=850&ifk=3442782311&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C44795921%2C95320884&oid=2&pvsid=2918028854519851&tmod=1920658607&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C850&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1zoslxdgeg9m&fsb=1&dtd=459
Frame ID: 7A39FCC7EB1198DB0CE05E80A8CCC92B
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: AB75B5222EDA3E86509CECD6DFF7A0A5
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 9321CCCF8809F2778D21EA3015C00B17
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 9682FD2CC9DE434F0FA54E80317F0849
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 92AE5313DFC8C609F53816C621B7F48D
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESECp_HnWWxlTpXea-8z4f2E4&google_cver=1
Frame ID: C6352BABEB0F863864ED62AB49838C99
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=15546
Frame ID: 35978542A0E036ED6E2BDB21B4D0385D
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: C43B49A2C55458B92BF96AD8838B78FB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Justin TV - Selcuksportshd -Taraftarium24

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

98
Requests

78 %
HTTPS

40 %
IPv6

49
Domains

65
Subdomains

46
IPs

3
Countries

26418 kB
Transfer

28670 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017026200338A18BBFE9998B67A00 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=d7b89e444ff1a897 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=52bec4a8-ed21-4b67-5ac5-d3519e5b60ff&reqId=fbc9805e-996e-4733-61f6-d552b384d86f&zcluid=d7b89e444ff1a897&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEI-az64qhb4ZN3Ffq_eKErU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=52bec4a8-ed21-4b67-5ac5-d3519e5b60ff&reqId=fbc9805e-996e-4733-61f6-d552b384d86f&zcluid=d7b89e444ff1a897&zdid=1332
Request Chain 62
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.2 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.2&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023121506003500030207141211&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
Request Chain 63
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1702620034411.3 HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIgtfvqwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIgtfvqwYSBAgCEABCAEoA&google_gid=CAESEDH_sefX_czbxEtCUbUG8Wk&google_cver=1 HTTP 307
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=07089299
Request Chain 65
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.6 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.6&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023121506003400013528231199&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
Request Chain 66
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1702620034411.7 HTTP 307
  • https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCILX76sGEgUI6AcQAEIASgA HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0d57081a-3588-4b92-b7d3-9408b8752cb4
Request Chain 68
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.9 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.9&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023121506003400073541068984&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
Request Chain 69
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1702620034411.10 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7a952098-d559-40da-96a5-fa149cca21d4
Request Chain 70
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.11 HTTP 302
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.11&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023121506003400014719337253&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
Request Chain 71
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1702620034411.12 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKZOxrjVfT-RaeQ6BzNT03s&google_cver=1
Request Chain 74
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=8c8fe48b-be3e-4474-bf40-9902877886b9&gdpr=0&gdpr_consent=
Request Chain 75
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHYACWV764IAAAAIDsuSAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhZQUNXVjc2NElBQUFBSURzdVNBdz09EAAaDQiC1--rBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7b1e0fd03ff7749dc72562fc54286ec89de2e59141fbb99b9895e618c5cbce85791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7b1e0fd03ff7749dc72562fc54286ec89de2e59141fbb99b9895e618c5cbce85791426b5417dce21&rand=08635740 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7b1e0fd03ff7749dc72562fc54286ec89de2e59141fbb99b9895e618c5cbce85791426b5417dce21&rand=08635740&expected_cookie=5f81406c-acda-49ff-8029-91a04bdea660
Request Chain 76
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2sVyeKlNqZ0ZdLHZLtiHFU4cIMLVQZpPYL4RRzGAM4m0&gdpr=0&gdpr_consent=
Request Chain 77
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHYACWV764IAAAAIDsuSAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3640643425985888301 HTTP 307
  • https://ml314.com/csync.ashx?fp=f9b1ac47d868f34fa84dc1af640529af709f36b034b09cb41fc8da25bb883913f4cb09cee1a4f8eb&person_id=3640643425985888301&eid=50082
Request Chain 78
  • https://tags.bluekai.com/site/59574?id=ZHYACWV764IAAAAIDsuSAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Request Chain 80
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 85
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHYACWV764IAAAAIDsuSAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=44331642 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=M054Sm1Pd005OTk3VGMraw%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESECp_HnWWxlTpXea-8z4f2E4&google_cver=1
Request Chain 91
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H0todSZHicY9772qTLWdWOMZ&rnd=70951 HTTP 303
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H0todSZHicY9772qTLWdWOMZ&rnd=70951&_li_chk=true&previous_uuid=a80fcd13a7ff4f8d8ac5ba473be031eb HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4203358364365765262 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a80fcd13-a7ff-4f8d-8ac5-ba473be031eb HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d33c465e-0066-44aa-bdc4-0dbf0fac183f%3A1702620037.4851716&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd33c465e-0066-44aa-bdc4-0dbf0fac183f%253A1702620037.4851716%26pid%3D500040%26it%3D1%26iv%3Dd33c465e-0066-44aa-bdc4-0dbf0fac183f%253A1702620037.4851716%26_%3D1702620037.488959&cb=1702620037.4890418 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=970033170884884839&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd33c465e-0066-44aa-bdc4-0dbf0fac183f%253A1702620037.4851716%26pid%3D500040%26it%3D1%26iv%3Dd33c465e-0066-44aa-bdc4-0dbf0fac183f%253A1702620037.4851716%26_%3D1702620037.488959 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d33c465e-0066-44aa-bdc4-0dbf0fac183f%3A1702620037.4851716&pid=500040&it=1&iv=d33c465e-0066-44aa-bdc4-0dbf0fac183f%3A1702620037.4851716&_=1702620037.488959 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1702620037.488959&iv=d33c465e-0066-44aa-bdc4-0dbf0fac183f:1702620037.4851716
Request Chain 94
  • https://um.simpli.fi/lj_match?r=95853 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=1048C2FD9E144E3EB99A2156EF6FDD89
Request Chain 95
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H0todSZHicY9772qTLWdWOMZ&rnd=62289 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
m.buyabilify.life/ 		30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:81de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f8f8d6b5fdf83bdd043bf828ab3701477e656e41fcc40f6cc79db02b5b4a2ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
835c777f28edda13-MIA
content-encoding
br
content-type
text/html
date
Fri, 15 Dec 2023 06:00:31 GMT
last-modified
Tue, 12 Dec 2023 01:46:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2F9EA%2FvkTXS%2FXTr0NfNRoi4njh8oqAAJBsVQhtoxORCKUHf04Y%2BaDcSUq0WSXs4K51r3%2B3VDT2Gnlt2o4DtgzWs5zaWlCcz7VBMjZ5KUIxmkyaZFjxaciW1E7m2DwDYnmKxNcF8h%2Bl%2BRa0d28HmCLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 06:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73141
x-xss-protection
0
server
sffe
etag
"20620290c9309704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Dec 2023 06:00:32 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 06:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11509
x-xss-protection
0
server
sffe
etag
"89fd1f55c72a0a94"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Dec 2023 06:00:32 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c86be9343f991a2b91d8238e2b458002707a4d38bc8e74ae99d2a58242ba04c4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 06:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9639
x-xss-protection
0
server
sffe
etag
"13e0a16aa728157d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Dec 2023 06:00:32 GMT
amp-anim-0.1.js
cdn.ampproject.org/v0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ec9d8d19236a815a5b0473e79b1b6823330026a8a564e4074f3f7595abc4ed1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 06:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2473
x-xss-protection
0
server
sffe
etag
"f9ec7b9cfb04b32c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Dec 2023 06:00:32 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4223e8178440140140accbdde18d9472237ea1c30d037e7b10547c0377a1c450
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 06:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8936
x-xss-protection
0
server
sffe
etag
"983117833e8e8e62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Dec 2023 06:00:32 GMT
amp-lightbox-0.1.js
cdn.ampproject.org/v0/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-0.1.js
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8f4932f20fa0868dd2caaa4e5bde036d3db73868c2132a5f387d87064f0343b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 06:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8507
x-xss-protection
0
server
sffe
etag
"97039edf12d9673b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Dec 2023 06:00:32 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 06:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32187
x-xss-protection
0
server
sffe
etag
"f62e83b3b94bc414"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Dec 2023 06:00:32 GMT
banner.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPjMd4YQdfYlTF2SDZ2a-16vBNA25t0c5dE7Qkv3JtjX9UT5Q1ZGiO_zq6HJJFUbNw_gM9mh4BNl3VgekCuS0zShqkG6ykVEb21T0rsdJdi-iQ1YTH80f_qnFa1L3Jfyq5lG-obJqY7dKYPzOl... 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPjMd4YQdfYlTF2SDZ2a-16vBNA25t0c5dE7Qkv3JtjX9UT5Q1ZGiO_zq6HJJFUbNw_gM9mh4BNl3VgekCuS0zShqkG6ykVEb21T0rsdJdi-iQ1YTH80f_qnFa1L3Jfyq5lG-obJqY7dKYPzOldb9zTg_jxP6EQkb4H68tmbcJxo8j1L3shul6lviym0KR/s16000/banner.png
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b2311a446a7bc58eab3a2b66f229a48394c7efc55364541a5b1af2f6b666feb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:32 GMT
x-content-type-options
nosniff
server
fife
etag
"v7c9"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="banner.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37771
x-xss-protection
0
expires
Sat, 16 Dec 2023 06:00:32 GMT
q5ABBFe.png
i.imgur.com/ 		498 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/q5ABBFe.png
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.193 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
bb61e9665ce2e54efef00815f578d7c84384388e07c669d131b6abc2109b50c8
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:32 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1354566
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
498
x-served-by
cache-iad-kiad7000102-IAD
last-modified
Sat, 04 Nov 2023 22:09:02 GMT
server
cat factory 1.0
x-timer
S1702620032.160680,VS0,VE1
etag
"7ebecdd9573446c45e6bc8a7782d714c"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
h21lqsGUizzQqIZ_V8FoZ39_UKyf5ymNbJ4j6dIcB62P0ZqwA8aEyA==
x-cache-hits
1
taraftarium24.png
m.buyabilify.life/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.buyabilify.life/images/taraftarium24.png
Requested by
Host: m.buyabilify.life
URL: https://m.buyabilify.life/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:81de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae87de577266b813f7a6aee87e23149e2f8c6b8963e4bc7b079858d270c0696

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.buyabilify.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 06:00:32 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XnnXBKLoLG5nRMrbW02Zvq2ow3TLGDX6RqFN1lUAgYkhPFkW9l5pFiKX13T4%2BrDwHUfqwUxFw3ltXssawCg70mgFannO%2FWZe4DwxXBTWBB1nl6ILYXCU6loWSws9mw8dBgY0ZMtDfY1qv2Ub%2Fc6kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
835c7782ab06da13-MIA
alt-svc
h3=":443"; ma=86400
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.buyabilify.life/
Origin
https://m.buyabilify.life
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 08:59:50 GMT
age
162042
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"a9f93cfafa19b094"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 08:59:50 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://m.buyabilify.life/
Origin
https://m.buyabilify.life
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 17:16:01 GMT
age
218671
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3942
x-xss-protection
0
server
sffe
etag
"4694a1430564add5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 17:16:01 GMT
/
bedavacanliyayin10.blogspot.com/ Frame D61F 		48 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bedavacanliyayin10.blogspot.com/
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ddf5964d808d94feb569844ab37f50bc804f4a924d2f2a52d3914454271011a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m.buyabilify.life/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
10154
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 06:00:32 GMT
etag
W/"2beb056b9eeedb5d24f24aa26fd78584513d7934ac2cb2290dd3c10ef7f80345"
expires
Fri, 15 Dec 2023 06:00:32 GMT
last-modified
Thu, 14 Dec 2023 20:05:05 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame D61F 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7BQF5J6DBQ
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1d52d005d2fdd5cc4c2059c5da0be5aaa49584991ca5f340e7ce786b14641bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92987
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 06:00:32 GMT
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ Frame D61F 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:14:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6620
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 17:00:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 14 Dec 2024 00:14:18 GMT
gizle.css
t24reklam.xyz/trgool/ Frame D61F 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D61F 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7026251248099729&host=ca-host-pub-1556223355139109
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4214b6949859d8b8e12724c9118cdb31d3ff7bd37b1eeafe52712f0cd84972d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bedavacanliyayin10.blogspot.com/
Origin
https://bedavacanliyayin10.blogspot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51293
x-xss-protection
0
server
cafe
etag
16442790571537411491
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 06:00:33 GMT
6392687.png
wallpaperaccess.com/full/ Frame D61F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallpaperaccess.com/full/6392687.png
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9490603bf14cbbfbe1bc8754478a02d8eb24c9b388ba5899506d5ecd53f6aeb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:32 GMT
cf-cache-status
HIT
age
116580
cf-polished
origFmt=png, origSize=4441
content-disposition
inline; filename="6392687.webp"
alt-svc
h3=":443"; ma=86400
content-length
2860
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Jul 2023 08:06:13 GMT
server
cloudflare
etag
"64b101f5-1159"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
835c77861d6b748d-MIA
expires
Fri, 12 Jan 2024 21:37:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame D61F 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 02:52:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 02:52:03 GMT
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame D61F 		513 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 06:00:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
4803
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
145133
x-served-by
cache-fra-etou8220029-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame D61F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 06:00:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
40070
x-jsd-version
0.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10804
x-served-by
cache-fra-eddf8230055-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
2789723018-widgets.js
www.blogger.com/static/v1/widgets/ Frame D61F 		156 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2789723018-widgets.js
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df12f1788d48579ff2d735391648e079812b9289705e9d4c599d98a63247aa29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 21:50:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57840
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 04:43:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 11 Dec 2024 21:50:02 GMT
authorization.css
www.blogger.com/dyn-css/ Frame D61F 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=573758908998938845&zx=a1ac7d51-84cd-4ede-935a-6a6bc9f08c83
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Dec 2023 06:00:33 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
ad
appgool.click/ Frame E0CC 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appgool.click/ad?id=yayinex1
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bd43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e96d918a986fe65cbd28b4c9b1ce3cc936f185940189d287907e45b7bb25ed4

Request headers

Referer
https://bedavacanliyayin10.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
835c77873a327477-MIA
content-length
3586
date
Fri, 15 Dec 2023 06:00:33 GMT
etag
"e02-657a20e8-84ad2b5f4ca9000f;;;"
last-modified
Wed, 13 Dec 2023 21:23:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3wd0sb1M9CLiuB6Navfswj8mBzXGgzUrG30I0LPazRo7MSpBdgdk1mKwsJWEFDVDR2wZJsiWrnoDZolY31jNt2h6RkbEGviWeL7j3Xq266R7Y08xxfE8D8QwH398GT13gUAduE3KS3CZ%2B%2B9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-turbo-charged-by
LiteSpeed
authorization.css
www.blogger.com/dyn-css/ Frame D61F 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=573758908998938845&zx=a1ac7d51-84cd-4ede-935a-6a6bc9f08c83
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/#amp=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Dec 2023 06:00:33 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo.png
1.bp.blogspot.com/-SJfGiLdCNaw/W_gy-bcprRI/AAAAAAAAAHE/_glQB999LpwGuCvFzIWq4TbSgNBvvUnRQCK4BGAYYCw/s1600/ Frame D61F 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-SJfGiLdCNaw/W_gy-bcprRI/AAAAAAAAAHE/_glQB999LpwGuCvFzIWq4TbSgNBvvUnRQCK4BGAYYCw/s1600/logo.png
Requested by
Host: bedavacanliyayin10.blogspot.com
URL: https://bedavacanliyayin10.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
84396e0be4820086ad51c9bb6771fe0b76c9eed882f7fd757bc5fec0b7bd646c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
server
fife
etag
"v72"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 16 Dec 2023 06:00:33 GMT
clappr.min.js
cdn.jsdelivr.net/clappr/latest/ Frame E0CC 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 06:00:33 GMT
age
91754
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
131690
x-served-by
cache-fra-etou8220071-FRA, cache-mia-kmia1760057-MIA
etag
W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ Frame E0CC 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
339989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27277
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMzJP5ZppcAaCwFUNT%2FrO67khayPyPzokbiDMREIrnx8BGkBC4DkNxKZ72GOL5zTBbn35JHbQE7s5ukZ4k5FjE2p7wDlm7RKOTBiW2hv%2FbYfwRXKse8GC9LkZbTBbHcQMAgwz%2F1fEB8eNs%2FLc5uZGH9c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
835c77888a698de8-MIA
expires
Wed, 04 Dec 2024 06:00:33 GMT
clappr.js
appgool.click/ Frame E0CC 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appgool.click/clappr.js
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bd43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08437d97da5ff1cef1652f2c17b9f9205635b95cb664c651526cf4518d835250

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44355
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 08 Nov 2023 16:51:15 GMT
server
cloudflare
etag
W/"2196-654bbc83-efc46d503c1c929c;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2yVzK1xfaHawiCX5tnLngD1kIyzAc7lAtCV2HO58PAaGKvb6bzpVW4eoBI5XsXlQLnHqgFpgMIJytlZNcN7xXD1n%2FPBxEsv1PSMVe0srNpVg9Xu0oojCQj0qQ541Rhc%2BOsm0d7lOo8CigJ4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
835c77882b307477-MIA
expires
Thu, 21 Dec 2023 17:41:18 GMT
clappr-chromecast-plugin.min.js
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/ Frame E0CC 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 06:00:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
34101
x-jsd-version
0.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7330
x-served-by
cache-fra-eddf8230082-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type
version
etag
W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
d.js
waust.at/ Frame E0CC 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/d.js
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 17:19:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1897
etag
W/"63c0411e-3972"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlh%2BQvGGzoguqjRxwiUemrUmhwvoPU%2BKAAfQcCc0oXtX1HbIujmlzAXpmf1art3tOuy0NFU9l%2BOTeVW7xJkFeXVadabhBuCxmdSa1Un%2FQmW4fvKl8Ihmm9xWZjiswmLfWBgwqNPP"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
835c7789788bda8f-MIA
expires
Sat, 16 Dec 2023 05:28:56 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame D61F 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7026251248099729&host=ca-host-pub-1556223355139109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3d21346d5a17dc3502a6a5e7e9b3984f49ded47ed21dd6aefdcab11cc76d65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bedavacanliyayin10.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137923
x-xss-protection
0
server
cafe
etag
2157491619471399402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 06:00:33 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame BF27 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7026251248099729&host=ca-host-pub-1556223355139109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bedavacanliyayin10.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
23644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 23:26:29 GMT
etag
5585625838579639069
expires
Thu, 28 Dec 2023 23:26:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E0CC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 06:00:33 GMT
ad
appgool.click/ Frame E0CC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appgool.click/ad?id=yayinex1
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bd43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 13 Dec 2023 21:23:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e02-657a20e8-84ad2b5f4ca9000f;;;"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DThKj6jU4mu%2BV8uXmiynBbDtoPUXhmsmZdqYw8Y2vd%2BwSWUq3rNP%2Ffs7KdnbAwlj4IeGPwQ21R0KvBawx6cORjKCrcmqHrVWBYhtXAwHw97qS7iJs6kzldsqlzhgsALgpV%2Br8gCXSKzsv2rx"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
835c77899b838dee-MIA
alt-svc
h3=":443"; ma=86400
content-length
3586
lo3.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZhO09jd5cwHiAS2dJNKA6aIOzkfSR0PX5xnjl0lkRpqub5LOJnOD41oFNefG7nz3rLJYpX36sDQRtT5cSnqgmhJAeQEQEqMbAxy7YItY5eDxNbolbUCtGKl3reA_uGTSTpiTjIgUKLBMFSpea... Frame E0CC 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZhO09jd5cwHiAS2dJNKA6aIOzkfSR0PX5xnjl0lkRpqub5LOJnOD41oFNefG7nz3rLJYpX36sDQRtT5cSnqgmhJAeQEQEqMbAxy7YItY5eDxNbolbUCtGKl3reA_uGTSTpiTjIgUKLBMFSpea75paYfzBowtl_1-GEmvi2mx-bYMDD8lJT2gWUpYBX-k/s16000/lo3.png
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1f85d700c68539225b5f7676a60191e3c1097edd9ebc1c31c01e63bf5221ade6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
x-content-type-options
nosniff
server
fife
etag
"v20df"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="lo3.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35162
x-xss-protection
0
expires
Sat, 16 Dec 2023 06:00:33 GMT
/
corsproxy.org/ Frame E0CC 		909 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://corsproxy.org/?https://cakal.click/yayinex1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2eed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074ce8b5e65476ca15d17a13d7db004b19c50520972021d24872d44f6ba960a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 15 Dec 2023 06:00:33 GMT
server
cloudflare
etag
W/"657beb81-38d"
access-control-max-age
86400
access-control-allow-methods
CONNECT, DELETE, GET, HEAD, OPTIONS, POST, PUT, TRACE, PATCH
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfbqIlI468X%2BFaJ4FuvS4lAxXqWUbN3isLJFI8FH%2FgihkFUNMpaN0e7QMcHoRrRtXYridpEaDss2sEnNLx9KR1hFgmfyyMSHc0Eyr5o9TzLy7VPFUL6AK2Cjc9On24ksVDvIG%2B0hDFVQhvpg"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
*
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
835c778a6b54288e-MIA
access-control-allow-headers
*
/
t.dtscout.com/i/ Frame E0CC 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fappgool.click%2Fad%3Fid%3Dyayinex1&j=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be9c3f6b34d541295746a5385266bca04310f79909080a3525312e7d6c568626

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
x-t
0.263
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXV1vBgbB0T0Xy02YTJW2x53NZYCAzDTtNhjjyr9TH9YPIDXAXcJuLLVNIJfhe1pd1q2ZlDFIzR0pATu%2FrZZFIf9e%2B7xmC7OGJUp53zvtjRhAhD%2BaiC7wUOUmZny6dOnvbyjg5hP%2FjvtcDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
835c778a6a97127f-MIA
expires
Fri, 15 Dec 2023 06:00:32 GMT
/
whos.amung.us/pingjs/ Frame E0CC 		29 B
183 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=hnxm5b9piu&t=&c=d&x=https%3A%2F%2Fappgool.click%2Fad%3Fid%3Dyayinex1&y=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F&a=0&v=27&r=1229
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70239f3d901d9e62326e995bf1b120058e3e86ed2052fb03c3882cf7b9fb83b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
835c778a6d6d67db-MIA
content-type
text/javascript;charset=UTF-8
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame E0CC 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 22:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 15 Dec 2023 22:13:07 GMT
tc.js
cdn.tynt.com/ Frame E0CC 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
63808
etag
W/"651ed18d-66a6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
835c778b98f73347-MIA
expires
Mon, 18 Dec 2023 06:00:33 GMT
truncated
/ Frame E0CC 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
t.dtscout.com/idg/ Frame A9AA 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=104017026200338A18BBFE9998B67A00
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fappgool.click%2Fad%3Fid%3Dyayinex1&j=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c64e074de3b64c5fc1c0c47caf929f7943325b8cda6e2f26634d9f848fed1a

Request headers

Referer
https://appgool.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
835c778b4af8127f-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 06:00:33 GMT
expires
Fri, 15 Dec 2023 06:00:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ygxtlhnC7BBZYvCKz6TCVVYR7FR70Bt8tg9mJCebfWhOpnE%2FVwRHR%2BS9O657SUUa01cmlsvEp57fwwV5FElRVeaSdpuTTNbxBvizPIUkNWPlcrN0aiePfZxZj5iMEPz%2FZTmFnmzJCUK6VY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E0CC 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fappgool.click%2Fad%3Fid%3Dyayinex1&j=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-108.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 f5386598f013dd093e17be33d361f408.cloudfront.net (CloudFront)
date
Thu, 14 Dec 2023 12:40:19 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
62415
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
Azng9XVnbq3jrGMVQsjJ6aCQ9A8XIH6gTbRSMQsQgGVAT8mgmzINjw==
dtscout
pd.sharethis.com/pd/ Frame E0CC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fappgool.click%2Fad%3Fid%3Dyayinex1&j=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.194.247 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-194-247.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0037d1fab9ee673e828d406d905933a8024c212b415c716c535ee412b5f15466
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:34 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame E0CC 		51 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=appgool.click&_ss=4d5atv41am&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=2bn2&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fappgool.click%2Fad%3Fid%3Dyayinex1&j=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7b80fc0bb526a18db036fb061e6ecb380642476767506fd5074b9686cceaea8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:33 GMT
x-t
0.15
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpMtDZ8w%2BFRarsOnqRqgXSxWbLOxiaM8ITII81Hk9KeQwzB9QWL1imzyvc3MUtasNNYIu1hfflaGutT59sy1M4Rgk6OuAiZNDgFBGh3Lz3WazmPPPbEcqpzjoCjLHnVx2PiON6xhw5FzBsE%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
835c778b4afa127f-MIA
expires
Fri, 15 Dec 2023 06:00:32 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7A39 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7026251248099729&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A66048%2C4%3A66048%2C8%3A512%2C9%3A33280%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm.buyabilify.life%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702620033384&bpp=4&bdt=608&idt=440&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&nras=1&correlator=1926472301562&frm=24&ife=1&pv=2&ga_vid=2131478512.1702620034&ga_sid=1702620034&ga_hid=1112252492&ga_fc=0&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=800&ish=850&ifk=3442782311&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C44795921%2C95320884&oid=2&pvsid=2918028854519851&tmod=1920658607&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C800%2C850&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1zoslxdgeg9m&fsb=1&dtd=459
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bedavacanliyayin10.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 06:00:33 GMT
expires
Fri, 15 Dec 2023 06:00:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
yayinex1_6564_018.dmg
corsproxy.pro/https://cakal.click/ Frame E0CC 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corsproxy.pro/https://cakal.click/yayinex1_6564_018.dmg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce18b6906b9773fa4268642a97fcf6b30432b6296209dc661ed37cf41581521e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
2935996
last-modified
Fri, 15 Dec 2023 05:59:25 GMT
server
cloudflare
etag
"657beb3d-2cccbc"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3IRKwgo0RSlCmDxQyCRF0LycigyFToAIN6WFNWQZtX1hZU6YixFtfCyaxypnSU3FfssYHQUJQekcPuYmJ1F8UAkbV0hn2ziDpB5FbN65f5jNMSigAUE%2F0G0VHlausmC5AlEaUGkXpLHRH4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
835c778c3afc25a6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
934f21ca-675c-4c40-9019-fb2768190655
https://appgool.click/ Frame E0CC 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://appgool.click/934f21ca-675c-4c40-9019-fb2768190655
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12ca1fbf21c79f1630db4a0226b808cd69409b14e7912dd745852bfe3d017fad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
63942
Content-Type
text/javascript
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame E0CC 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fappgool.click%2Fad%3Fid%3Dyayinex1&j=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 09:52:30 GMT
content-encoding
gzip
via
1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
72485
etag
W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
7MQ4yz6pyc16F9-YyEAkBrqKhXHVtqF7PcqXliSjOzG8tLlRwhhMuA==
/
t.dtscdn.com/widget/ Frame E0CC 		0
0
mw
mwzeom.zeotap.com/ Frame E0CC
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017026200338A18BBFE9998B67A00
  • https://spl.zeotap.com/?zdid=1332&zcluid=d7b89e444ff1a897
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=52bec4a8-ed21-4b67-5ac5-d3519e5b60ff&reqId=fbc9805e-996e-4733-61f6-d552b384d86f&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEI-az64qhb4ZN3Ffq_eKErU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=52bec4a8-ed21-4b67-5ac5-d3519e5b60ff&reqId=fbc9805e-996e-4733-61f6-d55...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEI-az64qhb4ZN3Ffq_eKErU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=52bec4a8-ed21-4b67-5ac5-d3519e5b60ff&reqId=fbc9805e-996e-4733-61f6-d552b384d86f&zcluid=d7b89e444ff1a897&zdid=1332
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://appgool.click
access-control-allow-credentials
true
cf-ray
835c7791d95f9aeb-MIA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 06:00:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEI-az64qhb4ZN3Ffq_eKErU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=52bec4a8-ed21-4b67-5ac5-d3519e5b60ff&reqId=fbc9805e-996e-4733-61f6-d552b384d86f&zcluid=d7b89e444ff1a897&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
ic.tynt.com/b/ Frame E0CC 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!hnxm5b9piu&lm=3&ts=1702620033942&dn=TC&iso=1&pu=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F&r=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F&t=appgool.click&chmob=0
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:34 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
/
onetag-geo.s-onetag.com/ Frame E0CC 		50 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-23.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 21:15:14 GMT
via
1.1 c1ad0e11a95c9a5b3f4d80fde7d23fea.cloudfront.net (CloudFront), 1.1 d1450f9172625df286184e0b1f1d01f2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
age
31520
x-amzn-requestid
6f4c5872-2d7b-4007-b108-6841f0720387
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
P85_cEsXiYcEUVA=
content-length
50
x-amz-cf-id
8vphL_cUQwnF5itQPug46yIznqqvd6DUoDvhhBB0ZKvwOwmLmY7GVw==
t.dhj
t.sharethis.com/1/d/ Frame E0CC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9905935530510184&stid=ZHYACWV764IAAAAIDsuSAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Fri, 15 Dec 2023 07:00:34 GMT
dtscout
pd.sharethis.com/pd/ Frame E0CC 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F&event_source=dtscout&rnd=0.9905935530510184&exptid=ZHYACWV764IAAAAIDsuSAw%3D%3D&fcmp=false
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.194.247 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-194-247.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:34 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
v2
de.tynt.com/deb/ Frame E0CC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!hnxm5b9piu&dn=TC&cc=1&chmob=0&r=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F&pu=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
6b9961519970013d5f938fd5a302162e5fbf230a786a84407f9101787af5631c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Fri, 15 Dec 2023 06:00:33 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1819
expires
Sat, 26 Jul 1997 05:00:00 GMT
yayinex1_6564_019.dmg
corsproxy.pro/https://cakal.click/ Frame E0CC 		4 MB
4 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corsproxy.pro/https://cakal.click/yayinex1_6564_019.dmg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2a99585eccecab6b58446000b81f9e2f626468e673cd2d9fa34c862bc13230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
3711308
last-modified
Fri, 15 Dec 2023 05:59:31 GMT
server
cloudflare
etag
"657beb43-38a14c"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp%2BVxPfgaj6mzGOtDdCZQSM8SaNvUXc%2FEmZsRKXGp%2BlxKbLHyzjXF4QvSeMXEKnpl%2FPtGAJTTeBtdR8KyWW%2BMGKaVHd04C06mx%2Fq9z5zSudVjSGEP54FJtLwZRDDMD40yhOJxmtCRHx%2FHDs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
835c778f0ddf25a6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
t_.htm
t.sharethis.com/a/ Frame AB75 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9905935530510184&stid=ZHYACWV764IAAAAIDsuSAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://appgool.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Fri, 15 Dec 2023 06:00:34 GMT
Expires
Fri, 22 Dec 2023 06:00:34 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame E0CC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-112.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 fdc88b576635a6d1858343ad162c44fc.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 05:01:53 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
3522
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
tC08yBD3HJzl9V68u-RCl69aEHhMdCz4kvQceu6KQKxQ4pcAjrYp2g==
lotame-sync.html
cdn-tc.33across.com/ Frame 9321 		343 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!hnxm5b9piu&dn=TC&cc=1&chmob=0&r=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F&pu=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer
https://appgool.click/ad?id=yayinex1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
82590
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
835c779049a167e1-MIA
content-encoding
gzip
content-type
text/html
date
Fri, 15 Dec 2023 06:00:34 GMT
etag
W/"651ed188-157"
expires
Mon, 18 Dec 2023 06:00:34 GMT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
vary
Accept-Encoding
/
lex.33across.com/ps/v1/pubtoken/ Frame E0CC 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1702620034411.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3D%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fbedavacanliyayin10.blogspot.com%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&r=true
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-33x-status
208
date
Fri, 15 Dec 2023 06:00:34 GMT
server
33XP017
bk_sync.xgi
x.dlx.addthis.com/e/ Frame E0CC
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.2
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.2&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023121506003500030207141211&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 15 Dec 2023 06:00:35 GMT
pragma
no-cache
date
Fri, 15 Dec 2023 06:00:35 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
date
Fri, 15 Dec 2023 06:00:35 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
p.adsymptotic.com/d/px/ Frame E0CC
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1702620034411.3
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIgtfvqwYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIgtfvqwYSBAgCEABCAEoA&google_gid=CAESEDH_sefX_czbxEtCUbUG8Wk&google_cver=1
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=07089299
0
0
dpx
i.simpli.fi/ Frame E0CC 		95 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1702620034411.4&ref=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 06:00:34 GMT
server
openresty
content-type
image/png; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
95
x-request-id
F6Dr5pGpg9eaEwECXapG
expires
Thu, 01 Jan 1970 00:00:00 GMT
bk_sync.xgi
x.dlx.addthis.com/e/ Frame E0CC
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.6
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.6&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023121506003400013528231199&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 15 Dec 2023 06:00:35 GMT
pragma
no-cache
date
Fri, 15 Dec 2023 06:00:35 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
date
Fri, 15 Dec 2023 06:00:35 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
396846.gif
idsync.rlcdn.com/ Frame E0CC
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1702620034411.7
  • https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCILX76sGEgUI6AcQAEIASgA
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0d57081a-3588-4b92-b7d3-9408b8752cb4
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0d57081a-3588-4b92-b7d3-9408b8752cb4
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 15 Dec 2023 06:00:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0d57081a-3588-4b92-b7d3-9408b8752cb4
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dpx
i.simpli.fi/ Frame E0CC 		95 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1702620034411.8&ref=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 06:00:34 GMT
server
openresty
content-type
image/png; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
95
x-request-id
F6Dr5pGkXsYXA5gFFvQC
expires
Thu, 01 Jan 1970 00:00:00 GMT
bk_sync.xgi
x.dlx.addthis.com/e/ Frame E0CC
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.9
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.9&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023121506003400073541068984&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 15 Dec 2023 06:00:35 GMT
pragma
no-cache
date
Fri, 15 Dec 2023 06:00:35 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
date
Fri, 15 Dec 2023 06:00:35 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
396846.gif
idsync.rlcdn.com/ Frame E0CC
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1702620034411.10
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7a952098-d559-40da-96a5-fa149cca21d4
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7a952098-d559-40da-96a5-fa149cca21d4
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 15 Dec 2023 06:00:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=7a952098-d559-40da-96a5-fa149cca21d4
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bk_sync.xgi
x.dlx.addthis.com/e/ Frame E0CC
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.11
  • https://e.dlx.addthis.com/e/a-1549/s-3261?guid=w%21hnxm5b9piu&33random=1702620034411.11&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023121506003400014719337253&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 15 Dec 2023 06:00:35 GMT
pragma
no-cache
date
Fri, 15 Dec 2023 06:00:35 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=zPGJm17%2B99e2f7%2Bk
date
Fri, 15 Dec 2023 06:00:35 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
362358.gif
idsync.rlcdn.com/ Frame E0CC
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1702620034411.12
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKZOxrjVfT-RaeQ6BzNT03s&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKZOxrjVfT-RaeQ6BzNT03s&google_cver=1
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/ad?id=yayinex1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 06:00:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKZOxrjVfT-RaeQ6BzNT03s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 9682 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Fri, 22 Dec 2023 06:00:34 GMT
test_oracle
pd.sharethis.com/pd/ Frame 92AE 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.194.247 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-194-247.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
7e5b4b19e039a6d325415b8090dcdea8bc113cb5bf575fc4f8096d32cd6faf8f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:34 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 9682
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=8c8fe48b-be3e-4474-bf40-9902877886b9&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=8c8fe48b-be3e-4474-bf40-9902877886b9&gdpr=0&gdpr_consent=
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
HTTP/1.1
Server
18.116.146.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-146-56.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHYACWV764IAAAAIDsuSAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/ttd?uid=8c8fe48b-be3e-4474-bf40-9902877886b9&gdpr=0&gdpr_consent=
date
Fri, 15 Dec 2023 06:00:34 GMT
server
Kestrel
content-length
215
db_sync
px.ads.linkedin.com/ Frame 9682
Redirect Chain
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHYACWV764IAAAAIDsuSAw%3D%3D&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhZQUNXVjc2NElBQUFBSURzdVNBdz09EAAaDQiC1--rBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7b1e0fd03ff7749dc72562fc54286ec89de2e59141fbb99b9895e618c5cbce85791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7b1e0fd03ff7749dc72562fc54286ec89de2e59141fbb99b9895e618c5cbce85791426b5417dce21&rand=08635740
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7b1e0fd03ff7749dc72562fc54286ec89de2e59141fbb99b9895e618c5cbce85791426b5417dce21&rand=08635740&expected_cookie=5f81406c-acda-49ff-8029-91a04bdea660
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7b1e0fd03ff7749dc72562fc54286ec89de2e59141fbb99b9895e618c5cbce85791426b5417dce21&rand=08635740&expected_cookie=5f81406c-acda-49ff-8029-91a04bdea660
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:34 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 568C4B9F152F4ACBB99B7C22165D33EA Ref B: MIAEDGE1709 Ref C: 2023-12-15T06:00:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMhh5hzvo3UlMx6tMFxg==

Redirect headers

date
Fri, 15 Dec 2023 06:00:34 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 70F8ED77C8A747DD8C7BE0A77F36C5EC Ref B: MIAEDGE1709 Ref C: 2023-12-15T06:00:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=7b1e0fd03ff7749dc72562fc54286ec89de2e59141fbb99b9895e618c5cbce85791426b5417dce21&rand=08635740&expected_cookie=5f81406c-acda-49ff-8029-91a04bdea660
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMhh5gCGIp0HPjnna7Xw==
eyeota
sync.sharethis.com/ Frame 9682
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2sVyeKlNqZ0ZdLHZLtiHFU4cIMLVQZpPYL4RRzGAM4m0&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2sVyeKlNqZ0ZdLHZLtiHFU4cIMLVQZpPYL4RRzGAM4m0&gdpr=0&gdpr_consent=
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
HTTP/1.1
Server
18.116.146.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-146-56.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHYACWV764IAAAAIDsuSAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2sVyeKlNqZ0ZdLHZLtiHFU4cIMLVQZpPYL4RRzGAM4m0&gdpr=0&gdpr_consent=
Date
Fri, 15 Dec 2023 06:00:35 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame 9682
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHYACWV764IAAAAIDsuSAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3640643425985888301
  • https://ml314.com/csync.ashx?fp=f9b1ac47d868f34fa84dc1af640529af709f36b034b09cb41fc8da25bb883913f4cb09cee1a4f8eb&person_id=3640643425985888301&eid=50082
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=f9b1ac47d868f34fa84dc1af640529af709f36b034b09cb41fc8da25bb883913f4cb09cee1a4f8eb&person_id=3640643425985888301&eid=50082
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 16 Dec 2023 06:00:34 GMT
date
Fri, 15 Dec 2023 06:00:34 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Fri, 15 Dec 2023 06:00:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=f9b1ac47d868f34fa84dc1af640529af709f36b034b09cb41fc8da25bb883913f4cb09cee1a4f8eb&person_id=3640643425985888301&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 9682
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZHYACWV764IAAAAIDsuSAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
HTTP/1.1
Server
18.116.146.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-146-56.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:35 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHYACWV764IAAAAIDsuSAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date
Fri, 15 Dec 2023 06:00:34 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 9321 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 08:08:01 GMT
content-encoding
gzip
via
1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:51:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
78754
x-amz-server-side-encryption
AES256
etag
W/"b054dbc49b30695b40107158fb25e846"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
krQxLJQU-kwiz6I1MHfSjOnUg8yxBeoYyqmSUPlStcSFY7wcuShDdw==
v2
ap.lijit.com/readerinfo/ Frame E0CC
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
HTTP/1.1
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ad284e8164535c43348082924252d4167a9d107463017ea3d3a098b0859317fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 06:00:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://appgool.click
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Fri, 15 Dec 2023 06:00:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://appgool.click
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
bk-coretag.js
tags.bkrtx.com/js/ Frame 92AE 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.182.189 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-182-189.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 15 Dec 2023 06:00:35 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Fri, 22 Dec 2023 06:00:35 GMT
yayinex1_6564_020.dmg
corsproxy.pro/https://cakal.click/ Frame E0CC 		4 MB
4 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corsproxy.pro/https://cakal.click/yayinex1_6564_020.dmg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50c2977d887f5c6b409a28287b2a59f2987793d51de42b5a91431433aac51dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
3695140
last-modified
Fri, 15 Dec 2023 05:59:35 GMT
server
cloudflare
etag
"657beb47-386224"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWPCDV6BDq5Znv3gxn1WL2uzh1wAK%2BuDvH%2BubBNX1LYoWLHFPiaGRb3K1nIElDbQKU%2FstQ%2BViqNDP1zmzJO3lTY5V67ffZ6PDeCDS%2B3hNLDsxyizkk3nl2I2jv2LnyvQBh24Pg9QSJtoCCk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
835c7791482225a6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
map
bcp.crwdcntrl.net/6/ Frame 9321 		156 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.134.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-134-208.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
157b46ddf1ed25fbeb6d00c0b03afa721b304e52e42c7c6f7c4b710038a169cd

Request headers

Referer
https://cdn-tc.33across.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 06:00:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.40.6.96
access-control-allow-credentials
true
content-length
156
expires
0
yayinex1_6564_021.dmg
corsproxy.pro/https://cakal.click/ Frame E0CC 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corsproxy.pro/https://cakal.click/yayinex1_6564_021.dmg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be875db7644445e4e6ff908d3a64711a98bcfdb0eacf84305d3cd1d78a6f805

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:35 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
3613360
last-modified
Fri, 15 Dec 2023 05:59:40 GMT
server
cloudflare
etag
"657beb4c-3722b0"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1d%2B0TlJpHFrOGWxVN8twxF3dqoTC40buz0dPfuxHKjeD0norYiI97nvMvRIWB73aXuPLsKhpjtJjLuXVYoysTMgwizgcRGFEHsu%2BzsPKl8lWlZYFFYNzNa4f7%2FEXJ3jb%2BFFmEOigEl%2FQpA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
835c7793ba9125a6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
2981
tags.bluekai.com/site/ Frame C635
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHYACWV764IAAAAIDsuSAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26...
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=M054Sm1Pd005OTk3VGMraw%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESECp_HnWWxlTpXea-8z4f2E4&google_cver=1
62 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESECp_HnWWxlTpXea-8z4f2E4&google_cver=1
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Fri, 15 Dec 2023 06:00:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
296
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 06:00:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESECp_HnWWxlTpXea-8z4f2E4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
yayinex1_6564_022.dmg
corsproxy.pro/https://cakal.click/ Frame E0CC 		4 MB
4 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corsproxy.pro/https://cakal.click/yayinex1_6564_022.dmg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed911bff9ca90dd9d2edf034b18e9d660635bd83b1f4699aa9de0186bdb097f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:35 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
4050084
last-modified
Fri, 15 Dec 2023 05:59:45 GMT
server
cloudflare
etag
"657beb51-3dcca4"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltG0U9i6FHKgsD7KmGKJECHv9%2BPpC3ASz3%2F3%2F08WF7GHOfCAAvuhoamJO22jd3%2FH5pQu4qjXVsJoNFvudLRaU1Q7M7yhmRENaRKH48f0qWHwPSsTexZRZaZafRn0uyA9h9AgSkWYXoEoGgM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
835c7795dca525a6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
1540_03681
track2.securedvisit.com/sync/ Frame E0CC 		43 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H0todSZHicY9772qTLWdWOMZ
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.86.46 -, , ASN (),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 06:00:35 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
yayinex1_6564_023.dmg
corsproxy.pro/https://cakal.click/ Frame E0CC 		4 MB
4 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corsproxy.pro/https://cakal.click/yayinex1_6564_023.dmg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c95dec29dc49de541910831d3c01144334b6e5cc3cab90dad13b0eff2ffd349e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
4148596
last-modified
Fri, 15 Dec 2023 05:59:50 GMT
server
cloudflare
etag
"657beb56-3f4d74"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BIvqjqyrM1pHtxCpvfZD0lgATAsKDGjfm7YwaPsSFnXTu0qKAUXf8zYvBsIjjI7BNm3V%2BCUa5e%2FE9ch1IXEt9dM0IfOYppBXM%2F0JLJQERHEugOglI21a7JLDb1vZe5zaa1OVdU3odV4cpc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
835c77981f6325a6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3597 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=15546
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.24 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://appgool.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Fri, 15 Dec 2023 06:00:36 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront)
x-amz-cf-id
pwhqHuTtpu8ixXuhZIbo4XE7pzGo9Dbp9dbem6MZkIFdOG7rpQfVLA==
x-amz-cf-pop
JFK50-P2
x-cache
Miss from cloudfront
yayinex1_6564_024.dmg
corsproxy.pro/https://cakal.click/ Frame E0CC 		4 MB
4 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corsproxy.pro/https://cakal.click/yayinex1_6564_024.dmg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
3747404
last-modified
Fri, 15 Dec 2023 05:59:55 GMT
server
cloudflare
etag
"657beb5b-392e4c"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
video/mp4
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4J5IQHv1A%2BJl6yUUw3bnF7gH8w0o3mTdJ7jSqkcJGO15t9AqpT2OGhZShFoMwlhaOMkrWpRVFSBskdcHjVcwoQgTcrGrxjgEHeLt%2B6pEBunZ48cnSiAND%2Ble%2FcvqoOgpPGut5cqWnEmzfQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
835c779b5b8825a6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
sync
pippio.com/api/ Frame E0CC
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H0todSZHicY9772qTLWdWOMZ&rnd=70951
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H0todSZHicY9772qTLWdWOMZ&rnd=70951&_li_chk=true&previous_uuid=a80fcd13a7ff4f8d8ac5ba473be031eb
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4203358364365765262
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a80fcd13-a7ff-4f8d-8ac5-ba473be031eb
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d33c465e-0066-44aa-bdc4-0dbf0fac183f%3A1702620037.4851716&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd33c465e-0066-44aa...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=970033170884884839&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd33c465...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d33c465e-0066-44aa-bdc4-0dbf0fac183f%3A1702620037.4851716&pid=500040&it=1&iv=d33c465e-0066-44aa-bdc4-0dbf0fac183f%3A1702620037.4851716&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1702620037.488959&iv=d33c465e-0066-44aa-bdc4-0dbf0fac183f:1702620037.4851716
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1702620037.488959&iv=d33c465e-0066-44aa-bdc4-0dbf0fac183f:1702620037.4851716
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1702620037.488959&iv=d33c465e-0066-44aa-bdc4-0dbf0fac183f:1702620037.4851716
Date
Fri, 15 Dec 2023 06:00:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
db_sync
px.ads.linkedin.com/ Frame E0CC 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H0todSZHicY9772qTLWdWOMZ&rand=56681&pu=https://bedavacanliyayin10.blogspot.com/
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 06:00:36 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4478C6F801994154AA4C0501CFAD48BF Ref B: MIAEDGE1709 Ref C: 2023-12-15T06:00:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMhh6AkHYfFtFNKEYd5Q==
a.gif
t.sharethis.com/d/ Frame 9682 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHYACWV764IAAAAIDsuSAw%253D%253D&tt=t.dhj&dhjLcy=1702620034397&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=bedavacanliyayin10.blogspot.com&pn=%2F&qs=na&cc=US&cont=NA&evid=VY_DsxYA_83k6r8DaR3A&urls=!1!571!b-13j,!0!604!b-13l,!1!641!b-14s,!1!0!b-14t,!1!357!b-150,!1!628!b-16f&rnd=1702620037597&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=75
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 06:00:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 15 Dec 2023 06:00:37 GMT
merge
ce.lijit.com/ Frame E0CC
Redirect Chain
  • https://um.simpli.fi/lj_match?r=95853
  • https://ce.lijit.com/merge?pid=2&3pid=1048C2FD9E144E3EB99A2156EF6FDD89
43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=1048C2FD9E144E3EB99A2156EF6FDD89
Requested by
Host: appgool.click
URL: https://appgool.click/ad?id=yayinex1
Protocol
HTTP/1.1
Server
23.92.190.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://appgool.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 06:00:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 15 Dec 2023 06:00:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=1048C2FD9E144E3EB99A2156EF6FDD89
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 14 Dec 2023 06:00:37 GMT
usersync.aspx
dis.criteo.com/dis/ Frame E0CC
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H0todSZHicY9772qTLWdWOMZ&rnd=62289
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
0
0
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame C43B 		85 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-108.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://appgool.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
241293
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Tue, 12 Dec 2023 10:59:05 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f5386598f013dd093e17be33d361f408.cloudfront.net (CloudFront)
x-amz-cf-id
4PpXY-qVyAHeSOpJ1105NhG7Rbk_41arF4kFiPVMIlnnfnfvKjyl8w==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame C43B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t24reklam.xyz
URL
https://t24reklam.xyz/trgool/gizle.css
Domain
t.dtscdn.com
URL
https://t.dtscdn.com/widget/?d=104017026200338A18BBFE9998B67A00&nid=0&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fappgool.click%2Fad%3Fid%3Dyayinex1&r=https%3A%2F%2Fbedavacanliyayin10.blogspot.com%2F
Domain
p.adsymptotic.com
URL
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=07089299
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Domain
get.s-onetag.com
URL
https://get.s-onetag.com/underground-sync-portal/Portal.js

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| listeningFors

46 Cookies

Domain/Path Name / Value
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1702620033
.dtscout.com/ Name: l
Value: 104017026200338A18BBFE9998B67A00
.sharethis.com/ Name: __stid
Value: ZHYACWV764IAAAAIDsuSAw==
.sharethis.com/ Name: __stidv
Value: 2
.onaudience.com/ Name: cookie
Value: d7b89e444ff1a897
.onaudience.com/ Name: done_redirects219
Value: 1
.tynt.com/ Name: uid
Value: Vz/bJWV764LMu3ZvFQcbcA==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%2204b37b1668%22%2C%22f%22%3A4%2C%22ts%22%3A1702620034411%7D%2C%7B%22p%22%3A%220c1ae001bf%22%2C%22f%22%3A4%2C%22ts%22%3A1702620034411%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1702620034411%7D%2C%7B%22p%22%3A%22b1b5df9b98%22%2C%22f%22%3A1%2C%22ts%22%3A1702620034411%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1702620034411%7D%5D
.zeotap.com/ Name: zc
Value: 52bec4a8-ed21-4b67-5ac5-d3519e5b60ff
.zeotap.com/ Name: zsc
Value: %C9%0F%D0%AD%7B%AA%F8%8A%82%00%C2%A7%8E%E9%04%AF%C4%9C%04%C9Q%B36%AA%AE%ED%2C%BD%00%BAPK%3E%C5%979%3A%E9i7%AC%BA%8E%EC%B0%FCu%E4%D4%26%9Am%B2tS%09LD%29F%10%9F%16%F1%C6%E9%CDLd%85%21duMw%F1%03%14%B9s%AFT%CE
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1702620034596
.simpli.fi/ Name: suid
Value: 1048C2FD9E144E3EB99A2156EF6FDD89
.ml314.com/ Name: pi
Value: 3640643425985888301
.adsrvr.org/ Name: TDID
Value: 8c8fe48b-be3e-4474-bf40-9902877886b9
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiQ7cSmvM--PBAFOAE.
.eyeota.net/ Name: mako_uid
Value: 18c6c0ff70e-ab30000010a4a59
.eyeota.net/ Name: SERVERID
Value: 19033~DM
.doubleclick.net/ Name: IDE
Value: AHWqTUnU9h1SkCuM1wpP3OizLFARYLloeWIWNWLkIf_cVvJz0Xae1AJq0bDKt7Nogv0
.pippio.com/ Name: didts
Value: 1702620034
.pippio.com/ Name: nnls
Value:
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.pippio.com/ Name: did
Value: XONoR0UUKblgeYWa
.rlcdn.com/ Name: pxrc
Value: CILX76sGEgUI6AcQABIFCOhHEAA=
.bluekai.com/ Name: bku
Value: +rQ99/ngKtDmUyAT
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: ef0531313763619bd4df0330fe684f81
.lijit.com/ Name: ljt_reader
Value: H0todSZHicY9772qTLWdWOMZ
.openx.net/ Name: i
Value: fcff60a7-b199-494d-930a-b20fc17673f1|1702620034
.pippio.com/ Name: pxrc
Value: CILX76sGEgQIAhAAEgYI36wrEAASBgiCvSsQAA==
.rlcdn.com/ Name: rlas3
Value: yQvbpkaZWJmoglpXltwQ8E6q4yCM6goFX5DkspwpQE0=
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20231215
.dlx.addthis.com/ Name: na_srp
Value: 3261
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.addthis.com/ Name: na_id
Value: 2023121506003500030207141211
.addthis.com/ Name: uid
Value: 657beb83af8ef8db
.addthis.com/ Name: ouid
Value: 657beb830001430169eb862fda2e1fa521f3ba3bde69ee6dcb84
.linkedin.com/ Name: li_sugr
Value: 5f81406c-acda-49ff-8029-91a04bdea660
.linkedin.com/ Name: bcookie
Value: "v=2&c08e982c-2b7e-43e6-8e77-49437afbe7d2"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3047:u=1:x=1:i=1702620035:t=1702706435:v=2:sig=AQFaO0AxZOC0NcDl3EG4W7BUlFntm8gY"
.dlx.addthis.com/ Name: na_sc_x
Value: 2
.intentiq.com/ Name: IQver
Value: 1.9

3 Console Messages

Source Level URL
Text
network error URL: https://m.buyabilify.life/images/taraftarium24.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://t24reklam.xyz/trgool/gizle.css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://appgool.click/ad?id=yayinex1
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H0todSZHicY9772qTLWdWOMZ' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
ap.lijit.com
api.intentiq.com
appgool.click
bcp.crwdcntrl.net
bedavacanliyayin10.blogspot.com
blogger.googleusercontent.com
cdn-tc.33across.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
corsproxy.org
corsproxy.pro
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dis.criteo.com
e.dlx.addthis.com
get.s-onetag.com
googleads.g.doubleclick.net
i.imgur.com
i.liadm.com
i.simpli.fi
ic.tynt.com
idsync.rlcdn.com
lex.33across.com
live.rezync.com
m.buyabilify.life
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
onetag-geo.s-onetag.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
ps.eyeota.net
px.ads.linkedin.com
rc.rlcdn.com
spl.zeotap.com
stags.bluekai.com
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
t24reklam.xyz
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
track2.securedvisit.com
um.simpli.fi
us-u.openx.net
wallpaperaccess.com
waust.at
whos.amung.us
www.blogger.com
www.googletagmanager.com
www.gstatic.com
x.dlx.addthis.com
dis.criteo.com
get.s-onetag.com
p.adsymptotic.com
t.dtscdn.com
t24reklam.xyz
104.18.34.83
107.178.254.65
108.138.106.17
108.138.128.28
108.139.29.112
108.139.29.24
142.250.80.66
146.75.28.193
15.235.15.221
172.64.152.89
18.116.146.56
18.173.132.23
18.223.194.247
18.238.55.108
199.38.167.131
23.200.88.69
23.203.182.189
23.46.225.71
23.92.190.68
2606:4700:10::6816:1957
2606:4700:10::ac43:7cc
2606:4700:10::ac43:88d
2606:4700:20::681a:683
2606:4700:20::ac43:4739
2606:4700:21::8d65:780a
2606:4700:3030::6815:2eed
2606:4700:3034::ac43:bd43
2606:4700:3037::ac43:81de
2606:4700::6811:180e
2607:f8b0:4006:806::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::2009
2607:f8b0:4006:81f::200a
2607:f8b0:4006:821::2001
2607:f8b0:4006:823::2001
2620:112:f002:bbbb::23
2620:1ec:21::14
2a04:4e42::485
3.222.98.107
34.117.77.79
34.86.110.8
35.194.66.159
35.244.154.8
35.244.159.8
44.205.86.46
50.16.174.192
52.223.40.198
54.88.134.208
63.251.114.136
67.202.105.23
67.202.105.31
67.202.105.33
0037d1fab9ee673e828d406d905933a8024c212b415c716c535ee412b5f15466
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
074ce8b5e65476ca15d17a13d7db004b19c50520972021d24872d44f6ba960a6
08437d97da5ff1cef1652f2c17b9f9205635b95cb664c651526cf4518d835250
0ae87de577266b813f7a6aee87e23149e2f8c6b8963e4bc7b079858d270c0696
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
12ca1fbf21c79f1630db4a0226b808cd69409b14e7912dd745852bfe3d017fad
157b46ddf1ed25fbeb6d00c0b03afa721b304e52e42c7c6f7c4b710038a169cd
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1f85d700c68539225b5f7676a60191e3c1097edd9ebc1c31c01e63bf5221ade6
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2e96d918a986fe65cbd28b4c9b1ce3cc936f185940189d287907e45b7bb25ed4
2ec9d8d19236a815a5b0473e79b1b6823330026a8a564e4074f3f7595abc4ed1
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4223e8178440140140accbdde18d9472237ea1c30d037e7b10547c0377a1c450
4be875db7644445e4e6ff908d3a64711a98bcfdb0eacf84305d3cd1d78a6f805
4f8f8d6b5fdf83bdd043bf828ab3701477e656e41fcc40f6cc79db02b5b4a2ec
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ddf5964d808d94feb569844ab37f50bc804f4a924d2f2a52d3914454271011a
6b9961519970013d5f938fd5a302162e5fbf230a786a84407f9101787af5631c
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
70239f3d901d9e62326e995bf1b120058e3e86ed2052fb03c3882cf7b9fb83b7
7e5b4b19e039a6d325415b8090dcdea8bc113cb5bf575fc4f8096d32cd6faf8f
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84396e0be4820086ad51c9bb6771fe0b76c9eed882f7fd757bc5fec0b7bd646c
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
85d85df9e61ec25caa8e6033bbf255be0036e9af0bec9d8f0cde5f8d6629da3b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
a4214b6949859d8b8e12724c9118cdb31d3ff7bd37b1eeafe52712f0cd84972d
ad284e8164535c43348082924252d4167a9d107463017ea3d3a098b0859317fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2311a446a7bc58eab3a2b66f229a48394c7efc55364541a5b1af2f6b666feb7
b8f4932f20fa0868dd2caaa4e5bde036d3db73868c2132a5f387d87064f0343b
bb61e9665ce2e54efef00815f578d7c84384388e07c669d131b6abc2109b50c8
be9c3f6b34d541295746a5385266bca04310f79909080a3525312e7d6c568626
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c50c2977d887f5c6b409a28287b2a59f2987793d51de42b5a91431433aac51dd
c86be9343f991a2b91d8238e2b458002707a4d38bc8e74ae99d2a58242ba04c4
c95dec29dc49de541910831d3c01144334b6e5cc3cab90dad13b0eff2ffd349e
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
ce18b6906b9773fa4268642a97fcf6b30432b6296209dc661ed37cf41581521e
d7b80fc0bb526a18db036fb061e6ecb380642476767506fd5074b9686cceaea8
db3d21346d5a17dc3502a6a5e7e9b3984f49ded47ed21dd6aefdcab11cc76d65
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
df12f1788d48579ff2d735391648e079812b9289705e9d4c599d98a63247aa29
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9490603bf14cbbfbe1bc8754478a02d8eb24c9b388ba5899506d5ecd53f6aeb
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ed911bff9ca90dd9d2edf034b18e9d660635bd83b1f4699aa9de0186bdb097f3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d52d005d2fdd5cc4c2059c5da0be5aaa49584991ca5f340e7ce786b14641bf
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f6c64e074de3b64c5fc1c0c47caf929f7943325b8cda6e2f26634d9f848fed1a
ff2a99585eccecab6b58446000b81f9e2f626468e673cd2d9fa34c862bc13230